Bring in fixed ASN.1 parser from gcr library

author: Stef Walter <stefw@gnome.org> 2012-10-27 17:46:58 +0200
committer: Stef Walter <stefw@gnome.org> 2012-11-09 12:15:39 +0100
commit: f7d5a800efa856a27ca16378d6bbe9fcb42e501a (patch)
tree: b776ce462aa8bcd77b167951e889a031f9334bb1 /pkcs11
parent: a901798e025389f3c4414406b6144687f85aa552 (diff)
download: gnome-keyring-f7d5a800efa856a27ca16378d6bbe9fcb42e501a.tar.gz
6 files changed, 26 insertions, 48 deletions
diff --git a/pkcs11/gkm/gkm-certificate.c b/pkcs11/gkm/gkm-certificate.c
index e2936f39..481c2e76 100644
--- a/pkcs11/gkm/gkm-certificate.c
+++ b/pkcs11/gkm/gkm-certificate.c
@@ -556,8 +556,8 @@ gkm_certificate_get_extension (GkmCertificate *self, GQuark oid,
 	}
 
 	/* And the extension value */
-	return egg_asn1x_get_raw_value (egg_asn1x_node (self->pv->asn1, "tbsCertificate",
-	                                "extensions", index, "extnValue", NULL));
+	return egg_asn1x_get_string_as_bytes (egg_asn1x_node (self->pv->asn1, "tbsCertificate",
+	                                      "extensions", index, "extnValue", NULL));
 }
 
 const gchar*
diff --git a/pkcs11/gkm/gkm-data-asn1.c b/pkcs11/gkm/gkm-data-asn1.c
index 49629c40..8e31bf75 100644
--- a/pkcs11/gkm/gkm-data-asn1.c
+++ b/pkcs11/gkm/gkm-data-asn1.c
@@ -37,7 +37,7 @@ gkm_data_asn1_read_mpi (GNode *asn, gcry_mpi_t *mpi)
 	g_return_val_if_fail (asn, FALSE);
 	g_return_val_if_fail (mpi, FALSE);
 
-	buf = egg_asn1x_get_raw_value (asn);
+	buf = egg_asn1x_get_integer_as_raw (asn);
 	if (!buf)
 		return FALSE;
 
diff --git a/pkcs11/gkm/gkm-data-der.c b/pkcs11/gkm/gkm-data-der.c
index 62114250..6130d098 100644
--- a/pkcs11/gkm/gkm-data-der.c
+++ b/pkcs11/gkm/gkm-data-der.c
@@ -525,7 +525,7 @@ gkm_data_der_read_private_pkcs8_plain (GBytes *data,
 		goto done;
 	}
 
-	keydata = egg_asn1x_get_raw_value (egg_asn1x_node (asn, "privateKey", NULL));
+	keydata = egg_asn1x_get_string_as_bytes (egg_asn1x_node (asn, "privateKey", NULL));
 	if (!keydata)
 		goto done;
 
@@ -577,7 +577,7 @@ gkm_data_der_read_private_pkcs8_crypted (GBytes *data,
 	GkmDataResult ret, r;
 	GQuark scheme;
 	guchar *crypted = NULL;
-	GBytes *params;
+	GNode *params;
 	GBytes *bytes;
 	gsize n_crypted;
 	gint l;
@@ -597,7 +597,7 @@ gkm_data_der_read_private_pkcs8_crypted (GBytes *data,
 	if (!scheme)
 		goto done;
 
-	params = egg_asn1x_get_element_raw (egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL));
+	params = egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL);
 	if (!params)
 		goto done;
 
@@ -605,7 +605,6 @@ gkm_data_der_read_private_pkcs8_crypted (GBytes *data,
 	 * Parse the encryption stuff into a cipher.
 	 */
 	r = egg_symkey_read_cipher (scheme, password, n_password, params, &cih);
-	g_bytes_unref (params);
 
 	if (r == GKM_DATA_UNRECOGNIZED) {
 		ret = GKM_DATA_FAILURE;
@@ -747,8 +746,7 @@ gkm_data_der_write_private_key_rsa (gcry_sexp_t s_key)
 		goto done;
 
