diff options
141 files changed, 6707 insertions, 6049 deletions
@@ -20,7 +20,7 @@ CFGFLAGS ?= --enable-developer-mode --enable-gtk-doc --disable-guile -INDENT_SOURCES = `ls includes/gnutls/*.h{,.in} {lib,lib/x509,libextra,libextra/openpgp,src,tests}/*.{c,h} | grep -v -- -gaa` +INDENT_SOURCES = `find . -name \*.c|grep -v -e ^./lgl -e ^./gl -e ^./src/cfg -e -gaa.c -e asn1_tab.c` ifeq ($(.DEFAULT_GOAL),abort-due-to-no-makefile) .DEFAULT_GOAL := bootstrap diff --git a/doc/examples/ex-cert-select.c b/doc/examples/ex-cert-select.c index 619af96a97..60c2881379 100644 --- a/doc/examples/ex-cert-select.c +++ b/doc/examples/ex-cert-select.c @@ -54,24 +54,25 @@ load_file (const char *file) long filelen; void *ptr; - if (!(f = fopen(file, "r")) - || fseek(f, 0, SEEK_END) != 0 - || (filelen = ftell(f)) < 0 - || fseek(f, 0, SEEK_SET) != 0 - || !(ptr = malloc((size_t)filelen)) - || fread(ptr, 1, (size_t)filelen, f) < (size_t)filelen) + if (!(f = fopen (file, "r")) + || fseek (f, 0, SEEK_END) != 0 + || (filelen = ftell (f)) < 0 + || fseek (f, 0, SEEK_SET) != 0 + || !(ptr = malloc ((size_t) filelen)) + || fread (ptr, 1, (size_t) filelen, f) < (size_t) filelen) { return loaded_file; } loaded_file.data = ptr; - loaded_file.size = (unsigned int)filelen; + loaded_file.size = (unsigned int) filelen; return loaded_file; } -static void unload_file(gnutls_datum_t data) +static void +unload_file (gnutls_datum_t data) { - free(data.data); + free (data.data); } /* Load the certificate and the private key. @@ -140,7 +141,7 @@ main (void) gnutls_certificate_allocate_credentials (&xcred); /* priorities */ - gnutls_priority_init( &priorities_cache, "NORMAL", NULL); + gnutls_priority_init (&priorities_cache, "NORMAL", NULL); /* sets the trusted cas file @@ -211,7 +212,7 @@ end: gnutls_deinit (session); gnutls_certificate_free_credentials (xcred); - gnutls_priority_deinit( priorities_cache); + gnutls_priority_deinit (priorities_cache); gnutls_global_deinit (); diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c index be718e0bde..7ee2b01435 100644 --- a/doc/examples/ex-client-psk.c +++ b/doc/examples/ex-client-psk.c @@ -50,12 +50,14 @@ main (void) /* Use default priorities */ ret = gnutls_priority_set_direct (session, "PERFORMANCE", &err); - if (ret < 0) { - if (ret == GNUTLS_E_INVALID_REQUEST) { - fprintf(stderr, "Syntax error at: %s\n", err); + if (ret < 0) + { + if (ret == GNUTLS_E_INVALID_REQUEST) + { + fprintf (stderr, "Syntax error at: %s\n", err); + } + exit (1); } - exit(1); - } /* put the x509 credentials to the current session */ diff --git a/doc/examples/ex-client-tlsia.c b/doc/examples/ex-client-tlsia.c index 7736e732b4..dd81ca0d23 100644 --- a/doc/examples/ex-client-tlsia.c +++ b/doc/examples/ex-client-tlsia.c @@ -31,13 +31,11 @@ extern void tcp_close (int sd); int client_avp (gnutls_session_t session, void *ptr, - const char *last, size_t lastlen, - char **new, size_t *newlen) + const char *last, size_t lastlen, char **new, size_t * newlen) { if (last) - printf ("- received %d bytes AVP: `%.*s'\n", - lastlen, lastlen, last); + printf ("- received %d bytes AVP: `%.*s'\n", lastlen, lastlen, last); else printf ("- new application phase\n"); diff --git a/doc/examples/ex-client1.c b/doc/examples/ex-client1.c index 69f6b439f8..3f0ca13194 100644 --- a/doc/examples/ex-client1.c +++ b/doc/examples/ex-client1.c @@ -46,7 +46,8 @@ main (void) gnutls_init (&session, GNUTLS_CLIENT); /* Use default priorities */ - gnutls_priority_set_direct (session, "PERFORMANCE:+ANON-DH:!ARCFOUR-128", NULL); + gnutls_priority_set_direct (session, "PERFORMANCE:+ANON-DH:!ARCFOUR-128", + NULL); /* put the anonymous credentials to the current session */ diff --git a/doc/examples/ex-client2.c b/doc/examples/ex-client2.c index 7823e46ebf..f70e826a93 100644 --- a/doc/examples/ex-client2.c +++ b/doc/examples/ex-client2.c @@ -52,12 +52,14 @@ main (void) /* Use default priorities */ ret = gnutls_priority_set_direct (session, "PERFORMANCE", &err); - if (ret < 0) { - if (ret == GNUTLS_E_INVALID_REQUEST) { - fprintf(stderr, "Syntax error at: %s\n", err); + if (ret < 0) + { + if (ret == GNUTLS_E_INVALID_REQUEST) + { + fprintf (stderr, "Syntax error at: %s\n", err); + } + exit (1); } - exit(1); - } /* put the x509 credentials to the current session */ diff --git a/doc/examples/ex-serv-export.c b/doc/examples/ex-serv-export.c index 13f5308cca..2028283595 100644 --- a/doc/examples/ex-serv-export.c +++ b/doc/examples/ex-serv-export.c @@ -19,7 +19,7 @@ #include <string.h> #include <unistd.h> #include <gnutls/gnutls.h> -#include <gcrypt.h> /* for gcry_control */ +#include <gcrypt.h> /* for gcry_control */ #define KEYFILE "key.pem" #define CERTFILE "cert.pem" @@ -56,7 +56,7 @@ initialize_tls_session (void) /* Use the default priorities, plus, export cipher suites. */ - gnutls_priority_set_direct( session, "EXPORT", NULL); + gnutls_priority_set_direct (session, "EXPORT", NULL); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cert_cred); @@ -90,13 +90,12 @@ static char srp_dh_group2048[] = "KRipli8Lk7hV+XmT7Jde6qgNdArb9P90c1nQQdXDPqcdKB5EaxR3O8qXtDoj+4AW\n" "dr0gekNsZIHx0rkHhxdGGludMuaI+HdIVEUjtSSw1X1ep3onddLs+gMs+9v1L7N4\n" "YWAnkATleuavh05zA85TKZzMBBx7wwjYKlaY86jQw4JxrjX46dv7tpS1yAPYn3rk\n" - "Nd4jbVJfVHWbZeNy/NaO8g+nER+eSv9zAgEC\n" - "-----END DH PARAMETERS-----\n"; - + "Nd4jbVJfVHWbZeNy/NaO8g+nER+eSv9zAgEC\n" "-----END DH PARAMETERS-----\n"; + int generate_dh_params (void) { -gnutls_datum_t dparams = { srp_dh_group2048, sizeof( srp_dh_group2048) }; + gnutls_datum_t dparams = { srp_dh_group2048, sizeof (srp_dh_group2048) }; /* Here instead of generating Diffie Hellman parameters (for use with DHE * kx algorithms) we import them. */ diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c index c98b5aaf99..6e04732e88 100644 --- a/doc/examples/ex-serv-pgp.c +++ b/doc/examples/ex-serv-pgp.c @@ -61,7 +61,7 @@ initialize_tls_session (void) gnutls_init (&session, GNUTLS_SERVER); - gnutls_priority_set_direct(session, "NORMAL", NULL); + gnutls_priority_set_direct (session, "NORMAL", NULL); /* request client certificate if any. */ @@ -93,9 +93,11 @@ main (void) gnutls_global_init (); gnutls_certificate_allocate_credentials (&cred); - gnutls_certificate_set_openpgp_keyring_file (cred, RINGFILE, GNUTLS_OPENPGP_FMT_BASE64); + gnutls_certificate_set_openpgp_keyring_file (cred, RINGFILE, + GNUTLS_OPENPGP_FMT_BASE64); - gnutls_certificate_set_openpgp_key_file (cred, CERTFILE, KEYFILE, GNUTLS_OPENPGP_FMT_BASE64); + gnutls_certificate_set_openpgp_key_file (cred, CERTFILE, KEYFILE, + GNUTLS_OPENPGP_FMT_BASE64); generate_dh_params (); diff --git a/doc/examples/ex-serv-psk.c b/doc/examples/ex-serv-psk.c index a5ef67db68..72cfa77b2e 100644 --- a/doc/examples/ex-serv-psk.c +++ b/doc/examples/ex-serv-psk.c @@ -19,7 +19,7 @@ #include <string.h> #include <unistd.h> #include <gnutls/gnutls.h> -#include <gcrypt.h> /* for gcry_control */ +#include <gcrypt.h> /* for gcry_control */ #define KEYFILE "key.pem" #define CERTFILE "cert.pem" @@ -129,7 +129,7 @@ main (void) generate_dh_params (); - gnutls_priority_init( &priority_cache, "NORMAL:PSK", NULL); + gnutls_priority_init (&priority_cache, "NORMAL:PSK", NULL); gnutls_certificate_set_dh_params (x509_cred, dh_params); @@ -217,7 +217,7 @@ main (void) gnutls_certificate_free_credentials (x509_cred); gnutls_psk_free_server_credentials (psk_cred); - gnutls_priority_deinit(priority_cache); + gnutls_priority_deinit (priority_cache); gnutls_global_deinit (); diff --git a/doc/examples/ex-serv1.c b/doc/examples/ex-serv1.c index 2ea0b7f82e..a9e3124711 100644 --- a/doc/examples/ex-serv1.c +++ b/doc/examples/ex-serv1.c @@ -19,7 +19,7 @@ #include <string.h> #include <unistd.h> #include <gnutls/gnutls.h> -#include <gcrypt.h> /* for gcry_control */ +#include <gcrypt.h> /* for gcry_control */ #define KEYFILE "key.pem" #define CERTFILE "cert.pem" @@ -54,11 +54,11 @@ initialize_tls_session (void) /* request client certificate if any. */ gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - + /* Set maximum compatibility mode. This is only suggested on public webservers * that need to trade security for compatibility */ - gnutls_session_enable_compatibility_mode( session); + gnutls_session_enable_compatibility_mode (session); return session; } @@ -115,7 +115,7 @@ main (void) generate_dh_params (); - gnutls_priority_init( &priority_cache, "NORMAL", NULL); + gnutls_priority_init (&priority_cache, "NORMAL", NULL); gnutls_certificate_set_dh_params (x509_cred, dh_params); @@ -201,7 +201,7 @@ main (void) close (listen_sd); gnutls_certificate_free_credentials (x509_cred); - gnutls_priority_deinit(priority_cache); + gnutls_priority_deinit (priority_cache); gnutls_global_deinit (); diff --git a/guile/src/core.c b/guile/src/core.c index fdaca363f9..b7e60a9efa 100644 --- a/guile/src/core.c +++ b/guile/src/core.c @@ -28,15 +28,15 @@ #include "smobs.h" #include "errors.h" #include "utils.h" + - /* SMOB and enums type definitions. */ #include "enum-map.i.c" #include "smob-types.i.c" const char scm_gnutls_array_error_message[] = - "cannot handle non-contiguous array: ~A"; + "cannot handle non-contiguous array: ~A"; /* Data that are attached to `gnutls_session_t' objects. @@ -71,9 +71,9 @@ const char scm_gnutls_array_error_message[] = scm_to_bool (SCM_CAR (SCM_GNUTLS_SESSION_DATA (c_session))) #define SCM_GNUTLS_SESSION_RECORD_PORT(c_session) \ SCM_CDR (SCM_GNUTLS_SESSION_DATA (c_session)) + - /* Bindings. */ /* Mark the data associated with SESSION. */ @@ -94,6 +94,7 @@ SCM_DEFINE (scm_gnutls_version, "gnutls-version", 0, 0, 0, { return (scm_from_locale_string (gnutls_check_version (NULL))); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_make_session, "make-session", 1, 0, 0, @@ -119,6 +120,7 @@ SCM_DEFINE (scm_gnutls_make_session, "make-session", 1, 0, 0, return (scm_from_gnutls_session (c_session)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_bye, "bye", 2, 0, 0, @@ -139,11 +141,11 @@ SCM_DEFINE (scm_gnutls_bye, "bye", 2, 0, 0, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_handshake, "handshake", 1, 0, 0, - (SCM session), - "Perform a handshake for @var{session}.") + (SCM session), "Perform a handshake for @var{session}.") #define FUNC_NAME s_scm_gnutls_handshake { int err; @@ -157,11 +159,11 @@ SCM_DEFINE (scm_gnutls_handshake, "handshake", 1, 0, 0, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_rehandshake, "rehandshake", 1, 0, 0, - (SCM session), - "Perform a re-handshaking for @var{session}.") + (SCM session), "Perform a re-handshaking for @var{session}.") #define FUNC_NAME s_scm_gnutls_rehandshake { int err; @@ -175,11 +177,11 @@ SCM_DEFINE (scm_gnutls_rehandshake, "rehandshake", 1, 0, 0, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_alert_get, "alert-get", 1, 0, 0, - (SCM session), - "Get an aleter from @var{session}.") + (SCM session), "Get an aleter from @var{session}.") #define FUNC_NAME s_scm_gnutls_alert_get { gnutls_session_t c_session; @@ -191,6 +193,7 @@ SCM_DEFINE (scm_gnutls_alert_get, "alert-get", 1, 0, 0, return (scm_from_gnutls_alert_description (c_alert)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_alert_send, "alert-send", 3, 0, 0, @@ -213,16 +216,16 @@ SCM_DEFINE (scm_gnutls_alert_send, "alert-send", 3, 0, 0, return SCM_UNSPECIFIED; } + #undef FUNC_NAME /* FIXME: Omitting `alert-send-appropriate'. */ - + /* Session accessors. */ SCM_DEFINE (scm_gnutls_session_cipher, "session-cipher", 1, 0, 0, - (SCM session), - "Return @var{session}'s cipher.") + (SCM session), "Return @var{session}'s cipher.") #define FUNC_NAME s_scm_gnutls_session_cipher { gnutls_session_t c_session; @@ -234,11 +237,11 @@ SCM_DEFINE (scm_gnutls_session_cipher, "session-cipher", 1, 0, 0, return (scm_from_gnutls_cipher (c_cipher)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_kx, "session-kx", 1, 0, 0, - (SCM session), - "Return @var{session}'s kx.") + (SCM session), "Return @var{session}'s kx.") #define FUNC_NAME s_scm_gnutls_session_kx { gnutls_session_t c_session; @@ -250,11 +253,11 @@ SCM_DEFINE (scm_gnutls_session_kx, "session-kx", 1, 0, 0, return (scm_from_gnutls_kx (c_kx)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_mac, "session-mac", 1, 0, 0, - (SCM session), - "Return @var{session}'s MAC.") + (SCM session), "Return @var{session}'s MAC.") #define FUNC_NAME s_scm_gnutls_session_mac { gnutls_session_t c_session; @@ -266,12 +269,12 @@ SCM_DEFINE (scm_gnutls_session_mac, "session-mac", 1, 0, 0, return (scm_from_gnutls_mac (c_mac)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_compression_method, "session-compression-method", 1, 0, 0, - (SCM session), - "Return @var{session}'s compression method.") + (SCM session), "Return @var{session}'s compression method.") #define FUNC_NAME s_scm_gnutls_session_compression_method { gnutls_session_t c_session; @@ -283,12 +286,12 @@ SCM_DEFINE (scm_gnutls_session_compression_method, return (scm_from_gnutls_compression_method (c_comp)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_certificate_type, "session-certificate-type", 1, 0, 0, - (SCM session), - "Return @var{session}'s certificate type.") + (SCM session), "Return @var{session}'s certificate type.") #define FUNC_NAME s_scm_gnutls_session_certificate_type { gnutls_session_t c_session; @@ -300,11 +303,11 @@ SCM_DEFINE (scm_gnutls_session_certificate_type, return (scm_from_gnutls_certificate_type (c_cert)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_protocol, "session-protocol", 1, 0, 0, - (SCM session), - "Return the protocol used by @var{session}.") + (SCM session), "Return the protocol used by @var{session}.") #define FUNC_NAME s_scm_gnutls_session_protocol { gnutls_session_t c_session; @@ -316,6 +319,7 @@ SCM_DEFINE (scm_gnutls_session_protocol, "session-protocol", 1, 0, 0, return (scm_from_gnutls_protocol (c_protocol)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_authentication_type, @@ -335,6 +339,7 @@ SCM_DEFINE (scm_gnutls_session_authentication_type, return (scm_from_gnutls_credentials (c_auth)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_server_authentication_type, @@ -354,6 +359,7 @@ SCM_DEFINE (scm_gnutls_session_server_authentication_type, return (scm_from_gnutls_credentials (c_auth)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_client_authentication_type, @@ -373,6 +379,7 @@ SCM_DEFINE (scm_gnutls_session_client_authentication_type, return (scm_from_gnutls_credentials (c_auth)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_peer_certificate_chain, @@ -405,9 +412,7 @@ SCM_DEFINE (scm_gnutls_session_peer_certificate_chain, result = scm_make_list (scm_from_uint (c_list_size), SCM_UNSPECIFIED); - for (i = 0, pair = result; - i < c_list_size; - i++, pair = SCM_CDR (pair)) + for (i = 0, pair = result; i < c_list_size; i++, pair = SCM_CDR (pair)) { unsigned char *c_cert_copy; @@ -423,6 +428,7 @@ SCM_DEFINE (scm_gnutls_session_peer_certificate_chain, return result; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_session_our_certificate_chain, @@ -462,6 +468,7 @@ SCM_DEFINE (scm_gnutls_session_our_certificate_chain, return result; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_server_session_certificate_request_x, @@ -484,17 +491,17 @@ SCM_DEFINE (scm_gnutls_set_server_session_certificate_request_x, return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Choice of a protocol and cipher suite. */ #include "priorities.i.c" SCM_DEFINE (scm_gnutls_set_default_priority_x, "set-session-default-priority!", 1, 0, 0, - (SCM session), - "Have @var{session} use the default priorities.") + (SCM session), "Have @var{session} use the default priorities.") #define FUNC_NAME s_scm_gnutls_set_default_priority_x { gnutls_session_t c_session; @@ -504,6 +511,7 @@ SCM_DEFINE (scm_gnutls_set_default_priority_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_default_export_priority_x, @@ -519,6 +527,7 @@ SCM_DEFINE (scm_gnutls_set_default_export_priority_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_cipher_suite_to_string, "cipher-suite->string", @@ -540,6 +549,7 @@ SCM_DEFINE (scm_gnutls_cipher_suite_to_string, "cipher-suite->string", return (scm_from_locale_string (c_name)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_session_credentials_x, "set-session-credentials!", @@ -557,11 +567,13 @@ SCM_DEFINE (scm_gnutls_set_session_credentials_x, "set-session-credentials!", { gnutls_certificate_credentials_t c_cred; - c_cred = scm_to_gnutls_certificate_credentials (cred, 2, - FUNC_NAME); - err = gnutls_credentials_set (c_session, GNUTLS_CRD_CERTIFICATE, c_cred); + c_cred = scm_to_gnutls_certificate_credentials (cred, 2, FUNC_NAME); + err = + gnutls_credentials_set (c_session, GNUTLS_CRD_CERTIFICATE, c_cred); } - else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_anonymous_client_credentials, cred)) + else + if (SCM_SMOB_PREDICATE + (scm_tc16_gnutls_anonymous_client_credentials, cred)) { gnutls_anon_client_credentials_t c_cred; @@ -579,41 +591,33 @@ SCM_DEFINE (scm_gnutls_set_session_credentials_x, "set-session-credentials!", err = gnutls_credentials_set (c_session, GNUTLS_CRD_ANON, c_cred); } #ifdef ENABLE_SRP - else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_srp_client_credentials, - cred)) + else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_srp_client_credentials, cred)) { gnutls_srp_client_credentials_t c_cred; - c_cred = scm_to_gnutls_srp_client_credentials (cred, 2, - FUNC_NAME); + c_cred = scm_to_gnutls_srp_client_credentials (cred, 2, FUNC_NAME); err = gnutls_credentials_set (c_session, GNUTLS_CRD_SRP, c_cred); } - else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_srp_server_credentials, - cred)) + else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_srp_server_credentials, cred)) { gnutls_srp_server_credentials_t c_cred; - c_cred = scm_to_gnutls_srp_server_credentials (cred, 2, - FUNC_NAME); + c_cred = scm_to_gnutls_srp_server_credentials (cred, 2, FUNC_NAME); err = gnutls_credentials_set (c_session, GNUTLS_CRD_SRP, c_cred); } #endif - else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_psk_client_credentials, - cred)) + else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_psk_client_credentials, cred)) { gnutls_psk_client_credentials_t c_cred; - c_cred = scm_to_gnutls_psk_client_credentials (cred, 2, - FUNC_NAME); + c_cred = scm_to_gnutls_psk_client_credentials (cred, 2, FUNC_NAME); err = gnutls_credentials_set (c_session, GNUTLS_CRD_PSK, c_cred); } - else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_psk_server_credentials, - cred)) + else if (SCM_SMOB_PREDICATE (scm_tc16_gnutls_psk_server_credentials, cred)) { gnutls_psk_server_credentials_t c_cred; - c_cred = scm_to_gnutls_psk_server_credentials (cred, 2, - FUNC_NAME); + c_cred = scm_to_gnutls_psk_server_credentials (cred, 2, FUNC_NAME); err = gnutls_credentials_set (c_session, GNUTLS_CRD_PSK, c_cred); } else @@ -624,9 +628,10 @@ SCM_DEFINE (scm_gnutls_set_session_credentials_x, "set-session-credentials!", return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Record layer. */ SCM_DEFINE (scm_gnutls_record_send, "record-send", 2, 0, 0, @@ -645,8 +650,7 @@ SCM_DEFINE (scm_gnutls_record_send, "record-send", 2, 0, 0, c_session = scm_to_gnutls_session (session, 1, FUNC_NAME); SCM_VALIDATE_ARRAY (2, array); - c_array = scm_gnutls_get_array (array, &c_handle, &c_len, - FUNC_NAME); + c_array = scm_gnutls_get_array (array, &c_handle, &c_len, FUNC_NAME); c_result = gnutls_record_send (c_session, c_array, c_len); @@ -659,6 +663,7 @@ SCM_DEFINE (scm_gnutls_record_send, "record-send", 2, 0, 0, return (result); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_record_receive_x, "record-receive!", 2, 0, 0, @@ -692,6 +697,7 @@ SCM_DEFINE (scm_gnutls_record_receive_x, "record-receive!", 2, 0, 0, return (result); } + #undef FUNC_NAME @@ -706,7 +712,8 @@ static scm_t_bits session_record_port_type; #define SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE 4096 /* Hint for the `scm_gc_' functions. */ -static const char session_record_port_gc_hint[] = "gnutls-session-record-port"; +static const char session_record_port_gc_hint[] = + "gnutls-session-record-port"; /* Mark the session associated with PORT. */ static SCM @@ -743,6 +750,7 @@ free_session_record_port (SCM port) return 0; } + #undef FUNC_NAME /* Data passed to `do_fill_port ()'. */ @@ -812,6 +820,7 @@ fill_session_record_port_input (SCM port) return chr; } + #undef FUNC_NAME /* Write SIZE octets from DATA to PORT. */ @@ -837,6 +846,7 @@ write_to_session_record_port (SCM port, const void *data, size_t size) c_sent += c_result; } } + #undef FUNC_NAME /* Return a new session port for SESSION. */ @@ -849,8 +859,9 @@ make_session_record_port (SCM session) const unsigned long mode_bits = SCM_OPN | SCM_RDNG | SCM_WRTNG; c_port_buf = - (unsigned char *) scm_gc_malloc (SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE, - session_record_port_gc_hint); + (unsigned char *) + scm_gc_malloc (SCM_GNUTLS_SESSION_RECORD_PORT_BUFFER_SIZE, + session_record_port_gc_hint); /* Create a new port. */ port = scm_new_port_table_entry (session_record_port_type); @@ -894,6 +905,7 @@ SCM_DEFINE (scm_gnutls_session_record_port, "session-record-port", 1, 0, 0, return (port); } + #undef FUNC_NAME /* Create the session port type. */ @@ -907,13 +919,12 @@ scm_init_gnutls_session_record_port_type (void) scm_set_port_mark (session_record_port_type, mark_session_record_port); scm_set_port_free (session_record_port_type, free_session_record_port); } - + /* Transport. */ -SCM_DEFINE (scm_gnutls_set_session_transport_fd_x, "set-session-transport-fd!", - 2, 0, 0, - (SCM session, SCM fd), +SCM_DEFINE (scm_gnutls_set_session_transport_fd_x, + "set-session-transport-fd!", 2, 0, 0, (SCM session, SCM fd), "Use file descriptor @var{fd} as the underlying transport for " "@var{session}.") #define FUNC_NAME s_scm_gnutls_set_session_transport_fd_x @@ -930,6 +941,7 @@ SCM_DEFINE (scm_gnutls_set_session_transport_fd_x, "set-session-transport-fd!", return SCM_UNSPECIFIED; } + #undef FUNC_NAME /* Pull SIZE octets from TRANSPORT (a Scheme port) into DATA. */ @@ -948,8 +960,7 @@ pull_from_port (gnutls_transport_ptr_t transport, void *data, size_t size) /* Write SIZE octets from DATA to TRANSPORT (a Scheme port). */ static ssize_t -push_to_port (gnutls_transport_ptr_t transport, const void *data, - size_t size) +push_to_port (gnutls_transport_ptr_t transport, const void *data, size_t size) { SCM port; @@ -987,13 +998,14 @@ SCM_DEFINE (scm_gnutls_set_session_transport_port_x, return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Diffie-Hellman. */ -typedef int (* pkcs_export_function_t) (void *, gnutls_x509_crt_fmt_t, - unsigned char *, size_t *); +typedef int (*pkcs_export_function_t) (void *, gnutls_x509_crt_fmt_t, + unsigned char *, size_t *); /* Hint for the `scm_gc' functions. */ static const char pkcs_export_gc_hint[] = "gnutls-pkcs-export"; @@ -1021,8 +1033,7 @@ pkcs_export_parameters (pkcs_export_function_t export, if (err == GNUTLS_E_SHORT_MEMORY_BUFFER) { output = scm_gc_realloc (output, output_total_len, - output_total_len * 2, - pkcs_export_gc_hint); + output_total_len * 2, pkcs_export_gc_hint); output_total_len *= 2; } } @@ -1041,12 +1052,12 @@ pkcs_export_parameters (pkcs_export_function_t export, return (scm_take_u8vector (output, output_len)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_make_dh_parameters, "make-dh-parameters", 1, 0, 0, - (SCM bits), - "Return new Diffie-Hellman parameters.") + (SCM bits), "Return new Diffie-Hellman parameters.") #define FUNC_NAME s_scm_gnutls_make_dh_parameters { int err; @@ -1068,6 +1079,7 @@ SCM_DEFINE (scm_gnutls_make_dh_parameters, "make-dh-parameters", 1, 0, 0, return (scm_from_gnutls_dh_parameters (c_dh_params)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_pkcs3_import_dh_parameters, @@ -1112,6 +1124,7 @@ SCM_DEFINE (scm_gnutls_pkcs3_import_dh_parameters, return (scm_from_gnutls_dh_parameters (c_dh_params)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_pkcs3_export_dh_parameters, @@ -1133,11 +1146,11 @@ SCM_DEFINE (scm_gnutls_pkcs3_export_dh_parameters, result = pkcs_export_parameters ((pkcs_export_function_t) gnutls_dh_params_export_pkcs3, - (void *) c_dh_params, - c_format, FUNC_NAME); + (void *) c_dh_params, c_format, FUNC_NAME); return (result); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_session_dh_prime_bits_x, @@ -1156,15 +1169,15 @@ SCM_DEFINE (scm_gnutls_set_session_dh_prime_bits_x, return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Anonymous credentials. */ SCM_DEFINE (scm_gnutls_make_anon_server_credentials, "make-anonymous-server-credentials", - 0, 0, 0, (void), - "Return anonymous server credentials.") + 0, 0, 0, (void), "Return anonymous server credentials.") #define FUNC_NAME s_scm_gnutls_make_anon_server_credentials { int err; @@ -1177,12 +1190,12 @@ SCM_DEFINE (scm_gnutls_make_anon_server_credentials, return (scm_from_gnutls_anonymous_server_credentials (c_cred)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_make_anon_client_credentials, "make-anonymous-client-credentials", - 0, 0, 0, (void), - "Return anonymous client credentials.") + 0, 0, 0, (void), "Return anonymous client credentials.") #define FUNC_NAME s_scm_gnutls_make_anon_client_credentials { int err; @@ -1195,6 +1208,7 @@ SCM_DEFINE (scm_gnutls_make_anon_client_credentials, return (scm_from_gnutls_anonymous_client_credentials (c_cred)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_anonymous_server_dh_parameters_x, @@ -1207,23 +1221,21 @@ SCM_DEFINE (scm_gnutls_set_anonymous_server_dh_parameters_x, gnutls_dh_params_t c_dh_params; gnutls_anon_server_credentials_t c_cred; - c_cred = scm_to_gnutls_anonymous_server_credentials (cred, 1, - FUNC_NAME); - c_dh_params = scm_to_gnutls_dh_parameters (dh_params, 2, - FUNC_NAME); + c_cred = scm_to_gnutls_anonymous_server_credentials (cred, 1, FUNC_NAME); + c_dh_params = scm_to_gnutls_dh_parameters (dh_params, 2, FUNC_NAME); gnutls_anon_set_server_dh_params (c_cred, c_dh_params); return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* RSA parameters. */ SCM_DEFINE (scm_gnutls_make_rsa_parameters, "make-rsa-parameters", 1, 0, 0, - (SCM bits), - "Return new RSA parameters.") + (SCM bits), "Return new RSA parameters.") #define FUNC_NAME s_scm_gnutls_make_rsa_parameters { int err; @@ -1245,6 +1257,7 @@ SCM_DEFINE (scm_gnutls_make_rsa_parameters, "make-rsa-parameters", 1, 0, 0, return (scm_from_gnutls_rsa_parameters (c_rsa_params)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_pkcs1_import_rsa_parameters, @@ -1289,6 +1302,7 @@ SCM_DEFINE (scm_gnutls_pkcs1_import_rsa_parameters, return (scm_from_gnutls_rsa_parameters (c_rsa_params)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_pkcs1_export_rsa_parameters, @@ -1315,24 +1329,26 @@ SCM_DEFINE (scm_gnutls_pkcs1_export_rsa_parameters, return (result); } -#undef FUNC_NAME +#undef FUNC_NAME + /* Certificate credentials. */ -typedef int (* certificate_set_file_function_t) (gnutls_certificate_credentials_t, - const char *, - gnutls_x509_crt_fmt_t); +typedef + int (*certificate_set_file_function_t) (gnutls_certificate_credentials_t, + const char *, + gnutls_x509_crt_fmt_t); -typedef int (* certificate_set_data_function_t) (gnutls_certificate_credentials_t, - const gnutls_datum_t *, - gnutls_x509_crt_fmt_t); +typedef + int (*certificate_set_data_function_t) (gnutls_certificate_credentials_t, + const gnutls_datum_t *, + gnutls_x509_crt_fmt_t); /* Helper function to implement the `set-file!' functions. */ static unsigned int set_certificate_file (certificate_set_file_function_t set_file, - SCM cred, SCM file, SCM format, - const char *func_name) + SCM cred, SCM file, SCM format, const char *func_name) #define FUNC_NAME func_name { int err; @@ -1359,13 +1375,13 @@ set_certificate_file (certificate_set_file_function_t set_file, /* Return the number of certificates processed. */ return ((unsigned int) err); } + #undef FUNC_NAME /* Helper function implementing the `set-data!' functions. */ static inline unsigned int set_certificate_data (certificate_set_data_function_t set_data, - SCM cred, SCM data, SCM format, - const char *func_name) + SCM cred, SCM data, SCM format, const char *func_name) #define FUNC_NAME func_name { int err; @@ -1393,6 +1409,7 @@ set_certificate_data (certificate_set_data_function_t set_data, /* Return the number of certificates processed. */ return ((unsigned int) err); } + #undef FUNC_NAME @@ -1413,6 +1430,7 @@ SCM_DEFINE (scm_gnutls_make_certificate_credentials, return (scm_from_gnutls_certificate_credentials (c_cred)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_dh_params_x, @@ -1433,6 +1451,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_dh_params_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_rsa_export_params_x, @@ -1453,6 +1472,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_rsa_export_params_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_key_files_x, @@ -1477,14 +1497,13 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_key_files_x, c_cert_file_len = scm_c_string_length (cert_file); c_cert_file = (char *) alloca (c_cert_file_len + 1); - c_key_file_len = scm_c_string_length (key_file); + c_key_file_len = scm_c_string_length (key_file); c_key_file = (char *) alloca (c_key_file_len + 1); (void) scm_to_locale_stringbuf (cert_file, c_cert_file, c_cert_file_len + 1); c_cert_file[c_cert_file_len] = '\0'; - (void) scm_to_locale_stringbuf (key_file, c_key_file, - c_key_file_len + 1); + (void) scm_to_locale_stringbuf (key_file, c_key_file, c_key_file_len + 1); c_key_file[c_key_file_len] = '\0'; err = gnutls_certificate_set_x509_key_file (c_cred, c_cert_file, c_key_file, @@ -1494,6 +1513,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_key_files_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_trust_file_x, @@ -1508,11 +1528,11 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_trust_file_x, unsigned int count; count = set_certificate_file (gnutls_certificate_set_x509_trust_file, - cred, file, format, - FUNC_NAME); + cred, file, format, FUNC_NAME); return scm_from_uint (count); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_crl_file_x, @@ -1527,11 +1547,11 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_crl_file_x, unsigned int count; count = set_certificate_file (gnutls_certificate_set_x509_crl_file, - cred, file, format, - FUNC_NAME); + cred, file, format, FUNC_NAME); return scm_from_uint (count); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_trust_data_x, @@ -1546,11 +1566,11 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_trust_data_x, unsigned int count; count = set_certificate_data (gnutls_certificate_set_x509_trust_mem, - cred, data, format, - FUNC_NAME); + cred, data, format, FUNC_NAME); return scm_from_uint (count); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_crl_data_x, @@ -1565,11 +1585,11 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_crl_data_x, unsigned int count; count = set_certificate_data (gnutls_certificate_set_x509_crl_mem, - cred, data, format, - FUNC_NAME); + cred, data, format, FUNC_NAME); return scm_from_uint (count); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_key_data_x, @@ -1599,13 +1619,12 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_key_data_x, C_CERT_HANDLE is not released. */ c_cert = scm_gnutls_get_array (cert, &c_cert_handle, &c_cert_len, FUNC_NAME); - c_key = scm_gnutls_get_array (key, &c_key_handle, &c_key_len, - FUNC_NAME); + c_key = scm_gnutls_get_array (key, &c_key_handle, &c_key_len, FUNC_NAME); c_cert_d.data = (unsigned char *) c_cert; c_cert_d.size = c_cert_len; - c_key_d.data = (unsigned char *) c_key; - c_key_d.size = c_key_len; + c_key_d.data = (unsigned char *) c_key; + c_key_d.size = c_key_len; err = gnutls_certificate_set_x509_key_mem (c_cred, &c_cert_d, &c_key_d, c_format); @@ -1617,6 +1636,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_key_data_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_keys_x, @@ -1638,10 +1658,8 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_keys_x, SCM_VALIDATE_LIST_COPYLEN (2, certs, c_cert_count); c_key = scm_to_gnutls_x509_private_key (privkey, 3, FUNC_NAME); - c_certs = (gnutls_x509_crt_t *) alloca (c_cert_count * sizeof (* c_certs)); - for (i = 0; - scm_is_pair (certs); - certs = SCM_CDR (certs), i++) + c_certs = (gnutls_x509_crt_t *) alloca (c_cert_count * sizeof (*c_certs)); + for (i = 0; scm_is_pair (certs); certs = SCM_CDR (certs), i++) { c_certs[i] = scm_to_gnutls_x509_certificate (SCM_CAR (certs), 2, FUNC_NAME); @@ -1654,6 +1672,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_x509_keys_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_verify_limits_x, @@ -1677,6 +1696,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_verify_limits_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_certificate_credentials_verify_flags_x, @@ -1693,8 +1713,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_verify_flags_x, c_cred = scm_to_gnutls_certificate_credentials (cred, 1, FUNC_NAME); for (c_flags = 0, c_pos = 2; - !scm_is_null (flags); - flags = SCM_CDR (flags), c_pos++) + !scm_is_null (flags); flags = SCM_CDR (flags), c_pos++) { c_flags |= (unsigned int) scm_to_gnutls_certificate_verify (SCM_CAR (flags), c_pos, FUNC_NAME); @@ -1704,6 +1723,7 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_verify_flags_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_peer_certificate_status, "peer-certificate-status", @@ -1748,17 +1768,16 @@ SCM_DEFINE (scm_gnutls_peer_certificate_status, "peer-certificate-status", return (result); } -#undef FUNC_NAME +#undef FUNC_NAME + /* SRP credentials. */ #ifdef ENABLE_SRP SCM_DEFINE (scm_gnutls_make_srp_server_credentials, "make-srp-server-credentials", - 0, 0, 0, - (void), - "Return new SRP server credentials.") + 0, 0, 0, (void), "Return new SRP server credentials.") #define FUNC_NAME s_scm_gnutls_make_srp_server_credentials { int err; @@ -1770,6 +1789,7 @@ SCM_DEFINE (scm_gnutls_make_srp_server_credentials, return (scm_from_gnutls_srp_server_credentials (c_cred)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_srp_server_credentials_files_x, @@ -1809,13 +1829,12 @@ SCM_DEFINE (scm_gnutls_set_srp_server_credentials_files_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_make_srp_client_credentials, "make-srp-client-credentials", - 0, 0, 0, - (void), - "Return new SRP client