diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-06-28 09:28:37 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-06-28 09:32:45 +0200 |
| commit | af914f737edd8f68bd57b33e123731728941eebf (patch) | |
| tree | bf5ce51ce9ac3b4fcf9aacb2dc4272d0f9e23a6c | |
| parent | 860fd3b9e4e53a333b3fc437e5fba7202ce6c252 (diff) | |
| download | gnutls-af914f737edd8f68bd57b33e123731728941eebf.tar.gz | |
find_cert_cb: minor cleanups in find_cert_cb
| -rw-r--r-- | lib/pkcs11.c | 56 |
1 files changed, 28 insertions, 28 deletions
diff --git a/lib/pkcs11.c b/lib/pkcs11.c index d0dc001a0d..e0c18197d9 100644 --- a/lib/pkcs11.c +++ b/lib/pkcs11.c @@ -3348,30 +3348,37 @@ find_cert_cb(struct pkcs11_session_info *sinfo, break; } - a[0].type = CKA_LABEL; - a[0].value = label_tmp; - a[0].value_len = sizeof(label_tmp); - - a[1].type = CKA_ID; - a[1].value = id_tmp; - a[1].value_len = sizeof(id_tmp); - /* data will contain the certificate */ rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, obj, CKA_VALUE, &data); - if (rv == CKR_OK && pkcs11_get_attribute_value - (sinfo->module, sinfo->pks, obj, a, - 2) == CKR_OK) { - label.data = a[0].value; - label.size = a[0].value_len; - id.data = a[1].value; - id.size = a[1].value_len; + if (rv == CKR_OK) { + ret = check_found_cert(priv, &data, now); + if (ret < 0) { + _gnutls_free_datum(&data); + continue; + } - found = 1; - break; - } else { - _gnutls_debug_log - ("p11: Skipped cert, missing attrs.\n"); + a[0].type = CKA_LABEL; + a[0].value = label_tmp; + a[0].value_len = sizeof(label_tmp); + + a[1].type = CKA_ID; + a[1].value = id_tmp; + a[1].value_len = sizeof(id_tmp); + + if (pkcs11_get_attribute_value(sinfo->module, sinfo->pks, obj, a, 2) == CKR_OK) { + label.data = a[0].value; + label.size = a[0].value_len; + id.data = a[1].value; + id.size = a[1].value_len; + + found = 1; + break; + } else { + _gnutls_free_datum(&data); + _gnutls_debug_log + ("p11: Skipped cert, missing attrs.\n"); + } } } @@ -3379,14 +3386,7 @@ find_cert_cb(struct pkcs11_session_info *sinfo, finalized = 1; if (found != 0) { - ret = check_found_cert(priv, &data, now); - if (ret < 0) { - _gnutls_free_datum(&data); - found = 0; - continue; - } - - if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT) { + if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT && data.size > 0) { gnutls_datum_t spki; rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, obj, CKA_PUBLIC_KEY_INFO, &spki); if (rv == CKR_OK) { |