 	/* Write out the version */
-	if (!egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0))
-		goto done;
+	egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0);
 
 	result = egg_asn1x_encode (asn, egg_secure_realloc);
 	if (result == NULL)
@@ -794,8 +792,7 @@ gkm_data_der_write_public_key_dsa (gcry_sexp_t s_key)
 	    !gkm_data_asn1_write_mpi (egg_asn1x_node (asn, "Y", NULL), y))
 		goto done;
 
-	if (!egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0))
-		goto done;
+	egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0);
 
 	result = egg_asn1x_encode (asn, NULL);
 	if (result == NULL)
@@ -901,8 +898,7 @@ gkm_data_der_write_private_key_dsa (gcry_sexp_t s_key)
 	    !gkm_data_asn1_write_mpi (egg_asn1x_node (asn, "priv", NULL), x))
 		goto done;
 
-	if (!egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0))
-		goto done;
+	egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0);
 
 	result = egg_asn1x_encode (asn, egg_secure_realloc);
 	if (result == NULL)
@@ -974,7 +970,6 @@ prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password,
 	guchar salt[8];
 	gcry_error_t gcry;
 	guchar *key, *iv;
-	GBytes *portion;
 	gsize n_key;
 	int iterations;
 
@@ -1006,20 +1001,9 @@ prepare_and_encode_pkcs8_cipher (GNode *asn, const gchar *password,
 	/* Now write out the parameters */
 	asn1_params = egg_asn1x_create (pkix_asn1_tab, "pkcs-12-PbeParams");
 	g_return_val_if_fail (asn1_params, NULL);
-	if (!egg_asn1x_set_string_as_raw (egg_asn1x_node (asn1_params, "salt", NULL), salt, sizeof (salt), NULL))
-		g_return_val_if_reached (NULL);
-	if (!egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn1_params, "iterations", NULL), iterations))
-		g_return_val_if_reached (NULL);
-	portion = egg_asn1x_encode (asn1_params, NULL);
-	if (portion == NULL) {
-		g_warning ("couldn't encode pkcs8 params key: %s", egg_asn1x_message (asn1_params));
-		g_return_val_if_reached (NULL);
-	}
-
-	if (!egg_asn1x_set_element_raw (egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL),
-	                                portion))
-		g_return_val_if_reached (NULL);
-	g_bytes_unref (portion);
+	egg_asn1x_set_string_as_raw (egg_asn1x_node (asn1_params, "salt", NULL), salt, sizeof (salt), NULL);
+	egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn1_params, "iterations", NULL), iterations);
+	egg_asn1x_set_any_from (egg_asn1x_node (asn, "encryptionAlgorithm", "parameters", NULL), asn1_params);
 
 	/* Now make a cipher that matches what we wrote out */
 	gcry = gcry_cipher_open (&cih, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0);
@@ -1058,8 +1042,7 @@ gkm_data_der_write_private_pkcs8_plain (gcry_sexp_t skey)
 	g_return_val_if_fail (asn, NULL);
 
 	/* Write out the version */
-	if (!egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0))
-		g_return_val_if_reached (NULL);
+	egg_asn1x_set_integer_as_ulong (egg_asn1x_node (asn, "version", NULL), 0);
 
 	/* Per algorithm differences */
 	switch (algorithm)
@@ -1089,16 +1072,12 @@ gkm_data_der_write_private_pkcs8_plain (gcry_sexp_t skey)
 
 	/* Write out the parameters */
 	if (params) {
-		if (!egg_asn1x_set_element_raw (egg_asn1x_node (asn, "privateKeyAlgorithm", "parameters", NULL),
-		                                params))
-			g_return_val_if_reached (NULL);
+		egg_asn1x_set_any_raw (egg_asn1x_node (asn, "privateKeyAlgorithm", "parameters", NULL), params);
 		g_bytes_unref (params);
 	}
 