credentials.") + 0, 0, 0, (void), "Return new SRP client credentials.") #define FUNC_NAME s_scm_gnutls_make_srp_client_credentials { int err; @@ -1827,6 +1846,7 @@ SCM_DEFINE (scm_gnutls_make_srp_client_credentials, return (scm_from_gnutls_srp_client_credentials (c_cred)); } + #undef FUNC_NAME @@ -1853,20 +1873,18 @@ SCM_DEFINE (scm_gnutls_set_srp_client_credentials_x, c_username = (char *) alloca (c_username_len + 1); c_password = (char *) alloca (c_password_len + 1); - (void) scm_to_locale_stringbuf (username, c_username, - c_username_len + 1); + (void) scm_to_locale_stringbuf (username, c_username, c_username_len + 1); c_username[c_username_len] = '\0'; - (void) scm_to_locale_stringbuf (password, c_password, - c_password_len + 1); + (void) scm_to_locale_stringbuf (password, c_password, c_password_len + 1); c_password[c_password_len] = '\0'; - err = gnutls_srp_set_client_credentials (c_cred, c_username, - c_password); + err = gnutls_srp_set_client_credentials (c_cred, c_username, c_password); if (EXPECT_FALSE (err)) scm_gnutls_error (err, FUNC_NAME); return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_server_session_srp_username, @@ -1891,6 +1909,7 @@ SCM_DEFINE (scm_gnutls_server_session_srp_username, return (result); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_srp_base64_encode, "srp-base64-encode", @@ -1953,6 +1972,7 @@ SCM_DEFINE (scm_gnutls_srp_base64_encode, "srp-base64-encode", return (scm_take_locale_string (c_result)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_srp_base64_decode, "srp-base64-decode", @@ -1983,8 +2003,7 @@ SCM_DEFINE (scm_gnutls_srp_base64_decode, "srp-base64-decode", c_str_d.size = c_str_len; c_result_actual_len = c_result_len; - err = gnutls_srp_base64_decode (&c_str_d, c_result, - &c_result_actual_len); + err = gnutls_srp_base64_decode (&c_str_d, c_result, &c_result_actual_len); if (EXPECT_FALSE (err)) scm_gnutls_error (err, FUNC_NAME); @@ -1992,17 +2011,16 @@ SCM_DEFINE (scm_gnutls_srp_base64_decode, "srp-base64-decode", return (scm_from_locale_string (c_result)); } + #undef FUNC_NAME #endif /* ENABLE_SRP */ - + /* PSK credentials. */ SCM_DEFINE (scm_gnutls_make_psk_server_credentials, "make-psk-server-credentials", - 0, 0, 0, - (void), - "Return new PSK server credentials.") + 0, 0, 0, (void), "Return new PSK server credentials.") #define FUNC_NAME s_scm_gnutls_make_psk_server_credentials { int err; @@ -2014,6 +2032,7 @@ SCM_DEFINE (scm_gnutls_make_psk_server_credentials, return (scm_from_gnutls_psk_server_credentials (c_cred)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_psk_server_credentials_file_x, @@ -2044,13 +2063,12 @@ SCM_DEFINE (scm_gnutls_set_psk_server_credentials_file_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_make_psk_client_credentials, "make-psk-client-credentials", - 0, 0, 0, - (void), - "Return a new PSK client credentials object.") + 0, 0, 0, (void), "Return a new PSK client credentials object.") #define FUNC_NAME s_scm_gnutls_make_psk_client_credentials { int err; @@ -2062,6 +2080,7 @@ SCM_DEFINE (scm_gnutls_make_psk_client_credentials, return (scm_from_gnutls_psk_client_credentials (c_cred)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_psk_client_credentials_x, @@ -2089,8 +2108,7 @@ SCM_DEFINE (scm_gnutls_set_psk_client_credentials_x, c_username_len = scm_c_string_length (username); c_username = (char *) alloca (c_username_len + 1); - (void) scm_to_locale_stringbuf (username, c_username, - c_username_len + 1); + (void) scm_to_locale_stringbuf (username, c_username, c_username_len + 1); c_username[c_username_len] = '\0'; c_key = scm_gnutls_get_array (key, &c_handle, &c_key_len, FUNC_NAME); @@ -2106,6 +2124,7 @@ SCM_DEFINE (scm_gnutls_set_psk_client_credentials_x, return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_server_session_psk_username, @@ -2130,9 +2149,10 @@ SCM_DEFINE (scm_gnutls_server_session_psk_username, return (result); } -#undef FUNC_NAME +#undef FUNC_NAME + /* X.509 certificates. */ SCM_DEFINE (scm_gnutls_import_x509_certificate, "import-x509-certificate", @@ -2177,6 +2197,7 @@ SCM_DEFINE (scm_gnutls_import_x509_certificate, "import-x509-certificate", return (scm_from_gnutls_x509_certificate (c_cert)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_import_x509_private_key, "import-x509-private-key", @@ -2221,6 +2242,7 @@ SCM_DEFINE (scm_gnutls_import_x509_private_key, "import-x509-private-key", return (scm_from_gnutls_x509_private_key (c_key)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_pkcs8_import_x509_private_key, @@ -2292,6 +2314,7 @@ SCM_DEFINE (scm_gnutls_pkcs8_import_x509_private_key, return (scm_from_gnutls_x509_private_key (c_key)); } + #undef FUNC_NAME /* Provide the body of a `get_dn' function. */ @@ -2326,6 +2349,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_dn, "x509-certificate-dn", { X509_CERTIFICATE_DN_FUNCTION_BODY (gnutls_x509_crt_get_dn); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_issuer_dn, @@ -2338,6 +2362,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_issuer_dn, { X509_CERTIFICATE_DN_FUNCTION_BODY (gnutls_x509_crt_get_issuer_dn); } + #undef FUNC_NAME #undef X509_CERTIFICATE_DN_FUNCTION_BODY @@ -2399,6 +2424,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_dn_oid, "x509-certificate-dn-oid", { X509_CERTIFICATE_DN_OID_FUNCTION_BODY (gnutls_x509_crt_get_dn_oid); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_issuer_dn_oid, @@ -2412,6 +2438,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_issuer_dn_oid, { X509_CERTIFICATE_DN_OID_FUNCTION_BODY (gnutls_x509_crt_get_issuer_dn_oid); } + #undef FUNC_NAME #undef X509_CERTIFICATE_DN_OID_FUNCTION_BODY @@ -2448,6 +2475,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_matches_hostname_p, return result; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_signature_algorithm, @@ -2469,6 +2497,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_signature_algorithm, return (scm_from_gnutls_sign_algorithm (c_result)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_public_key_algorithm, @@ -2491,6 +2520,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_public_key_algorithm, return (scm_values (scm_list_2 (scm_from_gnutls_pk_algorithm (c_pk), scm_from_uint (c_bits)))); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_key_usage, @@ -2522,12 +2552,11 @@ SCM_DEFINE (scm_gnutls_x509_certificate_key_usage, return usage; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_version, "x509-certificate-version", - 1, 0, 0, - (SCM cert), - "Return the version of @var{cert}.") + 1, 0, 0, (SCM cert), "Return the version of @var{cert}.") #define FUNC_NAME s_scm_gnutls_x509_certificate_version { int c_result; @@ -2541,6 +2570,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_version, "x509-certificate-version", return (scm_from_int (c_result)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_key_id, "x509-certificate-key-id", @@ -2572,6 +2602,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_key_id, "x509-certificate-key-id", return result; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_authority_key_id, @@ -2595,8 +2626,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_authority_key_id, scm_array_get_handle (result, &c_id_handle); c_id = scm_array_handle_u8_writable_elements (&c_id_handle); - err = gnutls_x509_crt_get_authority_key_id (c_cert, c_id, &c_id_len, - NULL); + err = gnutls_x509_crt_get_authority_key_id (c_cert, c_id, &c_id_len, NULL); scm_array_handle_release (&c_id_handle); if (EXPECT_FALSE (err)) @@ -2604,6 +2634,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_authority_key_id, return result; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_subject_key_id, @@ -2626,8 +2657,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_subject_key_id, scm_array_get_handle (result, &c_id_handle); c_id = scm_array_handle_u8_writable_elements (&c_id_handle); - err = gnutls_x509_crt_get_subject_key_id (c_cert, c_id, &c_id_len, - NULL); + err = gnutls_x509_crt_get_subject_key_id (c_cert, c_id, &c_id_len, NULL); scm_array_handle_release (&c_id_handle); if (EXPECT_FALSE (err)) @@ -2635,6 +2665,7 @@ SCM_DEFINE (scm_gnutls_x509_certificate_subject_key_id, return result; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_x509_certificate_subject_alternative_name, @@ -2695,9 +2726,10 @@ SCM_DEFINE (scm_gnutls_x509_certificate_subject_alternative_name, return result; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Debugging. */ static SCM log_procedure = SCM_BOOL_F; @@ -2727,6 +2759,7 @@ SCM_DEFINE (scm_gnutls_set_log_procedure_x, "set-log-procedure!", return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_set_log_level_x, "set-log-level!", 1, 0, 0, @@ -2741,9 +2774,10 @@ SCM_DEFINE (scm_gnutls_set_log_level_x, "set-log-level!", 1, 0, 0, return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Initialization. */ void diff --git a/guile/src/errors.c b/guile/src/errors.c index 20eaba987d..cb034258e8 100644 --- a/guile/src/errors.c +++ b/guile/src/errors.c @@ -41,8 +41,8 @@ scm_gnutls_error (int c_err, const char *c_func) complaints. */ abort (); } - + void scm_init_gnutls_error (void) { diff --git a/guile/src/extra.c b/guile/src/extra.c index 4081c90087..2af48e7b5f 100644 --- a/guile/src/extra.c +++ b/guile/src/extra.c @@ -35,24 +35,23 @@ #include "enums.h" #include "extra-enums.h" #include "extra-smobs.h" + - /* SMOB and enums type definitions. */ #include "extra-smob-types.i.c" #include "extra-enum-map.i.c" - + /* OpenPGP keys. */ /* Maximum size we support for the name of OpenPGP keys. */ #define GUILE_GNUTLS_MAX_OPENPGP_NAME_LENGTH 2048 -SCM_DEFINE (scm_gnutls_import_openpgp_certificate, "import-openpgp-certificate", - 2, 0, 0, - (SCM data, SCM format), +SCM_DEFINE (scm_gnutls_import_openpgp_certificate, + "import-openpgp-certificate", 2, 0, 0, (SCM data, SCM format), "Return a new OpenPGP certificate object resulting from the " "import of @var{data} (a uniform array) according to " "@var{format}.") @@ -92,11 +91,12 @@ SCM_DEFINE (scm_gnutls_import_openpgp_certificate, "import-openpgp-certificate", return (scm_from_gnutls_openpgp_certificate (c_key)); } + #undef FUNC_NAME -SCM_DEFINE (scm_gnutls_import_openpgp_private_key, "import-openpgp-private-key", - 2, 1, 0, - (SCM data, SCM format, SCM pass), +SCM_DEFINE (scm_gnutls_import_openpgp_private_key, + "import-openpgp-private-key", 2, 1, 0, (SCM data, SCM format, + SCM pass), "Return a new OpenPGP private key object resulting from the " "import of @var{data} (a uniform array) according to " "@var{format}. Optionally, a passphrase may be provided.") @@ -136,7 +136,7 @@ SCM_DEFINE (scm_gnutls_import_openpgp_private_key, "import-openpgp-private-key", } err = gnutls_openpgp_privkey_import (c_key, &c_data_d, c_format, c_pass, - 0 /* currently unused */); + 0 /* currently unused */ ); scm_gnutls_release_array (&c_data_handle); if (EXPECT_FALSE (err)) @@ -147,6 +147,7 @@ SCM_DEFINE (scm_gnutls_import_openpgp_private_key, "import-openpgp-private-key", return (scm_from_gnutls_openpgp_private_key (c_key)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_id, "openpgp-certificate-id", @@ -162,7 +163,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_id, "openpgp-certificate-id", c_key = scm_to_gnutls_openpgp_certificate (key, 1, FUNC_NAME); - c_id = (unsigned char * ) malloc (8); + c_id = (unsigned char *) malloc (8); if (c_id == NULL) scm_gnutls_error (GNUTLS_E_MEMORY_ERROR, FUNC_NAME); @@ -172,6 +173,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_id, "openpgp-certificate-id", return (scm_take_u8vector (c_id, 8)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_id_x, "openpgp-certificate-id!", @@ -194,8 +196,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_id_x, "openpgp-certificate-id!", if (EXPECT_FALSE (c_id_size < 8)) { scm_gnutls_release_array (&c_id_handle); - scm_misc_error (FUNC_NAME, "ID vector too small: ~A", - scm_list_1 (id)); + scm_misc_error (FUNC_NAME, "ID vector too small: ~A", scm_list_1 (id)); } err = gnutls_openpgp_crt_get_id (c_key, (unsigned char *) c_id); @@ -206,6 +207,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_id_x, "openpgp-certificate-id!", return SCM_UNSPECIFIED; } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_fingerpint_x, @@ -236,14 +238,14 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_fingerpint_x, return (scm_from_size_t (c_actual_len)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_fingerprint, "openpgp-certificate-fingerprint", 1, 0, 0, (SCM key), - "Return a new u8vector denoting the fingerprint of " - "@var{key}.") + "Return a new u8vector denoting the fingerprint of " "@var{key}.") #define FUNC_NAME s_scm_gnutls_openpgp_certificate_fingerprint { int err; @@ -262,8 +264,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_fingerprint, do { c_actual_len = 0; - err = gnutls_openpgp_crt_get_fingerprint (c_key, c_fpr, - &c_actual_len); + err = gnutls_openpgp_crt_get_fingerprint (c_key, c_fpr, &c_actual_len); if (err == GNUTLS_E_SHORT_MEMORY_BUFFER) { /* Grow C_FPR. */ @@ -296,6 +297,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_fingerprint, return (scm_take_u8vector (c_fpr, c_actual_len)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_name, "openpgp-certificate-name", @@ -313,20 +315,18 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_name, "openpgp-certificate-name", c_key = scm_to_gnutls_openpgp_certificate (key, 1, FUNC_NAME); c_index = scm_to_int (index); - err = gnutls_openpgp_crt_get_name (c_key, c_index, c_name, - &c_name_len); + err = gnutls_openpgp_crt_get_name (c_key, c_index, c_name, &c_name_len); if (EXPECT_FALSE (err)) scm_gnutls_error (err, FUNC_NAME); /* XXX: The name is really UTF-8. */ return (scm_from_locale_string (c_name)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_names, "openpgp-certificate-names", - 1, 0, 0, - (SCM key), - "Return the list of names for @var{key}.") + 1, 0, 0, (SCM key), "Return the list of names for @var{key}.") #define FUNC_NAME s_scm_gnutls_openpgp_certificate_names { int err; @@ -340,12 +340,10 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_names, "openpgp-certificate-names", do { - err = gnutls_openpgp_crt_get_name (c_key, c_index, c_name, - &c_name_len); + err = gnutls_openpgp_crt_get_name (c_key, c_index, c_name, &c_name_len); if (!err) { - result = scm_cons (scm_from_locale_string (c_name), - result); + result = scm_cons (scm_from_locale_string (c_name), result); c_index++; } } @@ -356,6 +354,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_names, "openpgp-certificate-names", return (scm_reverse_x (result, SCM_EOL)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_algorithm, @@ -376,6 +375,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_algorithm, return (scm_values (scm_list_2 (scm_from_gnutls_pk_algorithm (c_algo), scm_from_uint (c_bits)))); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_version, @@ -394,6 +394,7 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_version, return (scm_from_int (c_version)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_certificate_usage, "openpgp-certificate-usage", @@ -414,10 +415,11 @@ SCM_DEFINE (scm_gnutls_openpgp_certificate_usage, "openpgp-certificate-usage", return (scm_from_gnutls_key_usage_flags (c_usage)); } + #undef FUNC_NAME + - /* OpenPGP keyrings. */ SCM_DEFINE (scm_gnutls_import_openpgp_keyring, "import-openpgp-keyring", @@ -462,6 +464,7 @@ SCM_DEFINE (scm_gnutls_import_openpgp_keyring, "import-openpgp-keyring", return (scm_from_gnutls_openpgp_keyring (c_keyring)); } + #undef FUNC_NAME SCM_DEFINE (scm_gnutls_openpgp_keyring_contains_key_id_p, @@ -481,8 +484,7 @@ SCM_DEFINE (scm_gnutls_openpgp_keyring_contains_key_id_p, c_keyring = scm_to_gnutls_openpgp_keyring (keyring, 1, FUNC_NAME); SCM_VALIDATE_ARRAY (1, id); - c_id = scm_gnutls_get_array (id, &c_id_handle, &c_id_len, - FUNC_NAME); + c_id = scm_gnutls_get_array (id, &c_id_handle, &c_id_len, FUNC_NAME); if (EXPECT_FALSE (c_id_len != 8)) { scm_gnutls_release_array (&c_id_handle); @@ -491,15 +493,16 @@ SCM_DEFINE (scm_gnutls_openpgp_keyring_contains_key_id_p, c_result = gnutls_openpgp_keyring_check_id (c_keyring, (unsigned char *) c_id, - 0 /* unused */); + 0 /* unused */ ); scm_gnutls_release_array (&c_id_handle); return (scm_from_bool (c_result == 0)); } -#undef FUNC_NAME +#undef FUNC_NAME + /* Certificates. */ SCM_DEFINE (scm_gnutls_set_certificate_credentials_openpgp_keys_x, @@ -525,9 +528,10 @@ SCM_DEFINE (scm_gnutls_set_certificate_credentials_openpgp_keys_x, return SCM_UNSPECIFIED; } -#undef FUNC_NAME +#undef FUNC_NAME + /* Initialization. */ void diff --git a/lib/auth_cert.c b/lib/auth_cert.c index 030caf8f8a..f0a03ec4d2 100644 --- a/lib/auth_cert.c +++ b/lib/auth_cert.c @@ -48,10 +48,9 @@ #ifdef ENABLE_OPENPGP # include "openpgp/gnutls_openpgp.h" -static gnutls_privkey * -alloc_and_load_pgp_key (const gnutls_openpgp_privkey_t key); -static gnutls_cert * -alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert); +static gnutls_privkey *alloc_and_load_pgp_key (const gnutls_openpgp_privkey_t + key); +static gnutls_cert *alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert); #endif @@ -92,8 +91,7 @@ _gnutls_copy_certificate_auth_info (cert_auth_info_t info, if (cert->raw.size > 0) { ret = - _gnutls_set_datum (&info-> - raw_certificate_list[i], + _gnutls_set_datum (&info->raw_certificate_list[i], cert[i].raw.data, cert[i].raw.size); if (ret < 0) { @@ -109,7 +107,7 @@ _gnutls_copy_certificate_auth_info (cert_auth_info_t info, if (cert[0].cert_type == GNUTLS_CRT_OPENPGP) { info->use_subkey = cert[0].use_subkey; - memcpy( info->subkey_id, cert[0].subkey_id, sizeof(info->subkey_id)); + memcpy (info->subkey_id, cert[0].subkey_id, sizeof (info->subkey_id)); } #endif @@ -230,8 +228,8 @@ _find_x509_cert (const gnutls_certificate_credentials_t cred, for (j = 0; j < cred->cert_list_length[i]; j++) { if ((result = - _gnutls_cert_get_issuer_dn (&cred-> - cert_list[i][j], &odn)) < 0) + _gnutls_cert_get_issuer_dn (&cred->cert_list[i][j], + &odn)) < 0) { gnutls_assert (); return result; @@ -456,16 +454,16 @@ call_get_cert_callback (gnutls_session_t session, if (type == GNUTLS_CRT_X509) { local_certs = alloc_and_load_x509_certs (st.cert.x509, st.ncerts); - if (local_certs != NULL && st.key.x509 != NULL) - { + if (local_certs != NULL && st.key.x509 != NULL) + { local_key = alloc_and_load_x509_key (st.key.x509); - if (local_key == NULL) - { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; + if (local_key == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; goto cleanup; - } - } + } + } } else @@ -479,17 +477,17 @@ call_get_cert_callback (gnutls_session_t session, #ifdef ENABLE_OPENPGP { - local_certs = alloc_and_load_pgp_certs (st.cert.pgp); - if (local_certs != NULL && st.key.pgp != NULL) - { - local_key = alloc_and_load_pgp_key (st.key.pgp); - if (local_key == NULL) - { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - } + local_certs = alloc_and_load_pgp_certs (st.cert.pgp); + if (local_certs != NULL && st.key.pgp != NULL) + { + local_key = alloc_and_load_pgp_key (st.key.pgp); + if (local_key == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + } } #endif } @@ -728,7 +726,7 @@ _gnutls_gen_openpgp_certificate (gnutls_session_t session, opaque ** data) if (apr_cert_list_length > 0) { if (apr_cert_list[0].use_subkey != 0) - ret += 1 + sizeof(apr_cert_list[0].subkey_id); /* for the keyid */ + ret += 1 + sizeof (apr_cert_list[0].subkey_id); /* for the keyid */ ret += apr_cert_list[0].raw.size; } @@ -748,25 +746,26 @@ _gnutls_gen_openpgp_certificate (gnutls_session_t session, opaque ** data) if (apr_cert_list_length > 0) { - if (apr_cert_list[0].use_subkey != 0) - { - *pdata = PGP_KEY_SUBKEY; - pdata++; - *pdata = sizeof(apr_cert_list[0].subkey_id); - pdata++; - memcpy( pdata, apr_cert_list[0].subkey_id, sizeof(apr_cert_list[0].subkey_id)); - pdata += sizeof(apr_cert_list[0].subkey_id); - } - else - { - *pdata = PGP_KEY; - pdata++; - } + if (apr_cert_list[0].use_subkey != 0) + { + *pdata = PGP_KEY_SUBKEY; + pdata++; + *pdata = sizeof (apr_cert_list[0].subkey_id); + pdata++; + memcpy (pdata, apr_cert_list[0].subkey_id, + sizeof (apr_cert_list[0].subkey_id)); + pdata += sizeof (apr_cert_list[0].subkey_id); + } + else + { + *pdata = PGP_KEY; + pdata++; + } _gnutls_write_datum24 (pdata, apr_cert_list[0].raw); pdata += (3 + apr_cert_list[0].raw.size); } - else /* empty - no certificate */ + else /* empty - no certificate */ { *pdata = PGP_KEY; pdata++; @@ -798,7 +797,7 @@ _gnutls_gen_openpgp_certificate_fpr (gnutls_session_t session, opaque ** data) packet_size = 3 + 1; if (apr_cert_list[0].use_subkey) - packet_size += 1 + sizeof(apr_cert_list[0].subkey_id); /* for the keyid */ + packet_size += 1 + sizeof (apr_cert_list[0].subkey_id); /* for the keyid */ /* Only v4 fingerprints are sent */ @@ -819,16 +818,17 @@ _gnutls_gen_openpgp_certificate_fpr (gnutls_session_t session, opaque ** data) _gnutls_write_uint24 (packet_size - 3, pdata); pdata += 3; - if (apr_cert_list[0].use_subkey) + if (apr_cert_list[0].use_subkey) { *pdata = PGP_KEY_FINGERPRINT_SUBKEY; pdata++; - *pdata = sizeof(apr_cert_list[0].subkey_id); + *pdata = sizeof (apr_cert_list[0].subkey_id); pdata++; - memcpy( pdata, apr_cert_list[0].subkey_id, sizeof(apr_cert_list[0].subkey_id)); - pdata += sizeof(apr_cert_list[0].subkey_id); - } - else + memcpy (pdata, apr_cert_list[0].subkey_id, + sizeof (apr_cert_list[0].subkey_id)); + pdata += sizeof (apr_cert_list[0].subkey_id); + } + else { *pdata = PGP_KEY_FINGERPRINT; /* key fingerprint */ pdata++; @@ -841,7 +841,7 @@ _gnutls_gen_openpgp_certificate_fpr (gnutls_session_t session, opaque ** data) if ((ret = _gnutls_openpgp_fingerprint (&apr_cert_list[0].raw, pdata, - &fpr_size)) < 0) + &fpr_size)) < 0) { gnutls_assert (); return ret; @@ -1093,30 +1093,31 @@ _gnutls_proc_openpgp_server_certificate (gnutls_session_t session, DECR_LEN (dsize, 1); key_type = *p; p++; - + /* Try to read the keyid if present */ if (key_type == PGP_KEY_FINGERPRINT_SUBKEY || key_type == PGP_KEY_SUBKEY) { /* check size */ - if (*p != sizeof( subkey_id)) - { - gnutls_assert(); - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - } + if (*p != sizeof (subkey_id)) + { + gnutls_assert (); + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + } DECR_LEN (dsize, 1); p++; - DECR_LEN (dsize, sizeof( subkey_id)); - memcpy( subkey_id, p, sizeof( subkey_id)); - p+= sizeof( subkey_id); - + DECR_LEN (dsize, sizeof (subkey_id)); + memcpy (subkey_id, p, sizeof (subkey_id)); + p += sizeof (subkey_id); + subkey_id_set = 1; } - /* read the actual key or fingerprint */ - if (key_type == PGP_KEY_FINGERPRINT || key_type == PGP_KEY_FINGERPRINT_SUBKEY) + /* read the actual key or fingerprint */ + if (key_type == PGP_KEY_FINGERPRINT + || key_type == PGP_KEY_FINGERPRINT_SUBKEY) { /* the fingerprint */ DECR_LEN (dsize, 1); @@ -1194,7 +1195,9 @@ _gnutls_proc_openpgp_server_certificate (gnutls_session_t session, if ((ret = _gnutls_openpgp_raw_crt_to_gcert (&peer_certificate_list[0], - &tmp, subkey_id_set?subkey_id:NULL)) < 0) + &tmp, + subkey_id_set ? subkey_id : NULL)) < + 0) { gnutls_assert (); goto cleanup; @@ -1341,7 +1344,7 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, opaque * data, p++; DECR_LEN (dsize, hash_num); - p+=hash_num; + p += hash_num; } /* read the certificate authorities */ @@ -1349,9 +1352,10 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, opaque * data, size = _gnutls_read_uint16 (p); p += 2; - if (session->security_parameters.cert_type == GNUTLS_CRT_OPENPGP && size != 0) + if (session->security_parameters.cert_type == GNUTLS_CRT_OPENPGP + && size != 0) { - gnutls_assert(); // size should be zero + gnutls_assert (); // size should be zero return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } @@ -1455,8 +1459,8 @@ _gnutls_proc_cert_client_cert_vrfy (gnutls_session_t session, sig.size = size; ret = _gnutls_get_auth_info_gcert (&peer_cert, - session->security_parameters.cert_type, - info, CERT_NO_COPY); + session->security_parameters.cert_type, + info, CERT_NO_COPY); if (ret < 0) { @@ -1539,7 +1543,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, opaque ** data) } else { - _gnutls_write_uint16( 0, pdata); + _gnutls_write_uint16 (0, pdata); /* pdata+=2; */ } @@ -1698,11 +1702,12 @@ alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert) return NULL; } - ret = gnutls_openpgp_crt_get_preferred_key_id( cert, local_certs->subkey_id); + ret = + gnutls_openpgp_crt_get_preferred_key_id (cert, local_certs->subkey_id); if (ret < 0) - local_certs->use_subkey = 0; - else - local_certs->use_subkey = 1; + local_certs->use_subkey = 0; + else + local_certs->use_subkey = 1; return local_certs; } diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c index 0a76c97b71..8f89af7eba 100644 --- a/lib/auth_dh_common.c +++ b/lib/auth_dh_common.c @@ -305,7 +305,8 @@ _gnutls_proc_dh_common_server_kx (gnutls_session_t session, * be inserted */ int _gnutls_dh_common_print_server_kx (gnutls_session_t session, - bigint_t g, bigint_t p, opaque ** data, int psk) + bigint_t g, bigint_t p, opaque ** data, + int psk) { bigint_t x, X; size_t n_X, n_g, n_p; diff --git a/lib/auth_dhe.c b/lib/auth_dhe.c index ba5220d28c..a109238def 100644 --- a/lib/auth_dhe.c +++ b/lib/auth_dhe.c @@ -217,9 +217,8 @@ proc_dhe_server_kx (gnutls_session_t session, opaque * data, if ((ret = _gnutls_get_auth_info_gcert (&peer_cert, - session->security_parameters.cert_type, - info, - CERT_NO_COPY)) < 0) + session->security_parameters.cert_type, + info, CERT_NO_COPY)) < 0) { gnutls_assert (); return ret; diff --git a/lib/auth_psk.c b/lib/auth_psk.c index 53cd1b45b0..7559c6bead 100644 --- a/lib/auth_psk.c +++ b/lib/auth_psk.c @@ -395,7 +395,7 @@ _gnutls_proc_psk_server_kx (gnutls_session_t session, opaque * data, ret = 0; - error: +error: return ret; } diff --git a/lib/auth_psk_passwd.c b/lib/auth_psk_passwd.c index 65891878c7..d2efa7a4ff 100644 --- a/lib/auth_psk_passwd.c +++ b/lib/auth_psk_passwd.c @@ -79,7 +79,7 @@ pwd_put_values (gnutls_datum_t * psk, char *str) } ret = _gnutls_hex2bin ((opaque *) p, len, psk->data, &size); - psk->size = (unsigned int)size; + psk->size = (unsigned int) size; if (ret < 0) { gnutls_assert (); @@ -99,7 +99,7 @@ static int _randomize_psk (gnutls_datum_t * psk) { int ret; - + psk->data = gnutls_malloc (16); if (psk->data == NULL) { @@ -108,14 +108,14 @@ _randomize_psk (gnutls_datum_t * psk) } psk->size = 16; - + ret = _gnutls_rnd (RND_NONCE, (char *) psk->data, 16); - if ( ret < 0) + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } - + return 0; } diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c index b84dcb306e..bc89d1ecee 100644 --- a/lib/auth_rsa.c +++ b/lib/auth_rsa.c @@ -87,8 +87,8 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, ret = _gnutls_get_auth_info_gcert (&peer_cert, - session->security_parameters.cert_type, - info, CERT_ONLY_PUBKEY | CERT_NO_COPY); + session->security_parameters.cert_type, + info, CERT_ONLY_PUBKEY | CERT_NO_COPY); if (ret < 0) { @@ -99,7 +99,8 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, /* EXPORT case: */ if (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters.current_cipher_suite) == GNUTLS_KX_RSA_EXPORT + (&session->security_parameters.current_cipher_suite) == + GNUTLS_KX_RSA_EXPORT && _gnutls_mpi_get_nbits (peer_cert.params[0]) > 512) { @@ -168,8 +169,8 @@ _gnutls_get_private_rsa_params (gnutls_session_t session, } bits = - _gnutls_mpi_get_nbits (session->internals.selected_cert_list[0]. - params[0]); + _gnutls_mpi_get_nbits (session->internals. + selected_cert_list[0].params[0]); if (_gnutls_cipher_suite_get_kx_algo (&session->security_parameters.current_cipher_suite) @@ -290,7 +291,9 @@ _gnutls_proc_rsa_client_kx (gnutls_session_t session, opaque * data, /* we do not need strong random numbers here. */ - ret = _gnutls_rnd (RND_NONCE, session->key->key.data, session->key->key.size); + ret = + _gnutls_rnd (RND_NONCE, session->key->key.data, + session->key->key.size); if (ret < 0) { gnutls_assert (); @@ -345,8 +348,9 @@ _gnutls_gen_rsa_client_kx (gnutls_session_t session, opaque ** data) return GNUTLS_E_MEMORY_ERROR; } - ret = _gnutls_rnd( RND_RANDOM, session->key->key.data, session->key->key.size); - if ( ret < 0) + ret = + _gnutls_rnd (RND_RANDOM, session->key->key.data, session->key->key.size); + if (ret < 0) { gnutls_assert (); return ret; diff --git a/lib/auth_rsa_export.c b/lib/auth_rsa_export.c index 3b4b24c045..d72bc6bd39 100644 --- a/lib/auth_rsa_export.c +++ b/lib/auth_rsa_export.c @@ -205,8 +205,8 @@ _gnutls_peers_cert_less_512 (gnutls_session_t session) if ((ret = _gnutls_get_auth_info_gcert (&peer_cert, - session->security_parameters.cert_type, - info, CERT_NO_COPY)) < 0) + session->security_parameters.cert_type, + info, CERT_NO_COPY)) < 0) { gnutls_assert (); return 0; @@ -304,8 +304,8 @@ proc_rsa_export_server_kx (gnutls_session_t session, if ((ret = _gnutls_get_auth_info_gcert (&peer_cert, - session->security_parameters.cert_type, - info, CERT_NO_COPY)) < 0) + session->security_parameters.cert_type, + info, CERT_NO_COPY)) < 0) { gnutls_assert (); return ret; diff --git a/lib/auth_srp.c b/lib/auth_srp.c index d438a163b8..89ccb156e0 100644 --- a/lib/auth_srp.c +++ b/lib/auth_srp.c @@ -244,9 +244,9 @@ _gnutls_gen_srp_server_kx (gnutls_session_t session, opaque ** data) */ data_b = &data_s[1 + pwd_entry->salt.size]; - if (_gnutls_mpi_print (B, &data_b[2], &n_b) != 0) + if (_gnutls_mpi_print (B, &data_b[2], &n_b) != 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_MPI_PRINT_FAILED; } @@ -344,9 +344,9 @@ _gnutls_gen_srp_client_kx (gnutls_session_t session, opaque ** data) ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key); _gnutls_mpi_release (&S); - if (ret < 0) + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } @@ -483,6 +483,7 @@ static const unsigned char srp_generator = 0x02; const gnutls_datum_t gnutls_srp_1024_group_prime = { (void *) srp_params_1024, sizeof (srp_params_1024) }; + const gnutls_datum_t gnutls_srp_1024_group_generator = { (void *) &srp_generator, sizeof (srp_generator) }; @@ -515,6 +516,7 @@ static const unsigned char srp_params_1536[] = { const gnutls_datum_t gnutls_srp_1536_group_prime = { (void *) srp_params_1536, sizeof (srp_params_1536) }; + const gnutls_datum_t gnutls_srp_1536_group_generator = { (void *) &srp_generator, sizeof (srp_generator) }; @@ -554,6 +556,7 @@ static const unsigned char srp_params_2048[] = { const gnutls_datum_t gnutls_srp_2048_group_prime = { (void *) srp_params_2048, sizeof (srp_params_2048) }; + const gnutls_datum_t gnutls_srp_2048_group_generator = { (void *) &srp_generator, sizeof (srp_generator) }; @@ -567,7 +570,7 @@ check_g_n (const opaque * g, size_t n_g, const opaque * n, size_t n_n) if (n_g != 1 || g[0] != srp_generator) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; } @@ -589,7 +592,7 @@ check_g_n (const opaque * g, size_t n_g, const opaque * n, size_t n_n) return 0; } - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; } diff --git a/lib/auth_srp_passwd.c b/lib/auth_srp_passwd.c index 8f098315d3..51b703a44d 100644 --- a/lib/auth_srp_passwd.c +++ b/lib/auth_srp_passwd.c @@ -286,7 +286,7 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char *username, ret = _randomize_pwd_entry (entry); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); _gnutls_srp_entry_free (entry); return ret; } @@ -423,7 +423,7 @@ _randomize_pwd_entry (SRP_PWD_ENTRY * entry) } ret = _gnutls_rnd (RND_RANDOM, entry->v.data, 20); - if ( ret < 0) + if (ret < 0) { gnutls_assert (); return ret; @@ -439,10 +439,10 @@ _randomize_pwd_entry (SRP_PWD_ENTRY * entry) ret = _gnutls_rnd (RND_NONCE, entry->salt.data, entry->salt.size); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } - + return 0; } diff --git a/lib/auth_srp_rsa.c b/lib/auth_srp_rsa.c index d6963e02e4..f4af9eb7b7 100644 --- a/lib/auth_srp_rsa.c +++ b/lib/auth_srp_rsa.c @@ -182,8 +182,8 @@ proc_srp_cert_server_kx (gnutls_session_t session, opaque * data, ret = _gnutls_get_auth_info_gcert (&peer_cert, - session->security_parameters.cert_type, - info, CERT_NO_COPY); + session->security_parameters.cert_type, + info, CERT_NO_COPY); if (ret < 0) { diff --git a/lib/cipher-libgcrypt.c b/lib/cipher-libgcrypt.c index 7a511521bc..aa72df87e1 100644 --- a/lib/cipher-libgcrypt.c +++ b/lib/cipher-libgcrypt.c @@ -34,89 +34,115 @@ /* Functions that refer to the libgcrypt library. */ -static int wrap_gcry_cipher_init( gnutls_cipher_algorithm_t algo, void** ctx) +static int +wrap_gcry_cipher_init (gnutls_cipher_algorithm_t algo, void **ctx) { -int err; + int err; switch (algo) { case GNUTLS_CIPHER_AES_128_CBC: - err = gcry_cipher_open ( (gcry_cipher_hd_t *)ctx, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_AES128, + GCRY_CIPHER_MODE_CBC, 0); break; case GNUTLS_CIPHER_AES_256_CBC: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_AES256, + GCRY_CIPHER_MODE_CBC, 0); break; case GNUTLS_CIPHER_3DES_CBC: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_3DES, + GCRY_CIPHER_MODE_CBC, 0); break; case GNUTLS_CIPHER_DES_CBC: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_DES, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_DES, + GCRY_CIPHER_MODE_CBC, 0); break; case GNUTLS_CIPHER_ARCFOUR_128: case GNUTLS_CIPHER_ARCFOUR_40: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_ARCFOUR, + GCRY_CIPHER_MODE_STREAM, 0); break; case GNUTLS_CIPHER_RC2_40_CBC: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_RFC2268_40, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_RFC2268_40, + GCRY_CIPHER_MODE_CBC, 0); break; #ifdef ENABLE_CAMELLIA case GNUTLS_CIPHER_CAMELLIA_128_CBC: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_CAMELLIA128, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_CAMELLIA128, + GCRY_CIPHER_MODE_CBC, 0); break; case GNUTLS_CIPHER_CAMELLIA_256_CBC: - err = gcry_cipher_open ((gcry_cipher_hd_t *)ctx, GCRY_CIPHER_CAMELLIA256, GCRY_CIPHER_MODE_CBC, 0); + err = + gcry_cipher_open ((gcry_cipher_hd_t *) ctx, GCRY_CIPHER_CAMELLIA256, + GCRY_CIPHER_MODE_CBC, 0); break; #endif default: - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - if (err == 0) return 0; - - gnutls_assert(); - return GNUTLS_E_ENCRYPTION_FAILED; + + if (err == 0) + return 0; + + gnutls_assert (); + return GNUTLS_E_ENCRYPTION_FAILED; } -static int wrap_gcry_cipher_setkey( void* ctx, const void * key, size_t