diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-05-16 11:44:27 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-05-16 11:44:27 +0200 |
commit | a9da7d371dc9270dbb55d61a42ac130a7d4365df (patch) | |
tree | 8e12991dbb2c9e2517e9e114f9adf432a64f1ae8 | |
parent | 0b9c265d62e4e72fdbfa24b0bae8843a63c0f4b3 (diff) | |
download | gnutls-a9da7d371dc9270dbb55d61a42ac130a7d4365df.tar.gz |
Corrections in openpgp private key usage.
-rw-r--r-- | lib/auth_cert.h | 3 | ||||
-rw-r--r-- | lib/gnutls_x509.c | 20 | ||||
-rw-r--r-- | lib/openpgp/gnutls_openpgp.c | 58 |
3 files changed, 33 insertions, 48 deletions
diff --git a/lib/auth_cert.h b/lib/auth_cert.h index ba3599b1db..205eaa748d 100644 --- a/lib/auth_cert.h +++ b/lib/auth_cert.h @@ -167,4 +167,7 @@ int _gnutls_get_auth_info_gcert (gnutls_cert * gcert, cert_auth_info_t info, int flags /* OR of ConvFlags */ ); +int certificate_credential_append_crt_list( gnutls_certificate_credentials_t res, gnutls_cert *crt, int nr); +int certificate_credentials_append_pkey( gnutls_certificate_credentials_t res, gnutls_privkey_t pkey); + #endif diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index 6cb96daf4e..b2ae575501 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -46,8 +46,6 @@ #include "x509/x509_int.h" #include "read-file.h" -static int append_crt_list( gnutls_certificate_credentials_t res, gnutls_cert *crt, int nr); -static int append_pkey( gnutls_certificate_credentials_t res, gnutls_privkey_t pkey); /* * some x509 certificate parsing functions. @@ -272,7 +270,7 @@ parse_der_cert_mem (gnutls_certificate_credentials_t res, return ret; } - ret = append_crt_list(res, ccert, 1); + ret = certificate_credential_append_crt_list(res, ccert, 1); if (ret < 0) { gnutls_assert(); @@ -372,7 +370,7 @@ parse_pem_cert_mem (gnutls_certificate_credentials_t res, } while (ptr != NULL); - ret = append_crt_list(res, certs, count); + ret = certificate_credential_append_crt_list(res, certs, count); if (ret < 0) { gnutls_assert(); @@ -485,7 +483,7 @@ read_key_mem (gnutls_certificate_credentials_t res, return ret; } - ret = append_pkey(res, privkey); + ret = certificate_credentials_append_pkey(res, privkey); if (ret < 0) { gnutls_assert (); @@ -543,7 +541,7 @@ static int read_key_url (gnutls_certificate_credentials_t res, const char* url) goto cleanup; } - ret = append_pkey(res, pkey); + ret = certificate_credentials_append_pkey(res, pkey); if (ret < 0) { gnutls_assert(); @@ -604,7 +602,7 @@ gnutls_cert * ccert; return ret; } - ret = append_crt_list(res, ccert, 1); + ret = certificate_credential_append_crt_list(res, ccert, 1); if (ret < 0) { gnutls_assert(); @@ -734,7 +732,7 @@ gnutls_certificate_set_x509_key_mem (gnutls_certificate_credentials_t res, return 0; } -static int append_crt_list( gnutls_certificate_credentials_t res, gnutls_cert *crt, int nr) +int certificate_credential_append_crt_list( gnutls_certificate_credentials_t res, gnutls_cert *crt, int nr) { res->cert_list = gnutls_realloc_fast (res->cert_list, (1 + @@ -762,7 +760,7 @@ static int append_crt_list( gnutls_certificate_credentials_t res, gnutls_cert *c } -static int append_pkey( gnutls_certificate_credentials_t res, gnutls_privkey_t pkey) +int certificate_credentials_append_pkey( gnutls_certificate_credentials_t res, gnutls_privkey_t pkey) { res->pkey = gnutls_realloc_fast (res->pkey, (1 + res->ncerts) * @@ -824,7 +822,7 @@ gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res, return ret; } - ret = append_pkey(res, pkey); + ret = certificate_credentials_append_pkey(res, pkey); if (ret < 0) { gnutls_assert (); @@ -849,7 +847,7 @@ gnutls_certificate_set_x509_key (gnutls_certificate_credentials_t res, } } - ret = append_crt_list(res, pcerts, cert_list_size); + ret = certificate_credential_append_crt_list(res, pcerts, cert_list_size); if (ret < 0) { gnutls_assert(); diff --git a/lib/openpgp/gnutls_openpgp.c b/lib/openpgp/gnutls_openpgp.c index d98d112b5c..7ca3f20e79 100644 --- a/lib/openpgp/gnutls_openpgp.c +++ b/lib/openpgp/gnutls_openpgp.c @@ -137,66 +137,51 @@ gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t res, gnutls_openpgp_privkey_t pkey) { int ret; - + gnutls_privkey_t privkey; + gnutls_cert *ccert; /* this should be first */ - res->pkey = gnutls_realloc_fast (res->pkey, - (res->ncerts + 1) * - sizeof (gnutls_privkey_t)); - if (res->pkey == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = gnutls_privkey_init(&res->pkey[res->ncerts]); + ret = gnutls_privkey_init(&privkey); if (ret < 0) { gnutls_assert(); return ret; } - ret = gnutls_privkey_import_openpgp (res->pkey[res->ncerts], pkey, 0); + ret = gnutls_privkey_import_openpgp (privkey, pkey, GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE); if (ret < 0) { - gnutls_privkey_deinit(res->pkey[res->ncerts]); + gnutls_privkey_deinit(privkey); gnutls_assert (); return ret; } + - res->cert_list = gnutls_realloc_fast (res->cert_list, - (1 + - res->ncerts) * - sizeof (gnutls_cert *)); - if (res->cert_list == NULL) - { - gnutls_assert (); - /* memory leak here? */ - return GNUTLS_E_MEMORY_ERROR; - } - - res->cert_list_length = gnutls_realloc_fast (res->cert_list_length, - (1 + - res->ncerts) * sizeof (int)); - if (res->cert_list_length == NULL) + ccert = gnutls_calloc (1, sizeof (gnutls_cert)); + if (ccert == NULL) { gnutls_assert (); + gnutls_privkey_deinit(privkey); return GNUTLS_E_MEMORY_ERROR; } - res->cert_list[res->ncerts] = gnutls_calloc (1, sizeof (gnutls_cert)); - if (res->cert_list[res->ncerts] == NULL) + ret = _gnutls_openpgp_crt_to_gcert (ccert, crt); + if (ret < 0) { gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; + gnutls_free(ccert); + gnutls_privkey_deinit(privkey); + return ret; } - res->cert_list_length[res->ncerts] = 1; + ret = certificate_credentials_append_pkey(res, privkey); + if (ret >=0) ret = certificate_credential_append_crt_list(res, ccert, 1); - ret = _gnutls_openpgp_crt_to_gcert (res->cert_list[res->ncerts], crt); if (ret < 0) { - gnutls_assert (); + gnutls_assert(); + gnutls_free(ccert); + gnutls_privkey_deinit(privkey); return ret; } @@ -440,7 +425,6 @@ gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t res, ret = gnutls_certificate_set_openpgp_key (res, crt, pkey); - gnutls_openpgp_privkey_deinit (pkey); gnutls_openpgp_crt_deinit (crt); return ret; @@ -869,8 +853,8 @@ gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key, gnutls_datum_t * signature) { int result, i; - bigint_t params[MAX_PUBLIC_PARAMS_SIZE]; - int params_size = MAX_PUBLIC_PARAMS_SIZE; + bigint_t params[MAX_PRIV_PARAMS_SIZE]; + int params_size = MAX_PRIV_PARAMS_SIZE; int pk_algorithm; gnutls_openpgp_keyid_t keyid; |