 	/* Write out the key portion */
-	if (!egg_asn1x_set_string_as_bytes (egg_asn1x_node (asn, "privateKey", NULL), key))
-		g_return_val_if_reached (NULL);
-
+	egg_asn1x_set_string_as_bytes (egg_asn1x_node (asn, "privateKey", NULL), key);
 	g_bytes_unref (key);
 
 	data = egg_asn1x_encode (asn, egg_secure_realloc);
@@ -1161,8 +1140,7 @@ gkm_data_der_write_private_pkcs8_crypted (gcry_sexp_t skey,
 	gcry_cipher_close (cih);
 	key = g_bytes_new_with_free_func (raw, n_raw, egg_secure_free, raw);
 
-	if (!egg_asn1x_set_string_as_bytes (egg_asn1x_node (asn, "encryptedData", NULL), key))
-		g_return_val_if_reached (NULL);
+	egg_asn1x_set_string_as_bytes (egg_asn1x_node (asn, "encryptedData", NULL), key);
 
 	g_bytes_unref (key);
 
diff --git a/pkcs11/gkm/tests/test-data-der.c b/pkcs11/gkm/tests/test-data-der.c
index 2370c1ef..03407392 100644
--- a/pkcs11/gkm/tests/test-data-der.c
+++ b/pkcs11/gkm/tests/test-data-der.c
@@ -373,7 +373,7 @@ find_extension (GNode *asn,
 		if (strcmp (exoid, oid) == 0) {
 			g_free (exoid);
 			node = egg_asn1x_node (asn, "tbsCertificate", "extensions", index, "extnValue", NULL);
-			value = egg_asn1x_get_raw_value (node);
+			value = egg_asn1x_get_any_raw (node, NULL);
 			g_assert (value);
 			return value;
 		}
@@ -392,7 +392,7 @@ test_read_basic_constraints (Test *test, gconstpointer unused)
 	gint path_len;
 	GkmDataResult res;
 
-	extension = egg_asn1x_get_raw_value (egg_asn1x_node (test->certificate, "tbsCertificate", "extensions", 1, "extnValue", NULL));
+	extension = egg_asn1x_get_any_raw (egg_asn1x_node (test->certificate, "tbsCertificate", "extensions", 1, "extnValue", NULL), NULL);
 	g_assert (extension != NULL);
 
 	res = gkm_data_der_read_basic_constraints (extension, &is_ca, &path_len);
diff --git a/pkcs11/xdg-store/gkm-xdg-trust.c b/pkcs11/xdg-store/gkm-xdg-trust.c
index d885bbd7..d8d10f85 100644
--- a/pkcs11/xdg-store/gkm-xdg-trust.c
+++ b/pkcs11/xdg-store/gkm-xdg-trust.c
@@ -503,9 +503,9 @@ save_assertion (GNode *asn, GkmAssertion *assertion)
 	peer = gkm_assertion_get_peer (assertion);
 
 	if (!egg_asn1x_set_string_as_utf8 (egg_asn1x_node (asn, "purpose", NULL),
-	                                   g_strdup (purpose), g_free) ||
-	    !egg_asn1x_set_enumerated (egg_asn1x_node (asn, "level", NULL), level))
+	                                   g_strdup (purpose), g_free))
 		g_return_val_if_reached (FALSE);
+	egg_asn1x_set_enumerated (egg_asn1x_node (asn, "level", NULL), level);
 
 	if (peer && !egg_asn1x_set_string_as_utf8 (egg_asn1x_node (asn, "peer", NULL),
 	                                           g_strdup (peer), g_free))
@@ -557,7 +557,7 @@ create_trust_for_reference (GkmModule *module, GkmManager *manager,
 	g_bytes_unref (bytes);
 
 	bytes = g_bytes_new (issuer->pValue, issuer->ulValueLen);
-	egg_asn1x_set_element_raw (egg_asn1x_node (node, "issuer", NULL), bytes);
+	egg_asn1x_set_any_raw (egg_asn1x_node (node, "issuer", NULL), bytes);
 	g_bytes_unref (bytes);
 
 	trust = g_object_new (GKM_XDG_TYPE_TRUST, "module", module, "manager", manager, NULL);
@@ -589,7 +589,7 @@ create_trust_for_complete (GkmModule *module, GkmManager *manager,
 
 	egg_asn1x_set_choice (ref, node);
 	bytes = g_bytes_new (cert->pValue, cert->ulValueLen);
-	egg_asn1x_set_element_raw (node, bytes);
+	egg_asn1x_set_any_raw (node, bytes);
 	g_bytes_unref (bytes);
 
 	trust = g_object_new (GKM_XDG_TYPE_TRUST, "module", module, "manager", manager, NULL);
diff --git a/pkcs11/xdg-store/tests/frob-trust-file.c b/pkcs11/xdg-store/tests/frob-trust-file.c
index a6d226a5..79232c6a 100644
--- a/pkcs11/xdg-store/tests/frob-trust-file.c
+++ b/pkcs11/xdg-store/tests/frob-trust-file.c
@@ -68,7 +68,7 @@ create_trust_file_for_certificate (const gchar *filename, const gchar *certifica
 	ref = egg_asn1x_node (asn, "reference", NULL);
 	choice = egg_asn1x_node (ref, "certComplete", NULL);
 
-	if (!egg_asn1x_set_choice (ref, choice) || !egg_asn1x_set_element_raw (choice, bytes))
+	if (!egg_asn1x_set_choice (ref, choice) || !egg_asn1x_set_any_raw (choice, bytes))
 		g_return_if_reached ();
 
 	g_bytes_unref (bytes);
@@ -129,7 +129,7 @@ create_trust_file_for_issuer_and_serial (const gchar *filename, const gchar *cer
 
 	/* Copy over the serial and issuer */
 	element = egg_asn1x_get_element_raw (issuer);
-	if (!egg_asn1x_set_element_raw (egg_asn1x_node (choice, "issuer", NULL), element))
+	if (!egg_asn1x_set_any_raw (egg_asn1x_node (choice, "issuer", NULL), element))
 		g_return_if_reached ();
 	g_bytes_unref (element);
 
@@ -178,9 +178,9 @@ add_trust_purpose_to_file (const gchar *filename, const gchar *purpose)
 	assertion = egg_asn1x_append (egg_asn1x_node (asn, "assertions", NULL));
 	g_return_if_fail (assertion);
 
-	if (!egg_asn1x_set_string_as_utf8 (egg_asn1x_node (assertion, "purpose", NULL), g_strdup (purpose), g_free) ||
-	    !egg_asn1x_set_enumerated (egg_asn1x_node (assertion, "level", NULL), g_quark_from_string ("trusted")))
+	if (!egg_asn1x_set_string_as_utf8 (egg_asn1x_node (assertion, "purpose", NULL), g_strdup (purpose), g_free))
 		g_return_if_reached ();
+	egg_asn1x_set_enumerated (egg_asn1x_node (assertion, "level", NULL), g_quark_from_string ("trusted"));
 
 	result = egg_asn1x_encode (asn, NULL);
 	if (result == NULL)
author	Stef Walter <stefw@gnome.org>	2012-10-27 17:46:58 +0200
committer	Stef Walter <stefw@gnome.org>	2012-11-09 12:15:39 +0100
commit	f7d5a800efa856a27ca16378d6bbe9fcb42e501a (patch)
tree	b776ce462aa8bcd77b167951e889a031f9334bb1 /pkcs11
parent	a901798e025389f3c4414406b6144687f85aa552 (diff)
download	gnome-keyring-f7d5a800efa856a27ca16378d6bbe9fcb42e501a.tar.gz