keysize) +static int +wrap_gcry_cipher_setkey (void *ctx, const void *key, size_t keysize) { - gcry_cipher_setkey( ctx, key, keysize); - return 0; + gcry_cipher_setkey (ctx, key, keysize); + return 0; } -static int wrap_gcry_cipher_setiv( void* ctx, const void * iv, size_t ivsize) +static int +wrap_gcry_cipher_setiv (void *ctx, const void *iv, size_t ivsize) { - gcry_cipher_setiv( ctx, iv, ivsize); - return 0; + gcry_cipher_setiv (ctx, iv, ivsize); + return 0; } -static int wrap_gcry_cipher_decrypt( void* ctx, const void* encr, size_t encrsize, void* plain, size_t plainsize) +static int +wrap_gcry_cipher_decrypt (void *ctx, const void *encr, size_t encrsize, + void *plain, size_t plainsize) { -int err; + int err; - err = gcry_cipher_decrypt( ctx, plain, plainsize, encr, encrsize); - if (err == 0) return 0; - - gnutls_assert(); - return GNUTLS_E_ENCRYPTION_FAILED; + err = gcry_cipher_decrypt (ctx, plain, plainsize, encr, encrsize); + if (err == 0) + return 0; + + gnutls_assert (); + return GNUTLS_E_ENCRYPTION_FAILED; } -static int wrap_gcry_cipher_encrypt( void* ctx, const void* plain, size_t plainsize, void* encr, size_t encrsize) +static int +wrap_gcry_cipher_encrypt (void *ctx, const void *plain, size_t plainsize, + void *encr, size_t encrsize) { -int err; + int err; + + err = gcry_cipher_encrypt (ctx, encr, encrsize, plain, plainsize); + if (err == 0) + return 0; - err = gcry_cipher_encrypt( ctx, encr, encrsize, plain, plainsize); - if (err == 0) return 0; - - gnutls_assert(); - return GNUTLS_E_ENCRYPTION_FAILED; + gnutls_assert (); + return GNUTLS_E_ENCRYPTION_FAILED; } int crypto_cipher_prio = INT_MAX; @@ -124,7 +150,7 @@ int crypto_cipher_prio = INT_MAX; gnutls_crypto_cipher_st _gnutls_cipher_ops = { .init = wrap_gcry_cipher_init, .setkey = wrap_gcry_cipher_setkey, - .setiv = wrap_gcry_cipher_setiv, + .setiv = wrap_gcry_cipher_setiv, .encrypt = wrap_gcry_cipher_encrypt, .decrypt = wrap_gcry_cipher_decrypt, .deinit = gcry_cipher_close, diff --git a/lib/crypto.c b/lib/crypto.c index ccc9a81093..8f603403d8 100644 --- a/lib/crypto.c +++ b/lib/crypto.c @@ -31,49 +31,58 @@ #include <random.h> #include <gnutls_cipher_int.h> -typedef struct algo_list { +typedef struct algo_list +{ int algorithm; int priority; - void* alg_data; - struct algo_list* next; + void *alg_data; + struct algo_list *next; } algo_list; #define cipher_list algo_list #define mac_list algo_list #define digest_list algo_list -static int _algo_register( algo_list* al, int algorithm, int priority, void* s) +static int +_algo_register (algo_list * al, int algorithm, int priority, void *s) { -algo_list* cl; -algo_list* last_cl = al; + algo_list *cl; + algo_list *last_cl = al; /* look if there is any cipher with lowest priority. In that case do not add. */ cl = al; - while( cl && cl->alg_data) { - if (cl->algorithm == algorithm) { - if (cl->priority < priority) { - gnutls_assert(); - return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; - } else { - /* the current has higher priority -> overwrite */ - cl->algorithm = algorithm; - cl->priority = priority; - cl->alg_data = s; - return 0; - } + while (cl && cl->alg_data) + { + if (cl->algorithm == algorithm) + { + if (cl->priority < priority) + { + gnutls_assert (); + return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; + } + else + { + /* the current has higher priority -> overwrite */ + cl->algorithm = algorithm; + cl->priority = priority; + cl->alg_data = s; + return 0; + } + } + cl = cl->next; + if (cl) + last_cl = cl; } - cl = cl->next; - if (cl) last_cl = cl; - } - cl = gnutls_malloc(sizeof(cipher_list)); + cl = gnutls_malloc (sizeof (cipher_list)); + + if (cl == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } - if (cl == NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - cl->algorithm = algorithm; cl->priority = priority; cl->alg_data = s; @@ -84,20 +93,23 @@ algo_list* last_cl = al; } -static void *_get_algo( algo_list* al, int algo) +static void * +_get_algo (algo_list * al, int algo) { -cipher_list* cl; + cipher_list *cl; /* look if there is any cipher with lowest priority. In that case do not add. */ cl = al->next; - while( cl && cl->alg_data) { - if (cl->algorithm == algo) { - return cl->alg_data; + while (cl && cl->alg_data) + { + if (cl->algorithm == algo) + { + return cl->alg_data; + } + cl = cl->next; } - cl = cl->next; - } - + return NULL; } @@ -105,27 +117,29 @@ static cipher_list glob_cl = { GNUTLS_CIPHER_NULL, 0, NULL, NULL }; static mac_list glob_ml = { GNUTLS_MAC_NULL, 0, NULL, NULL }; static digest_list glob_dl = { GNUTLS_MAC_NULL, 0, NULL, NULL }; -static void _deregister(algo_list* cl) +static void +_deregister (algo_list * cl) { -algo_list* next; + algo_list *next; next = cl->next; cl->next = NULL; cl = next; - while( cl) + while (cl) { next = cl->next; - gnutls_free(cl); + gnutls_free (cl); cl = next; } } -void _gnutls_crypto_deregister(void) +void +_gnutls_crypto_deregister (void) { - _deregister( &glob_cl); - _deregister( &glob_ml); - _deregister( &glob_dl); + _deregister (&glob_cl); + _deregister (&glob_ml); + _deregister (&glob_dl); } /** @@ -149,19 +163,23 @@ void _gnutls_crypto_deregister(void) * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_single_cipher_register2( gnutls_cipher_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_cipher_st* s) +int +gnutls_crypto_single_cipher_register2 (gnutls_cipher_algorithm_t algorithm, + int priority, int version, + gnutls_crypto_single_cipher_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - return _algo_register( &glob_cl, algorithm, priority, s); + return _algo_register (&glob_cl, algorithm, priority, s); } -gnutls_crypto_single_cipher_st *_gnutls_get_crypto_cipher( gnutls_cipher_algorithm_t algo) +gnutls_crypto_single_cipher_st * +_gnutls_get_crypto_cipher (gnutls_cipher_algorithm_t algo) { - return _get_algo( &glob_cl, algo); + return _get_algo (&glob_cl, algo); } /** @@ -184,19 +202,22 @@ gnutls_crypto_single_cipher_st *_gnutls_get_crypto_cipher( gnutls_cipher_algorit * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_rnd_register2( int priority, int version, gnutls_crypto_rnd_st* s) +int +gnutls_crypto_rnd_register2 (int priority, int version, + gnutls_crypto_rnd_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - if (crypto_rnd_prio > priority) { - memcpy( &_gnutls_rnd_ops, s, sizeof(*s)); - crypto_rnd_prio = priority; - return 0; - } + if (crypto_rnd_prio > priority) + { + memcpy (&_gnutls_rnd_ops, s, sizeof (*s)); + crypto_rnd_prio = priority; + return 0; + } return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; } @@ -221,20 +242,24 @@ int gnutls_crypto_rnd_register2( int priority, int version, gnutls_crypto_rnd_st * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_single_mac_register2( gnutls_mac_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_mac_st* s) +int +gnutls_crypto_single_mac_register2 (gnutls_mac_algorithm_t algorithm, + int priority, int version, + gnutls_crypto_single_mac_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - return _algo_register( &glob_ml, algorithm, priority, s); + return _algo_register (&glob_ml, algorithm, priority, s); } -gnutls_crypto_single_mac_st *_gnutls_get_crypto_mac( gnutls_mac_algorithm_t algo) +gnutls_crypto_single_mac_st * +_gnutls_get_crypto_mac (gnutls_mac_algorithm_t algo) { - return _get_algo( &glob_ml, algo); + return _get_algo (&glob_ml, algo); } /** @@ -258,19 +283,23 @@ gnutls_crypto_single_mac_st *_gnutls_get_crypto_mac( gnutls_mac_algorithm_t algo * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_single_digest_register2( gnutls_digest_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_digest_st* s) +int +gnutls_crypto_single_digest_register2 (gnutls_digest_algorithm_t algorithm, + int priority, int version, + gnutls_crypto_single_digest_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - return _algo_register( &glob_dl, algorithm, priority, s); + return _algo_register (&glob_dl, algorithm, priority, s); } -gnutls_crypto_single_digest_st *_gnutls_get_crypto_digest( gnutls_digest_algorithm_t algo) +gnutls_crypto_single_digest_st * +_gnutls_get_crypto_digest (gnutls_digest_algorithm_t algo) { - return _get_algo( &glob_dl, algo); + return _get_algo (&glob_dl, algo); } /** @@ -296,19 +325,22 @@ gnutls_crypto_single_digest_st *_gnutls_get_crypto_digest( gnutls_digest_algorit * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_bigint_register2( int priority, int version, gnutls_crypto_bigint_st* s) +int +gnutls_crypto_bigint_register2 (int priority, int version, + gnutls_crypto_bigint_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - if (crypto_bigint_prio > priority) { - memcpy( &_gnutls_mpi_ops, s, sizeof(*s)); - crypto_bigint_prio = priority; - return 0; - } + if (crypto_bigint_prio > priority) + { + memcpy (&_gnutls_mpi_ops, s, sizeof (*s)); + crypto_bigint_prio = priority; + return 0; + } return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; } @@ -335,18 +367,21 @@ int gnutls_crypto_bigint_register2( int priority, int version, gnutls_crypto_big * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_pk_register2( int priority, int version, gnutls_crypto_pk_st* s) +int +gnutls_crypto_pk_register2 (int priority, int version, + gnutls_crypto_pk_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - if (crypto_pk_prio > priority) { - memcpy( &_gnutls_pk_ops, s, sizeof(*s)); - crypto_pk_prio = priority; - return 0; - } + if (crypto_pk_prio > priority) + { + memcpy (&_gnutls_pk_ops, s, sizeof (*s)); + crypto_pk_prio = priority; + return 0; + } return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; } @@ -370,19 +405,22 @@ int gnutls_crypto_pk_register2( int priority, int version, gnutls_crypto_pk_st* * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_cipher_register2( int priority, int version, gnutls_crypto_cipher_st* s) +int +gnutls_crypto_cipher_register2 (int priority, int version, + gnutls_crypto_cipher_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - if (crypto_cipher_prio > priority) { - memcpy( &_gnutls_cipher_ops, s, sizeof(*s)); - crypto_cipher_prio = priority; - return 0; - } + if (crypto_cipher_prio > priority) + { + memcpy (&_gnutls_cipher_ops, s, sizeof (*s)); + crypto_cipher_prio = priority; + return 0; + } return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; } @@ -406,19 +444,22 @@ int gnutls_crypto_cipher_register2( int priority, int version, gnutls_crypto_cip * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_mac_register2( int priority, int version, gnutls_crypto_mac_st* s) +int +gnutls_crypto_mac_register2 (int priority, int version, + gnutls_crypto_mac_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - if (crypto_mac_prio > priority) { - memcpy( &_gnutls_mac_ops, s, sizeof(*s)); - crypto_mac_prio = priority; - return 0; - } + if (crypto_mac_prio > priority) + { + memcpy (&_gnutls_mac_ops, s, sizeof (*s)); + crypto_mac_prio = priority; + return 0; + } return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; } @@ -442,18 +483,21 @@ int gnutls_crypto_mac_register2( int priority, int version, gnutls_crypto_mac_st * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error. * **/ -int gnutls_crypto_digest_register2( int priority, int version, gnutls_crypto_digest_st* s) +int +gnutls_crypto_digest_register2 (int priority, int version, + gnutls_crypto_digest_st * s) { if (version != GNUTLS_CRYPTO_API_VERSION) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_UNIMPLEMENTED_FEATURE; } - if (crypto_digest_prio > priority) { - memcpy( &_gnutls_digest_ops, s, sizeof(*s)); - crypto_digest_prio = priority; - return 0; - } + if (crypto_digest_prio > priority) + { + memcpy (&_gnutls_digest_ops, s, sizeof (*s)); + crypto_digest_prio = priority; + return 0; + } return GNUTLS_E_CRYPTO_ALREADY_REGISTERED; } diff --git a/lib/debug.c b/lib/debug.c index e63e8b019e..f60c4776cc 100644 --- a/lib/debug.c +++ b/lib/debug.c @@ -125,6 +125,7 @@ _gnutls_dump_mpi (const char *prefix, bigint_t a) if (_gnutls_mpi_print (a, mpi_buf, &n) < 0) strcpy (buf, "[can't print value]"); /* Flawfinder: ignore */ - else _gnutls_bin2hex (mpi_buf, n, buf, sizeof(buf)); + else + _gnutls_bin2hex (mpi_buf, n, buf, sizeof (buf)); _gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", n, prefix, buf); } diff --git a/lib/ext_cert_type.c b/lib/ext_cert_type.c index 0ddc19d233..a99414bd53 100644 --- a/lib/ext_cert_type.c +++ b/lib/ext_cert_type.c @@ -177,9 +177,9 @@ _gnutls_cert_type_send_params (gnutls_session_t session, opaque * data, for (i = 0; i < len; i++) { - data[i + 1] = _gnutls_cert_type2num (session->internals. - priorities.cert_type. - priority[i]); + data[i + 1] = + _gnutls_cert_type2num (session->internals.priorities. + cert_type.priority[i]); } return len + 1; } diff --git a/lib/ext_max_record.c b/lib/ext_max_record.c index 9179ae1d48..97e2bcaa40 100644 --- a/lib/ext_max_record.c +++ b/lib/ext_max_record.c @@ -120,8 +120,8 @@ _gnutls_max_record_send_params (gnutls_session_t session, opaque * data, } data[0] = - (uint8_t) _gnutls_mre_record2num (session->internals. - proposed_record_size); + (uint8_t) _gnutls_mre_record2num (session-> + internals.proposed_record_size); return len; } @@ -140,9 +140,9 @@ _gnutls_max_record_send_params (gnutls_session_t session, opaque * data, } data[0] = - (uint8_t) _gnutls_mre_record2num (session-> - security_parameters. - max_record_recv_size); + (uint8_t) + _gnutls_mre_record2num + (session->security_parameters.max_record_recv_size); return len; } diff --git a/lib/ext_oprfi.c b/lib/ext_oprfi.c index be30843c53..2003f75ab3 100644 --- a/lib/ext_oprfi.c +++ b/lib/ext_oprfi.c @@ -34,8 +34,7 @@ int oprfi_recv_server (gnutls_session_t session, - const opaque * data, - size_t _data_size) + const opaque * data, size_t _data_size) { ssize_t data_size = _data_size; uint16_t len; @@ -72,8 +71,7 @@ oprfi_recv_server (gnutls_session_t session, int oprfi_recv_client (gnutls_session_t session, - const opaque * data, - size_t _data_size) + const opaque * data, size_t _data_size) { ssize_t data_size = _data_size; uint16_t len; @@ -116,8 +114,7 @@ oprfi_recv_client (gnutls_session_t session, int _gnutls_oprfi_recv_params (gnutls_session_t session, - const opaque * data, - size_t data_size) + const opaque * data, size_t data_size) { if (session->security_parameters.entity == GNUTLS_CLIENT) return oprfi_recv_client (session, data, data_size); @@ -126,9 +123,7 @@ _gnutls_oprfi_recv_params (gnutls_session_t session, } int -oprfi_send_client (gnutls_session_t session, - opaque * data, - size_t _data_size) +oprfi_send_client (gnutls_session_t session, opaque * data, size_t _data_size) { opaque *p = data; ssize_t data_size = _data_size; @@ -149,9 +144,7 @@ oprfi_send_client (gnutls_session_t session, } int -oprfi_send_server (gnutls_session_t session, - opaque * data, - size_t _data_size) +oprfi_send_server (gnutls_session_t session, opaque * data, size_t _data_size) { opaque *p = data; int ret; @@ -187,12 +180,13 @@ oprfi_send_server (gnutls_session_t session, } DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER); - _gnutls_write_uint16 (session->security_parameters. - extensions.oprfi_server_len, p); + _gnutls_write_uint16 (session->security_parameters.extensions. + oprfi_server_len, p); p += 2; - DECR_LENGTH_RET (data_size, session->security_parameters. - extensions.oprfi_server_len, GNUTLS_E_SHORT_MEMORY_BUFFER); + DECR_LENGTH_RET (data_size, + session->security_parameters.extensions.oprfi_server_len, + GNUTLS_E_SHORT_MEMORY_BUFFER); memcpy (p, session->security_parameters.extensions.oprfi_server, session->security_parameters.extensions.oprfi_server_len); @@ -202,8 +196,7 @@ oprfi_send_server (gnutls_session_t session, int _gnutls_oprfi_send_params (gnutls_session_t session, - opaque * data, - size_t data_size) + opaque * data, size_t data_size) { if (session->security_parameters.entity == GNUTLS_CLIENT) return oprfi_send_client (session, data, data_size); @@ -226,8 +219,7 @@ _gnutls_oprfi_send_params (gnutls_session_t session, **/ void gnutls_oprfi_enable_client (gnutls_session_t session, - size_t len, - unsigned char *data) + size_t len, unsigned char *data) { session->security_parameters.extensions.oprfi_client_len = len; session->security_parameters.extensions.oprfi_client = data; @@ -255,8 +247,7 @@ gnutls_oprfi_enable_client (gnutls_session_t session, **/ void gnutls_oprfi_enable_server (gnutls_session_t session, - gnutls_oprfi_callback_func cb, - void *userdata) + gnutls_oprfi_callback_func cb, void *userdata) { session->security_parameters.extensions.oprfi_cb = cb; session->security_parameters.extensions.oprfi_userdata = userdata; diff --git a/lib/ext_server_name.c b/lib/ext_server_name.c index a2db94939f..df5103bbfb 100644 --- a/lib/ext_server_name.c +++ b/lib/ext_server_name.c @@ -117,12 +117,12 @@ _gnutls_server_name_recv_params (gnutls_session_t session, case 0: /* NAME_DNS */ if (len <= MAX_SERVER_NAME_SIZE) { - memcpy (session->security_parameters.extensions. - server_names[i].name, p, len); - session->security_parameters.extensions. - server_names[i].name_length = len; - session->security_parameters.extensions. - server_names[i].type = GNUTLS_NAME_DNS; + memcpy (session->security_parameters. + extensions.server_names[i].name, p, len); + session->security_parameters.extensions.server_names[i]. + name_length = len; + session->security_parameters.extensions.server_names[i]. + type = GNUTLS_NAME_DNS; break; } } @@ -163,8 +163,8 @@ _gnutls_server_name_send_params (gnutls_session_t session, /* count the total size */ len = - session->security_parameters.extensions.server_names[i]. - name_length; + session->security_parameters.extensions. + server_names[i].name_length; /* uint8_t + uint16_t + size */ @@ -183,14 +183,14 @@ _gnutls_server_name_send_params (gnutls_session_t session, i < session->security_parameters.extensions.server_names_size; i++) { - switch (session->security_parameters.extensions. - server_names[i].type) + switch (session->security_parameters.extensions.server_names[i]. + type) { case GNUTLS_NAME_DNS: len = - session->security_parameters.extensions. - server_names[i].name_length; + session->security_parameters.extensions.server_names[i]. + name_length; if (len == 0) break; @@ -208,8 +208,8 @@ _gnutls_server_name_send_params (gnutls_session_t session, p += 2; memcpy (p, - session->security_parameters.extensions. - server_names[i].name, len); + session->security_parameters.extensions.server_names[i]. + name, len); p += len; break; default: @@ -269,11 +269,11 @@ gnutls_server_name_get (gnutls_session_t session, void *data, session->security_parameters.extensions.server_names[indx].name_length) { *data_length = - session->security_parameters.extensions.server_names[indx]. - name_length; + session->security_parameters.extensions. + server_names[indx].name_length; memcpy (data, - session->security_parameters.extensions.server_names[indx]. - name, *data_length); + session->security_parameters.extensions.server_names[indx].name, + *data_length); if (*type == GNUTLS_NAME_DNS) /* null terminate */ _data[(*data_length)] = 0; @@ -282,8 +282,8 @@ gnutls_server_name_get (gnutls_session_t session, void *data, else { *data_length = - session->security_parameters.extensions.server_names[indx]. - name_length; + session->security_parameters.extensions. + server_names[indx].name_length; return GNUTLS_E_SHORT_MEMORY_BUFFER; } @@ -331,8 +331,8 @@ gnutls_server_name_set (gnutls_session_t session, session->security_parameters.extensions.server_names[server_names - 1].type = type; - memcpy (session->security_parameters.extensions. - server_names[server_names - 1].name, name, name_length); + memcpy (session->security_parameters. + extensions.server_names[server_names - 1].name, name, name_length); session->security_parameters.extensions.server_names[server_names - 1].name_length = name_length; diff --git a/lib/ext_srp.c b/lib/ext_srp.c index 2d77d48a4e..03872e6379 100644 --- a/lib/ext_srp.c +++ b/lib/ext_srp.c @@ -111,8 +111,8 @@ _gnutls_srp_send_params (gnutls_session_t session, opaque * data, if (cred->get_function (session, &username, &password) < 0 || username == NULL || password == NULL) { - gnutls_assert (); - return GNUTLS_E_ILLEGAL_SRP_USERNAME; + gnutls_assert (); + return GNUTLS_E_ILLEGAL_SRP_USERNAME; } len = MIN (strlen (username), 255); diff --git a/lib/gnutls_alert.c b/lib/gnutls_alert.c index b435727a45..b67a7270ef 100644 --- a/lib/gnutls_alert.c +++ b/lib/gnutls_alert.c @@ -62,7 +62,8 @@ static const gnutls_alert_entry sup_alerts[] = { {GNUTLS_A_UNSUPPORTED_EXTENSION, "An unsupported extension was sent"}, {GNUTLS_A_UNRECOGNIZED_NAME, "The server name sent was not recognized"}, - {GNUTLS_A_UNKNOWN_PSK_IDENTITY, "The SRP/PSK username is missing or not known"}, + {GNUTLS_A_UNKNOWN_PSK_IDENTITY, + "The SRP/PSK username is missing or not known"}, {GNUTLS_A_INNER_APPLICATION_FAILURE, "Inner application negotiation failed"}, {GNUTLS_A_INNER_APPLICATION_VERIFICATION, diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index da34f5e180..835cc2242e 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -176,12 +176,18 @@ static const gnutls_cipher_entry algorithms[] = { {"IDEA-PGP-CFB", GNUTLS_CIPHER_IDEA_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0}, {"3DES-PGP-CFB", GNUTLS_CIPHER_3DES_PGP_CFB, 8, 24, CIPHER_BLOCK, 8, 0}, {"CAST5-PGP-CFB", GNUTLS_CIPHER_CAST5_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0}, - {"BLOWFISH-PGP-CFB", GNUTLS_CIPHER_BLOWFISH_PGP_CFB, 8, 16/*actually unlimited*/, CIPHER_BLOCK, 8, 0}, - {"SAFER-SK128-PGP-CFB", GNUTLS_CIPHER_SAFER_SK128_PGP_CFB, 8, 16, CIPHER_BLOCK, 8, 0}, - {"AES-128-PGP-CFB", GNUTLS_CIPHER_AES128_PGP_CFB, 16, 16, CIPHER_BLOCK, 16, 0}, - {"AES-192-PGP-CFB", GNUTLS_CIPHER_AES192_PGP_CFB, 16, 24, CIPHER_BLOCK, 16, 0}, - {"AES-256-PGP-CFB", GNUTLS_CIPHER_AES256_PGP_CFB, 16, 32, CIPHER_BLOCK, 16, 0}, - {"TWOFISH-PGP-CFB", GNUTLS_CIPHER_TWOFISH_PGP_CFB, 16, 16, CIPHER_BLOCK, 16, 0}, + {"BLOWFISH-PGP-CFB", GNUTLS_CIPHER_BLOWFISH_PGP_CFB, 8, + 16 /*actually unlimited */ , CIPHER_BLOCK, 8, 0}, + {"SAFER-SK128-PGP-CFB", GNUTLS_CIPHER_SAFER_SK128_PGP_CFB, 8, 16, + CIPHER_BLOCK, 8, 0}, + {"AES-128-PGP-CFB", GNUTLS_CIPHER_AES128_PGP_CFB, 16, 16, CIPHER_BLOCK, 16, + 0}, + {"AES-192-PGP-CFB", GNUTLS_CIPHER_AES192_PGP_CFB, 16, 24, CIPHER_BLOCK, 16, + 0}, + {"AES-256-PGP-CFB", GNUTLS_CIPHER_AES256_PGP_CFB, 16, 32, CIPHER_BLOCK, 16, + 0}, + {"TWOFISH-PGP-CFB", GNUTLS_CIPHER_TWOFISH_PGP_CFB, 16, 16, CIPHER_BLOCK, 16, + 0}, #endif {"NULL", GNUTLS_CIPHER_NULL, 1, 0, CIPHER_STREAM, 0, 0}, {0, 0, 0, 0, 0, 0, 0} @@ -217,7 +223,7 @@ struct gnutls_hash_entry const char *name; const char *oid; gnutls_mac_algorithm_t id; - size_t key_size; /* in case of mac */ + size_t key_size; /* in case of mac */ }; typedef struct gnutls_hash_entry gnutls_hash_entry; @@ -227,7 +233,7 @@ static const gnutls_hash_entry hash_algorithms[] = { {"SHA256", HASH_OID_SHA256, GNUTLS_MAC_SHA256, 32}, {"SHA384", HASH_OID_SHA384, GNUTLS_MAC_SHA384, 48}, {"SHA512", HASH_OID_SHA512, GNUTLS_MAC_SHA512, 64}, - {"MD2", HASH_OID_MD2, GNUTLS_MAC_MD2, 0}, /* not used as MAC */ + {"MD2", HASH_OID_MD2, GNUTLS_MAC_MD2, 0}, /* not used as MAC */ {"RIPEMD160", HASH_OID_RMD160, GNUTLS_MAC_RMD160, 20}, {"NULL", NULL, GNUTLS_MAC_NULL, 0}, {0, 0, 0, 0} @@ -709,11 +715,11 @@ gnutls_mac_get_name (gnutls_mac_algorithm_t algorithm) * MAC algorithm, or %GNUTLS_MAC_UNKNOWN on failures. **/ gnutls_mac_algorithm_t -gnutls_mac_get_id (const char* name) +gnutls_mac_get_id (const char *name) { gnutls_mac_algorithm_t ret = GNUTLS_MAC_UNKNOWN; - GNUTLS_HASH_LOOP( if (strcasecmp( p->name, name)==0) ret = p->id); + GNUTLS_HASH_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id); return ret; } @@ -800,11 +806,9 @@ _gnutls_compression_priority (gnutls_session_t session, gnutls_compression_method_t algorithm) { /* actually returns the priority */ unsigned int i; - for (i = 0; - i < session->internals.priorities.compression.algorithms; i++) + for (i = 0; i < session->internals.priorities.compression.algorithms; i++) { - if (session->internals.priorities. - compression.priority[i] == algorithm) + if (session->internals.priorities.compression.priority[i] == algorithm) return i; } return -1; @@ -840,11 +844,14 @@ gnutls_compression_get_name (gnutls_compression_method_t algorithm) * %GNUTLS_COMP_UNKNOWN on error. **/ gnutls_compression_method_t -gnutls_compression_get_id (const char* name) +gnutls_compression_get_id (const char *name) { gnutls_compression_method_t ret = GNUTLS_COMP_UNKNOWN; - GNUTLS_COMPRESSION_LOOP( if (strcasecmp( p->name+sizeof("GNUTLS_COMP_")-1, name)==0) ret = p->id); + GNUTLS_COMPRESSION_LOOP (if + (strcasecmp + (p->name + sizeof ("GNUTLS_COMP_") - 1, + name) == 0) ret = p->id); return ret; } @@ -948,11 +955,9 @@ _gnutls_cipher_priority (gnutls_session_t session, gnutls_cipher_algorithm_t algorithm) { unsigned int i; - for (i = 0; - i < session->internals.priorities.cipher.algorithms; i++) + for (i = 0; i < session->internals.priorities.cipher.algorithms; i++) { - if (session->internals.priorities. - cipher.priority[i] == algorithm) + if (session->internals.priorities.cipher.priority[i] == algorithm) return i; } return -1; @@ -1035,11 +1040,11 @@ gnutls_cipher_get_name (gnutls_cipher_algorithm_t algorithm) * the specified cipher, or %GNUTLS_CIPHER_UNKNOWN on error. **/ gnutls_cipher_algorithm_t -gnutls_cipher_get_id (const char* name) +gnutls_cipher_get_id (const char *name) { gnutls_cipher_algorithm_t ret = GNUTLS_CIPHER_UNKNOWN; - GNUTLS_LOOP( if (strcasecmp( p->name, name)==0) ret = p->id); + GNUTLS_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id); return ret; } @@ -1129,11 +1134,11 @@ gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm) * on error. **/ gnutls_kx_algorithm_t -gnutls_kx_get_id (const char* name) +gnutls_kx_get_id (const char *name) { gnutls_cipher_algorithm_t ret = GNUTLS_KX_UNKNOWN; - GNUTLS_KX_LOOP( if (strcasecmp( p->name, name)==0) ret = p->algorithm); + GNUTLS_KX_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->algorithm); return ret; } @@ -1275,11 +1280,11 @@ gnutls_protocol_get_name (gnutls_protocol_t version) * %GNUTLS_VERSION_UNKNOWN on error. **/ gnutls_protocol_t -gnutls_protocol_get_id (const char* name) +gnutls_protocol_get_id (const char *name) { gnutls_protocol_t ret = GNUTLS_VERSION_UNKNOWN; - GNUTLS_VERSION_LOOP( if (strcasecmp( p->name, name)==0) ret = p->id); + GNUTLS_VERSION_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id); return ret; } @@ -1814,8 +1819,9 @@ _gnutls_supported_compression_methods (gnutls_session_t session, for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) { - int tmp = _gnutls_compression_get_num (session->internals.priorities. - compression.priority[i]); + int tmp = + _gnutls_compression_get_num (session->internals. + priorities.compression.priority[i]); /* remove private compression algorithms, if requested. */ @@ -1872,15 +1878,15 @@ gnutls_certificate_type_get_name (gnutls_certificate_type_t type) * %GNUTLS_CRT_UNKNOWN on error. **/ gnutls_certificate_type_t -gnutls_certificate_type_get_id (const char* name) +gnutls_certificate_type_get_id (const char *name) { gnutls_certificate_type_t ret = GNUTLS_CRT_UNKNOWN; - if (strcasecmp( name, "X.509")==0 || strcasecmp( name, "X509")==0) + if (strcasecmp (name, "X.509") == 0 || strcasecmp (name, "X509") == 0) return GNUTLS_CRT_X509; - if (strcasecmp( name, "OPENPGP")==0) + if (strcasecmp (name, "OPENPGP") == 0) return GNUTLS_CRT_OPENPGP; - + return ret; } @@ -2116,4 +2122,3 @@ _gnutls_x509_pk_to_oid (gnutls_pk_algorithm_t algorithm) return ret; } - diff --git a/lib/gnutls_anon_cred.c b/lib/gnutls_anon_cred.c index 7adc730243..f778d6ca04 100644 --- a/lib/gnutls_anon_cred.c +++ b/lib/gnutls_anon_cred.c @@ -59,7 +59,8 @@ gnutls_anon_free_server_credentials (gnutls_anon_server_credentials_t sc) * Returns: %GNUTLS_E_SUCCESS on success, or an error code. **/ int -gnutls_anon_allocate_server_credentials (gnutls_anon_server_credentials_t *sc) +gnutls_anon_allocate_server_credentials (gnutls_anon_server_credentials_t * + sc) { *sc = gnutls_calloc (1, sizeof (anon_server_credentials_st)); @@ -90,7 +91,8 @@ gnutls_anon_free_client_credentials (gnutls_anon_client_credentials_t sc) * Returns: %GNUTLS_E_SUCCESS on success, or an error code. **/ int -gnutls_anon_allocate_client_credentials (gnutls_anon_client_credentials_t *sc) +gnutls_anon_allocate_client_credentials (gnutls_anon_client_credentials_t * + sc) { /* anon_dummy is only there for *sc not to be null. * it is not used at all; diff --git a/lib/gnutls_auth.c b/lib/gnutls_auth.c index dc20149566..5b593217db 100644 --- a/lib/gnutls_auth.c +++ b/lib/gnutls_auth.c @@ -174,8 +174,9 @@ gnutls_auth_get_type (gnutls_session_t session) return _gnutls_map_kx_get_cred (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite), server); + (&session-> + security_parameters.current_cipher_suite), + server); } /** @@ -194,8 +195,8 @@ gnutls_auth_server_get_type (gnutls_session_t session) { return _gnutls_map_kx_get_cred (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite), 1); + (&session-> + security_parameters.current_cipher_suite), 1); } /** @@ -214,8 +215,8 @@ gnutls_auth_client_get_type (gnutls_session_t session) { return _gnutls_map_kx_get_cred (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite), 0); + (&session-> + security_parameters.current_cipher_suite), 0); } @@ -402,11 +403,10 @@ _gnutls_auth_info_set (gnutls_session_t session, */ if (gnutls_auth_get_type (session) != session->key->auth_info_type) { - + _gnutls_free_auth_info (session); - - session->key->auth_info = - calloc( 1, size); + + session->key->auth_info = calloc (1, size); if (session->key->auth_info == NULL) { gnutls_assert (); diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index 8d9be9cf2d..f0b8e61e4c 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -310,12 +310,12 @@ _gnutls_read (gnutls_session_t session, void *iptr, if (session->internals._gnutls_pull_func == NULL) { - i = recv (GNUTLS_POINTER_TO_INT(fd), &ptr[sizeOfPtr - left], + i = recv (GNUTLS_POINTER_TO_INT (fd), &ptr[sizeOfPtr - left], left, flags); #if HAVE_WINSOCK if (i < 0) { - int tmperr = WSAGetLastError(); + int tmperr = WSAGetLastError (); switch (tmperr) { case WSAEWOULDBLOCK: @@ -330,7 +330,7 @@ _gnutls_read (gnutls_session_t session, void *iptr, session->internals.errnum = EIO; break; } - WSASetLastError(tmperr); + WSASetLastError (tmperr); } #endif } @@ -777,11 +777,11 @@ _gnutls_io_write_buffered (gnutls_session_t session, if (session->internals._gnutls_push_func == NULL) { - i = send (GNUTLS_POINTER_TO_INT(fd), &ptr[n - left], left, 0); + i = send (GNUTLS_POINTER_TO_INT (fd), &ptr[n - left], left, 0); #if HAVE_WINSOCK if (i < 0) { - int tmperr = WSAGetLastError(); + int tmperr = WSAGetLastError (); switch (tmperr) { case WSAEWOULDBLOCK: @@ -796,7 +796,7 @@ _gnutls_io_write_buffered (gnutls_session_t session, session->internals.errnum = EIO; break; } - WSASetLastError(tmperr); + WSASetLastError (tmperr); } #endif } @@ -813,8 +813,7 @@ _gnutls_io_write_buffered (gnutls_session_t session, session->internals.record_send_buffer_prev_size += n - left; retval = - _gnutls_buffer_insert (&session->internals. - record_send_buffer, + _gnutls_buffer_insert (&session->internals.record_send_buffer, &ptr[n - left], left); if (retval < 0) { @@ -1027,8 +1026,8 @@ _gnutls_handshake_io_send_int (gnutls_session_t session, gnutls_assert (); retval = - _gnutls_buffer_insert (&session->internals. - handshake_send_buffer, + _gnutls_buffer_insert (&session-> + internals.handshake_send_buffer, &ptr[n - left], left); if (retval < 0) { @@ -1100,8 +1099,7 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session, session->internals.handshake_recv_buffer.length -= sizeOfPtr; memmove (session->internals.handshake_recv_buffer.data, - &session->internals.handshake_recv_buffer. - data[sizeOfPtr], + &session->internals.handshake_recv_buffer.data[sizeOfPtr], session->internals.handshake_recv_buffer.length); return sizeOfPtr; @@ -1130,8 +1128,8 @@ _gnutls_handshake_io_recv_int (gnutls_session_t session, gnutls_assert (); session->internals.handshake_recv_buffer.data = - gnutls_realloc_fast (session->internals. - handshake_recv_buffer.data, dsize); + gnutls_realloc_fast (session->internals.handshake_recv_buffer. + data, dsize); if (session->internals.handshake_recv_buffer.data == NULL) { gnutls_assert (); diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 2d5ad18ae5..751d9354c7 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -125,8 +125,9 @@ gnutls_certificate_free_cas (gnutls_certificate_credentials_t sc) * Since: 2.4.0 **/ void -gnutls_certificate_get_x509_cas (gnutls_certificate_credentials_t sc, - gnutls_x509_crt_t **x509_ca_list, unsigned int* ncas) +gnutls_certificate_get_x509_cas (gnutls_certificate_credentials_t sc, + gnutls_x509_crt_t ** x509_ca_list, + unsigned int *ncas) { *x509_ca_list = sc->x509_ca_list; *ncas = sc->x509_ncas; @@ -144,8 +145,9 @@ gnutls_certificate_get_x509_cas (gnutls_certificate_credentials_t sc, * Since: 2.4.0 **/ void -gnutls_certificate_get_x509_crls (gnutls_certificate_credentials_t sc, - gnutls_x509_crl_t **x509_crl_list, unsigned int* ncrls) +gnutls_certificate_get_x509_crls (gnutls_certificate_credentials_t sc, + gnutls_x509_crl_t ** x509_crl_list, + unsigned int *ncrls) { *x509_crl_list = sc->x509_crl_list; *ncrls = sc->x509_ncrls; @@ -164,8 +166,8 @@ gnutls_certificate_get_x509_crls (gnutls_certificate_credentials_t sc, * Since: 2.4.0 **/ void -gnutls_certificate_get_openpgp_keyring (gnutls_certificate_credentials_t sc, - gnutls_openpgp_keyring_t *keyring) +gnutls_certificate_get_openpgp_keyring (gnutls_certificate_credentials_t sc, + gnutls_openpgp_keyring_t * keyring) { *keyring = sc->keyring; } @@ -252,7 +254,7 @@ gnutls_certificate_free_credentials (gnutls_certificate_credentials_t sc) #endif #ifdef ENABLE_OPENPGP - gnutls_openpgp_keyring_deinit( sc->keyring); + gnutls_openpgp_keyring_deinit (sc->keyring); #endif gnutls_free (sc); @@ -504,7 +506,7 @@ _gnutls_x509_get_raw_crt_expiration_time (const gnutls_datum_t * cert) -*/ int _gnutls_openpgp_crt_verify_peers (gnutls_session_t session, - unsigned int *status) + unsigned int *status) { cert_auth_info_t info; gnutls_certificate_credentials_t cred; @@ -545,7 +547,7 @@ _gnutls_openpgp_crt_verify_peers (gnutls_session_t session, */ ret = _gnutls_openpgp_verify_key (cred, &info->raw_certificate_list[0], - peer_certificate_list_size, status); + peer_certificate_list_size, status); if (ret < 0) { @@ -677,14 +679,14 @@ gnutls_certificate_expiration_time_peers (gnutls_session_t session) switch (gnutls_certificate_type_get (session)) { case GNUTLS_CRT_X509: - return _gnutls_x509_get_raw_crt_expiration_time (&info-> - raw_certificate_list - [0]); + return + _gnutls_x509_get_raw_crt_expiration_time (&info->raw_certificate_list + [0]); #ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: - return _gnutls_openpgp_get_raw_key_expiration_time (&info-> - raw_certificate_list - [0]); + return + _gnutls_openpgp_get_raw_key_expiration_time + (&info->raw_certificate_list[0]); #endif default: return (time_t) - 1; @@ -722,14 +724,14 @@ gnutls_certificate_activation_time_peers (gnutls_session_t session) switch (gnutls_certificate_type_get (session)) { case GNUTLS_CRT_X509: - return _gnutls_x509_get_raw_crt_activation_time (&info-> - raw_certificate_list - [0]); + return + _gnutls_x509_get_raw_crt_activation_time (&info->raw_certificate_list + [0]); #ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: - return _gnutls_openpgp_get_raw_key_creation_time (&info-> - raw_certificate_list - [0]); + return + _gnutls_openpgp_get_raw_key_creation_time (&info->raw_certificate_list + [0]); #endif default: return (time_t) - 1; @@ -741,17 +743,22 @@ gnutls_certificate_activation_time_peers (gnutls_session_t session) */ int _gnutls_get_auth_info_gcert (gnutls_cert * gcert, - gnutls_certificate_type_t type, - cert_auth_info_t info, - int flags /* OR of ConvFlags */ ) + gnutls_certificate_type_t type, + cert_auth_info_t info, + int flags /* OR of ConvFlags */ ) { switch (type) { case GNUTLS_CRT_X509: - return _gnutls_x509_raw_cert_to_gcert (gcert, &info->raw_certificate_list[0], flags); + return _gnutls_x509_raw_cert_to_gcert (gcert, + &info->raw_certificate_list[0], + flags); #ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: - return _gnutls_openpgp_raw_crt_to_gcert (gcert, &info->raw_certificate_list[0], info->use_subkey?info->subkey_id:NULL); + return _gnutls_openpgp_raw_crt_to_gcert (gcert, + &info->raw_certificate_list[0], + info->use_subkey ? info-> + subkey_id : NULL); #endif default: gnutls_assert (); @@ -921,8 +928,7 @@ _gnutls_gcert_deinit (gnutls_cert * cert) **/ void gnutls_sign_callback_set (gnutls_session_t session, - gnutls_sign_func sign_func, - void *userdata) + gnutls_sign_func sign_func, void *userdata) { session->internals.sign_func = sign_func; session->internals.sign_func_userdata = userdata; @@ -939,8 +945,7 @@ gnutls_sign_callback_set (gnutls_session_t session, * if not set, %NULL. **/ gnutls_sign_func -gnutls_sign_callback_get (gnutls_session_t session, - void **userdata) +gnutls_sign_callback_get (gnutls_session_t session, void **userdata) { if (userdata) *userdata = session->internals.sign_func_userdata; diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 8daf3c1089..9013eda84d 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -177,12 +177,12 @@ _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext, } /* This check is not really needed */ - if (max_data_size < MAX_RECORD_RECV_SIZE) - { - gnutls_assert(); - _gnutls_free_datum (>xt); - return GNUTLS_E_INTERNAL_ERROR; - } + if (max_data_size < MAX_RECORD_RECV_SIZE) + { + gnutls_assert (); + _gnutls_free_datum (>xt); + return GNUTLS_E_INTERNAL_ERROR; + } memcpy (data, gtxt.data, gtxt.size); ret = gtxt.size; @@ -194,14 +194,14 @@ _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext, } inline static int -mac_init (digest_hd_st* td, gnutls_mac_algorithm_t mac, opaque * secret, int secret_size, - int ver) +mac_init (digest_hd_st * td, gnutls_mac_algorithm_t mac, opaque * secret, + int secret_size, int ver) { -int ret = 0; + int ret = 0; if (mac == GNUTLS_MAC_NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_HASH_FAILED; } @@ -218,7 +218,7 @@ int ret = 0; } inline static void -mac_deinit (digest_hd_st *td, opaque * res, int ver) +mac_deinit (digest_hd_st * td, opaque * res, int ver) { if (ver == GNUTLS_SSL3) { /* SSL 3.0 */ @@ -247,8 +247,8 @@ calc_enc_length (gnutls_session_t session, int data_size, break; case CIPHER_BLOCK: - ret =_gnutls_rnd (RND_NONCE, &rnd, 1); - if ( ret < 0) + ret = _gnutls_rnd (RND_NONCE, &rnd, 1); + if (ret < 0) { gnutls_assert (); return ret; @@ -306,15 +306,15 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, uint8_t type = _type; uint8_t major, minor; int hash_size = - _gnutls_hash_get_algo_len (session->security_parameters. - write_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.write_mac_algorithm); gnutls_protocol_t ver; int blocksize = - _gnutls_cipher_get_block_size (session->security_parameters. - write_bulk_cipher_algorithm); + _gnutls_cipher_get_block_size (session-> + security_parameters.write_bulk_cipher_algorithm); cipher_type_t block_algo = - _gnutls_cipher_is_block (session->security_parameters. - write_bulk_cipher_algorithm); + _gnutls_cipher_is_block (session-> + security_parameters.write_bulk_cipher_algorithm); opaque *data_ptr; @@ -325,10 +325,11 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, /* Initialize MAC */ ret = mac_init (&td, session->security_parameters.write_mac_algorithm, - session->connection_state.write_mac_secret.data, - session->connection_state.write_mac_secret.size, ver); + session->connection_state.write_mac_secret.data, + session->connection_state.write_mac_secret.size, ver); - if (ret < 0 && session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) + if (ret < 0 + && session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) { gnutls_assert (); return ret; @@ -339,8 +340,8 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, if (session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) { /* actually when the algorithm in not the NULL one */ _gnutls_hmac (&td, - UINT64DATA (session->connection_state. - write_sequence_number), 8); + UINT64DATA (session-> + connection_state.write_sequence_number), 8); _gnutls_hmac (&td, &type, 1); if (ver >= GNUTLS_TLS1) @@ -405,8 +406,9 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, /* Actual encryption (inplace). */ - ret = _gnutls_cipher_encrypt (&session->connection_state. - write_cipher_state, cipher_data, length); + ret = + _gnutls_cipher_encrypt (&session->connection_state.write_cipher_state, + cipher_data, length); if (ret < 0) { gnutls_assert (); @@ -435,21 +437,22 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, uint8_t major, minor; gnutls_protocol_t ver; int hash_size = - _gnutls_hash_get_algo_len (session->security_parameters. - read_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.read_mac_algorithm); ver = gnutls_protocol_get_version (session); minor = _gnutls_version_get_minor (ver); major = _gnutls_version_get_major (ver); - blocksize = _gnutls_cipher_get_block_size (session->security_parameters. - read_bulk_cipher_algorithm); + blocksize = + _gnutls_cipher_get_block_size (session-> + security_parameters.read_bulk_cipher_algorithm); /* initialize MAC */ ret = mac_init (&td, session->security_parameters.read_mac_algorithm, - session->connection_state.read_mac_secret.data, - session->connection_state.read_mac_secret.size, ver); + session->connection_state.read_mac_secret.data, + session->connection_state.read_mac_secret.size, ver); if (ret < 0 && session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) @@ -464,10 +467,10 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, (session->security_parameters.read_bulk_cipher_algorithm)) { case CIPHER_STREAM: - if ((ret = _gnutls_cipher_decrypt (&session->connection_state. - read_cipher_state, - ciphertext.data, - ciphertext.size)) < 0) + if ((ret = + _gnutls_cipher_decrypt (&session-> + connection_state.read_cipher_state, + ciphertext.data, ciphertext.size)) < 0) { gnutls_assert (); return ret; @@ -483,10 +486,10 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, return GNUTLS_E_DECRYPTION_FAILED; } - if ((ret = _gnutls_cipher_decrypt (&session->connection_state. - read_cipher_state, - ciphertext.data, - ciphertext.size)) < 0) + if ((ret = + _gnutls_cipher_decrypt (&session-> + connection_state.read_cipher_state, + ciphertext.data, ciphertext.size)) < 0) { gnutls_assert (); return ret; @@ -508,7 +511,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */ - if ((int)pad > (int)ciphertext.size - hash_size) + if ((int) pad > (int) ciphertext.size - hash_size) { gnutls_assert (); _gnutls_record_log @@ -547,8 +550,8 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, if (session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) { _gnutls_hmac (&td, - UINT64DATA (session->connection_state. - read_sequence_number), 8); + UINT64DATA (session-> + connection_state.read_sequence_number), 8); _gnutls_hmac (&td, &type, 1); if (ver >= GNUTLS_TLS1) diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c index 5ed60fa5b2..badb074c2b 100644 --- a/lib/gnutls_cipher_int.c +++ b/lib/gnutls_cipher_int.c @@ -36,96 +36,112 @@ } int -_gnutls_cipher_init (cipher_hd_st* handle, gnutls_cipher_algorithm_t cipher, +_gnutls_cipher_init (cipher_hd_st * handle, gnutls_cipher_algorithm_t cipher, const gnutls_datum_t * key, const gnutls_datum_t * iv) { int ret = GNUTLS_E_INTERNAL_ERROR; - gnutls_crypto_single_cipher_st * cc = NULL; + gnutls_crypto_single_cipher_st *cc = NULL; /* check if a cipher has been registered */ - cc = _gnutls_get_crypto_cipher( cipher); - if (cc != NULL) { - handle->registered = 1; - handle->hd.rh.cc = cc; - SR(cc->init(&handle->hd.rh.ctx), cc_cleanup); - SR(cc->setkey( handle->hd.rh.ctx, key->data, key->size), cc_cleanup); - if (iv->data && iv->size && cc->setiv) - SR(cc->setiv( handle->hd.rh.ctx, iv->data, iv->size), cc_cleanup); - return 0; - } + cc = _gnutls_get_crypto_cipher (cipher); + if (cc != NULL) + { + handle->registered = 1; + handle->hd.rh.cc = cc; + SR (cc->init (&handle->hd.rh.ctx), cc_cleanup); + SR (cc->setkey (handle->hd.rh.ctx, key->data, key->size), cc_cleanup); + if (iv->data && iv->size && cc->setiv) + SR (cc->setiv (handle->hd.rh.ctx, iv->data, iv->size), cc_cleanup); + return 0; + } handle->registered = 0; - + /* otherwise use generic cipher interface */ - ret = _gnutls_cipher_ops.init( cipher, &handle->hd.gc); - if (ret < 0) { - gnutls_assert(); - return ret; - } + ret = _gnutls_cipher_ops.init (cipher, &handle->hd.gc); + if (ret < 0) + { + gnutls_assert (); + return ret; + } ret = _gnutls_cipher_ops.setkey (handle->hd.gc, key->data, key->size); - if (ret < 0) { - _gnutls_cipher_ops.deinit( handle->hd.gc); - gnutls_assert(); - return ret; - } + if (ret < 0) + { + _gnutls_cipher_ops.deinit (handle->hd.gc); + gnutls_assert (); + return ret; + } if (iv->data != NULL && iv->size > 0) _gnutls_cipher_ops.setiv (handle->hd.gc, iv->data, iv->size); - + return 0; cc_cleanup: if (handle->hd.rh.cc) - cc->deinit(handle->hd.rh.ctx); - + cc->deinit (handle->hd.rh.ctx); + return ret; } int -_gnutls_cipher_encrypt (const cipher_hd_st* handle, void *text, int textlen) +_gnutls_cipher_encrypt (const cipher_hd_st * handle, void *text, int textlen) { if (handle != NULL) { - if (handle->registered) { - if (handle->hd.rh.ctx == NULL) return 0; - return handle->hd.rh.cc->encrypt( handle->hd.rh.ctx, text, textlen, text, textlen); - } - - if (handle->hd.gc == NULL) return 0; - return _gnutls_cipher_ops.encrypt( handle->hd.gc, text, textlen, text, textlen); + if (handle->registered) + { + if (handle->hd.rh.ctx == NULL) + return 0; + return handle->hd.rh.cc->encrypt (handle->hd.rh.ctx, text, textlen, + text, textlen); + } + + if (handle->hd.gc == NULL) + return 0; + return _gnutls_cipher_ops.encrypt (handle->hd.gc, text, textlen, text, + textlen); } return 0; } int -_gnutls_cipher_decrypt (const cipher_hd_st *handle, void *ciphertext, +_gnutls_cipher_decrypt (const cipher_hd_st * handle, void *ciphertext, int ciphertextlen) { if (handle != NULL) { - if (handle->registered) { - if (handle->hd.rh.ctx == NULL) return 0; - return handle->hd.rh.cc->decrypt( handle->hd.rh.ctx, ciphertext, ciphertextlen, ciphertext, ciphertextlen); - } + if (handle->registered) + { + if (handle->hd.rh.ctx == NULL) + return 0; + return handle->hd.rh.cc->decrypt (handle->hd.rh.ctx, ciphertext, + ciphertextlen, ciphertext, + ciphertextlen); + } - if (handle->hd.gc == NULL) return 0; - return _gnutls_cipher_ops.decrypt (handle->hd.gc, ciphertext, ciphertextlen, ciphertext, ciphertextlen); + if (handle->hd.gc == NULL) + return 0; + return _gnutls_cipher_ops.decrypt (handle->hd.gc, ciphertext, + ciphertextlen, ciphertext, + ciphertextlen); } return 0; } void -_gnutls_cipher_deinit (cipher_hd_st* handle) +_gnutls_cipher_deinit (cipher_hd_st * handle) { if (handle != NULL) { - if (handle->registered && handle->hd.rh.ctx != NULL) { - return handle->hd.rh.cc->deinit( handle->hd.rh.ctx); - } + if (handle->registered && handle->hd.rh.ctx != NULL) + { + return handle->hd.rh.cc->deinit (handle->hd.rh.ctx); + } _gnutls_cipher_ops.deinit (handle->hd.gc); } } diff --git a/lib/gnutls_compress.c b/lib/gnutls_compress.c index 843afd7f85..d8958c4d89 100644 --- a/lib/gnutls_compress.c +++ b/lib/gnutls_compress.c @@ -36,7 +36,7 @@ int _gnutls_m_plaintext2compressed (gnutls_session_t session, gnutls_datum_t * compressed, - const gnutls_datum_t* plaintext) + const gnutls_datum_t * plaintext) { int size; opaque *data; @@ -59,15 +59,15 @@ _gnutls_m_plaintext2compressed (gnutls_session_t session, int _gnutls_m_compressed2plaintext (gnutls_session_t session, gnutls_datum_t * plain, - const gnutls_datum_t* compressed) + const gnutls_datum_t * compressed) { int size; opaque *data; size = - _gnutls_decompress (session->connection_state. - read_compression_state, compressed->data, - compressed->size, &data, MAX_RECORD_RECV_SIZE); + _gnutls_decompress (session->connection_state.read_compression_state, + compressed->data, compressed->size, &data, + MAX_RECORD_RECV_SIZE); if (size < 0) { gnutls_assert (); diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index b929483ae2..e5d894c3a0 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -99,12 +99,9 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */ ret = - _gnutls_ssl3_generate_random (session-> - security_parameters. - master_secret, - TLS_MASTER_SIZE, rnd, - 2 * TLS_RANDOM_SIZE, - block_size, key_block); + _gnutls_ssl3_generate_random + (session->security_parameters.master_secret, TLS_MASTER_SIZE, rnd, + 2 * TLS_RANDOM_SIZE, block_size, key_block); } else { /* TLS 1.0 */ @@ -506,37 +503,34 @@ _gnutls_read_connection_state_init (gnutls_session_t session) { rc = _gnutls_set_read_cipher (session, _gnutls_cipher_suite_get_cipher_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_read_mac (session, _gnutls_cipher_suite_get_mac_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_kx (session, _gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_read_compression (session, - session->internals. - compression_method); + session-> + internals.compression_method); if (rc < 0) return rc; } else { /* RESUME_TRUE */ - _gnutls_cpy_read_security_parameters (&session-> - security_parameters, - &session-> - internals. - resumed_security_parameters); + _gnutls_cpy_read_security_parameters (&session->security_parameters, + &session->internals.resumed_security_parameters); } @@ -545,9 +539,9 @@ _gnutls_read_connection_state_init (gnutls_session_t session) return rc; _gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", - session, _gnutls_cipher_suite_get_name (&session-> - security_parameters. - current_cipher_suite)); + session, + _gnutls_cipher_suite_get_name + (&session->security_parameters.current_cipher_suite)); if (_gnutls_compression_is_ok (session->security_parameters.read_compression_algorithm) != 0) @@ -575,8 +569,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) mac_size = - _gnutls_hash_get_algo_len (session->security_parameters. - read_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.read_mac_algorithm); _gnutls_handshake_log ("HSK[%x]: Initializing internal [read] cipher sessions\n", session); @@ -587,11 +581,13 @@ _gnutls_read_connection_state_init (gnutls_session_t session) /* initialize cipher session */ rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, - session->security_parameters.read_bulk_cipher_algorithm, - &session->cipher_specs.client_write_key, - &session->cipher_specs.client_write_IV); - if (rc < 0 && session->security_parameters. - read_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) + session->security_parameters. + read_bulk_cipher_algorithm, + &session->cipher_specs.client_write_key, + &session->cipher_specs.client_write_IV); + if (rc < 0 + && session->security_parameters.read_bulk_cipher_algorithm != + GNUTLS_CIPHER_NULL) { gnutls_assert (); return rc; @@ -602,12 +598,12 @@ _gnutls_read_connection_state_init (gnutls_session_t session) */ if (mac_size > 0) { - if (_gnutls_sset_datum (&session->connection_state. - read_mac_secret, - session->cipher_specs. - client_write_mac_secret.data, - session->cipher_specs. - client_write_mac_secret.size) < 0) + if (_gnutls_sset_datum (&session->connection_state.read_mac_secret, + session-> + cipher_specs.client_write_mac_secret.data, + session-> + cipher_specs.client_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -618,13 +614,15 @@ _gnutls_read_connection_state_init (gnutls_session_t session) break; case GNUTLS_CLIENT: - rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, - session->security_parameters.read_bulk_cipher_algorithm, - &session->cipher_specs.server_write_key, - &session->cipher_specs.server_write_IV); - - if (rc < 0 && session->security_parameters. - read_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) + rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, + session->security_parameters. + read_bulk_cipher_algorithm, + &session->cipher_specs.server_write_key, + &session->cipher_specs.server_write_IV); + + if (rc < 0 + && session->security_parameters.read_bulk_cipher_algorithm != + GNUTLS_CIPHER_NULL) { gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; @@ -635,12 +633,12 @@ _gnutls_read_connection_state_init (gnutls_session_t session) */ if (mac_size > 0) { - if (_gnutls_sset_datum (&session->connection_state. - read_mac_secret, - session->cipher_specs. - server_write_mac_secret.data, - session->cipher_specs. - server_write_mac_secret.size) < 0) + if (_gnutls_sset_datum (&session->connection_state.read_mac_secret, + session-> + cipher_specs.server_write_mac_secret.data, + session-> + cipher_specs.server_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -655,8 +653,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) } session->connection_state.read_compression_state = - _gnutls_comp_init (session->security_parameters. - read_compression_algorithm, 1); + _gnutls_comp_init (session-> + security_parameters.read_compression_algorithm, 1); if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED) { @@ -687,37 +685,34 @@ _gnutls_write_connection_state_init (gnutls_session_t session) { rc = _gnutls_set_write_cipher (session, _gnutls_cipher_suite_get_cipher_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_write_mac (session, _gnutls_cipher_suite_get_mac_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_kx (session, _gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (rc < 0) return rc; rc = _gnutls_set_write_compression (session, - session->internals. - compression_method); + session-> + internals.compression_method); if (rc < 0) return rc; } else { /* RESUME_TRUE */ - _gnutls_cpy_write_security_parameters (&session-> - security_parameters, - &session-> - internals. - resumed_security_parameters); + _gnutls_cpy_write_security_parameters (&session->security_parameters, + &session->internals.resumed_security_parameters); } rc = _gnutls_set_write_keys (session); @@ -725,9 +720,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) return rc; _gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session, - _gnutls_cipher_suite_get_name (&session-> - security_parameters. - current_cipher_suite)); + _gnutls_cipher_suite_get_name + (&session->security_parameters.current_cipher_suite)); if (_gnutls_compression_is_ok (session->security_parameters.write_compression_algorithm) != 0) @@ -753,12 +747,12 @@ _gnutls_write_connection_state_init (gnutls_session_t session) _gnutls_cipher_deinit (&session->connection_state.write_cipher_state); if (session->connection_state.write_compression_state != NULL) - _gnutls_comp_deinit (session->connection_state. - write_compression_state, 0); + _gnutls_comp_deinit (session->connection_state.write_compression_state, + 0); mac_size = - _gnutls_hash_get_algo_len (session->security_parameters. - write_mac_algorithm); + _gnutls_hash_get_algo_len (session-> + security_parameters.write_mac_algorithm); _gnutls_handshake_log ("HSK[%x]: Initializing internal [write] cipher sessions\n", session); @@ -768,16 +762,15 @@ _gnutls_write_connection_state_init (gnutls_session_t session) case GNUTLS_SERVER: /* initialize cipher session */ - rc = _gnutls_cipher_init ( - &session->connection_state.write_cipher_state, - session->security_parameters. - write_bulk_cipher_algorithm, - &session->cipher_specs. - server_write_key, - &session->cipher_specs.server_write_IV); - - if (rc < 0 && session->security_parameters. - write_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) + rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, + session-> + security_parameters.write_bulk_cipher_algorithm, + &session->cipher_specs.server_write_key, + &session->cipher_specs.server_write_IV); + + if (rc < 0 + && session->security_parameters.write_bulk_cipher_algorithm != + GNUTLS_CIPHER_NULL) { gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; @@ -789,12 +782,12 @@ _gnutls_write_connection_state_init (gnutls_session_t session) */ if (mac_size > 0) { - if (_gnutls_sset_datum (&session->connection_state. - write_mac_secret, - session->cipher_specs. - server_write_mac_secret.data, - session->cipher_specs. - server_write_mac_secret.size) < 0) + if (_gnutls_sset_datum (&session->connection_state.write_mac_secret, + session-> + cipher_specs.server_write_mac_secret.data, + session-> + cipher_specs.server_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -806,15 +799,15 @@ _gnutls_write_connection_state_init (gnutls_session_t session) break; case GNUTLS_CLIENT: - rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, - session->security_parameters. - write_bulk_cipher_algorithm, - &session->cipher_specs. - client_write_key, - &session->cipher_specs.client_write_IV); - - if (rc < 0 && session->security_parameters. - write_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) + rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, + session-> + security_parameters.write_bulk_cipher_algorithm, + &session->cipher_specs.client_write_key, + &session->cipher_specs.client_write_IV); + + if (rc < 0 + && session->security_parameters.write_bulk_cipher_algorithm != + GNUTLS_CIPHER_NULL) { gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; @@ -824,12 +817,12 @@ _gnutls_write_connection_state_init (gnutls_session_t session) */ if (mac_size > 0) { - if (_gnutls_sset_datum (&session->connection_state. - write_mac_secret, - session->cipher_specs. - client_write_mac_secret.data, - session->cipher_specs. - client_write_mac_secret.size) < 0) + if (_gnutls_sset_datum (&session->connection_state.write_mac_secret, + session-> + cipher_specs.client_write_mac_secret.data, + session-> + cipher_specs.client_write_mac_secret.size) < + 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -845,8 +838,8 @@ _gnutls_write_connection_state_init (gnutls_session_t session) session->connection_state.write_compression_state = - _gnutls_comp_init (session->security_parameters. - write_compression_algorithm, 0); + _gnutls_comp_init (session-> + security_parameters.write_compression_algorithm, 0); if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED) { diff --git a/lib/gnutls_db.c b/lib/gnutls_db.c index df891df70d..66e214150a 100644 --- a/lib/gnutls_db.c +++ b/lib/gnutls_db.c @@ -159,8 +159,8 @@ gnutls_db_check_entry (gnutls_session_t session, gnutls_datum_t session_entry) if (timestamp - ((security_parameters_st *) (session_entry.data))->timestamp <= session->internals.expire_time - || ((security_parameters_st *) (session_entry.data))-> - timestamp > timestamp + || ((security_parameters_st *) (session_entry.data))->timestamp > + timestamp || ((security_parameters_st *) (session_entry.data))->timestamp == 0) return GNUTLS_E_EXPIRED; diff --git a/lib/gnutls_dh.c b/lib/gnutls_dh.c index 1ceb8f203f..46069eeb45 100644 --- a/lib/gnutls_dh.c +++ b/lib/gnutls_dh.c @@ -61,10 +61,10 @@ gnutls_calc_dh_secret (bigint_t * ret_x, bigint_t g, bigint_t prime) return NULL; } - x = _gnutls_mpi_randomize( NULL, x_size, GNUTLS_RND_RANDOM); + x = _gnutls_mpi_randomize (NULL, x_size, GNUTLS_RND_RANDOM); if (x == NULL) { - gnutls_assert(); + gnutls_assert (); return NULL; } diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c index 5ad7ce1b91..524e48245d 100644 --- a/lib/gnutls_dh_primes.c +++ b/lib/gnutls_dh_primes.c @@ -190,7 +190,7 @@ gnutls_dh_params_generate2 (gnutls_dh_params_t params, unsigned int bits) gnutls_assert (); return ret; } - + params->params[0] = group.g; params->params[1] = group.p; @@ -475,7 +475,7 @@ gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params, *params_data_size = result - 1; if (params_data) - memcpy (params_data, out, result); + memcpy (params_data, out, result); gnutls_free (out); @@ -512,15 +512,15 @@ gnutls_dh_params_export_raw (gnutls_dh_params_t params, ret = _gnutls_mpi_dprint (params->params[1], generator); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } ret = _gnutls_mpi_dprint (params->params[0], prime); if (ret < 0) { - gnutls_assert(); - _gnutls_free_datum(generator); + gnutls_assert (); + _gnutls_free_datum (generator); return ret; } diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index 456e31d718..683fbcba2c 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -68,11 +68,13 @@ static const gnutls_error_entry error_algorithms[] = { GNUTLS_E_LARGE_PACKET, 1), ERROR_ENTRY (N_("A record packet with illegal version was received."), GNUTLS_E_UNSUPPORTED_VERSION_PACKET, 1), - ERROR_ENTRY (N_("The Diffie Hellman prime sent by the server is not acceptable (not long enough)."), - GNUTLS_E_DH_PRIME_UNACCEPTABLE, 1), + ERROR_ENTRY (N_ + ("The Diffie Hellman prime sent by the server is not acceptable (not long enough)."), + GNUTLS_E_DH_PRIME_UNACCEPTABLE, 1), ERROR_ENTRY (N_("A TLS packet with unexpected length was received."), GNUTLS_E_UNEXPECTED_PACKET_LENGTH, 1), - ERROR_ENTRY (N_("The specified session has been invalidated for some reason."), + ERROR_ENTRY (N_ + ("The specified session has been invalidated for some reason."), GNUTLS_E_INVALID_SESSION, 1), ERROR_ENTRY (N_("GnuTLS internal error."), GNUTLS_E_INTERNAL_ERROR, 1), @@ -84,8 +86,9 @@ static const gnutls_error_entry error_algorithms[] = { GNUTLS_E_UNEXPECTED_PACKET, 1), ERROR_ENTRY (N_("A TLS warning alert has been received."), GNUTLS_E_WARNING_ALERT_RECEIVED, 0), - ERROR_ENTRY (N_("An error was encountered at the TLS Finished packet calculation."), - GNUTLS_E_ERROR_IN_FINISHED_PACKET, 1), + ERROR_ENTRY (N_ + ("An error was encountered at the TLS Finished packet calculation."), + GNUTLS_E_ERROR_IN_FINISHED_PACKET, 1), ERROR_ENTRY (N_("The peer did not send any certificate."), GNUTLS_E_NO_CERTIFICATE_FOUND, 1), @@ -130,7 +133,8 @@ static const gnutls_error_entry error_algorithms[] = { ERROR_ENTRY (N_("Hashing has failed."), GNUTLS_E_HASH_FAILED, 1), ERROR_ENTRY (N_("Base64 decoding error."), GNUTLS_E_BASE64_DECODING_ERROR, 1), - ERROR_ENTRY (N_("Base64 unexpected header error."), GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR, + ERROR_ENTRY (N_("Base64 unexpected header error."), + GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR, 1), ERROR_ENTRY (N_("Base64 encoding error."), GNUTLS_E_BASE64_ENCODING_ERROR, 1), @@ -140,8 +144,9 @@ static const gnutls_error_entry error_algorithms[] = { GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE, 0), ERROR_ENTRY (N_("Error in the pull function."), GNUTLS_E_PULL_ERROR, 1), ERROR_ENTRY (N_("Error in the push function."), GNUTLS_E_PUSH_ERROR, 1), - ERROR_ENTRY (N_("The upper limit of record packet sequence numbers has been reached. Wow!"), - GNUTLS_E_RECORD_LIMIT_REACHED, 1), + ERROR_ENTRY (N_ + ("The upper limit of record packet sequence numbers has been reached. Wow!"), + GNUTLS_E_RECORD_LIMIT_REACHED, 1), ERROR_ENTRY (N_("Error in the certificate."), GNUTLS_E_CERTIFICATE_ERROR, 1), ERROR_ENTRY (N_("Unknown Subject Alternative name in X.509 certificate."), @@ -155,8 +160,9 @@ static const gnutls_error_entry error_algorithms[] = { ERROR_ENTRY (N_("Function was interrupted."), GNUTLS_E_INTERRUPTED, 0), ERROR_ENTRY (N_("Rehandshake was requested by the peer."), GNUTLS_E_REHANDSHAKE, 0), - ERROR_ENTRY (N_("TLS Application data were received, while expecting handshake data."), - GNUTLS_E_GOT_APPLICATION_DATA, 1), + ERROR_ENTRY (N_ + ("TLS Application data were received, while expecting handshake data."), + GNUTLS_E_GOT_APPLICATION_DATA, 1), ERROR_ENTRY (N_("Error in Database backend."), GNUTLS_E_DB_ERROR, 1), ERROR_ENTRY (N_("The certificate type is not supported."), GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE, 1), @@ -193,8 +199,9 @@ static const gnutls_error_entry error_algorithms[] = { GNUTLS_E_TOO_MANY_EMPTY_PACKETS, 1), ERROR_ENTRY (N_("The initialization of GnuTLS-extra has failed."), GNUTLS_E_INIT_LIBEXTRA, 1), - ERROR_ENTRY (N_("The GnuTLS library version does not match the GnuTLS-extra library version."), - GNUTLS_E_LIBRARY_VERSION_MISMATCH, 1), + ERROR_ENTRY (N_ + ("The GnuTLS library version does not match the GnuTLS-extra library version."), + GNUTLS_E_LIBRARY_VERSION_MISMATCH, 1), ERROR_ENTRY (N_("The gcrypt library version is too old."), GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY, 1), diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c index 6a934ce977..fd43f7d4e0 100644 --- a/lib/gnutls_extensions.c +++ b/lib/gnutls_extensions.c @@ -48,31 +48,31 @@ const int _gnutls_extensions_size = MAX_EXT_SIZE; gnutls_extension_entry _gnutls_extensions[MAX_EXT_SIZE] = { GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_MAX_RECORD_SIZE, - EXTENSION_TLS, + EXTENSION_TLS, _gnutls_max_record_recv_params, _gnutls_max_record_send_params), GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_CERT_TYPE, - EXTENSION_TLS, + EXTENSION_TLS, _gnutls_cert_type_recv_params, _gnutls_cert_type_send_params), GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_SERVER_NAME, - EXTENSION_APPLICATION, + EXTENSION_APPLICATION, _gnutls_server_name_recv_params, _gnutls_server_name_send_params), #ifdef ENABLE_OPRFI GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_OPAQUE_PRF_INPUT, - EXTENSION_TLS, + EXTENSION_TLS, _gnutls_oprfi_recv_params, _gnutls_oprfi_send_params), #endif #ifdef ENABLE_SRP GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_SRP, - EXTENSION_TLS, + EXTENSION_TLS, _gnutls_srp_recv_params, _gnutls_srp_send_params), #endif GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_INNER_APPLICATION, - EXTENSION_TLS, + EXTENSION_TLS, _gnutls_inner_application_recv_params, _gnutls_inner_application_send_params), {NULL, 0, 0, NULL, NULL} @@ -92,7 +92,10 @@ ext_recv_func _gnutls_ext_func_recv (uint16_t type, tls_ext_parse_type_t parse_type) { ext_recv_func ret = NULL; - GNUTLS_EXTENSION_LOOP (if (parse_type == EXTENSION_ANY || p->parse_type == parse_type) ret = p->gnutls_ext_func_recv); + GNUTLS_EXTENSION_LOOP (if + (parse_type == EXTENSION_ANY + || p->parse_type == parse_type) ret = + p->gnutls_ext_func_recv); return ret; } @@ -138,8 +141,9 @@ _gnutls_extension_list_check (gnutls_session_t session, uint16_t type) } int -_gnutls_parse_extensions (gnutls_session_t session, tls_ext_parse_type_t parse_type, - const opaque * data, int data_size) +_gnutls_parse_extensions (gnutls_session_t session, + tls_ext_parse_type_t parse_type, + const opaque * data, int data_size) { int next, ret; int pos = 0; @@ -156,9 +160,8 @@ _gnutls_parse_extensions (gnutls_session_t session, tls_ext_parse_type_t parse_t { _gnutls_debug_log ("EXT[%d]: expecting extension '%s'\n", session, - _gnutls_extension_get_name (session-> - internals. - extensions_sent[i])); + _gnutls_extension_get_name + (session->internals.extensions_sent[i])); } #endif @@ -175,7 +178,7 @@ _gnutls_parse_extensions (gnutls_session_t session, tls_ext_parse_type_t parse_t pos += 2; _gnutls_debug_log ("EXT[%x]: Received extension '%s/%d'\n", session, - _gnutls_extension_get_name (type),type); + _gnutls_extension_get_name (type), type); if ((ret = _gnutls_extension_list_check (session, type)) < 0) { @@ -219,8 +222,9 @@ _gnutls_extension_list_add (gnutls_session_t session, uint16_t type) { if (session->internals.extensions_sent_size < MAX_EXT_TYPES) { - session->internals.extensions_sent[session->internals. - extensions_sent_size] = type; + session->internals.extensions_sent[session-> + internals.extensions_sent_size] = + type; session->internals.extensions_sent_size++; } else diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c index d1afe66edd..17d5ab6a72 100644 --- a/lib/gnutls_global.c +++ b/lib/gnutls_global.c @@ -296,10 +296,10 @@ gnutls_global_init (void) } /* Initialize the random generator */ - result = _gnutls_rnd_init(); + result = _gnutls_rnd_init (); if (result < 0) { - gnutls_assert(); + gnutls_assert (); goto out; } @@ -325,10 +325,10 @@ gnutls_global_deinit (void) #if HAVE_WINSOCK WSACleanup (); #endif - _gnutls_rnd_deinit(); + _gnutls_rnd_deinit (); asn1_delete_structure (&_gnutls_gnutls_asn); asn1_delete_structure (&_gnutls_pkix1_asn); - _gnutls_crypto_deregister(); + _gnutls_crypto_deregister (); } _gnutls_init--; } diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 34b56809b4..3375fe445f 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -85,21 +85,18 @@ static void resume_copy_required_values (gnutls_session_t session) { /* get the new random values */ - memcpy (session->internals.resumed_security_parameters. - server_random, + memcpy (session->internals.resumed_security_parameters.server_random, session->security_parameters.server_random, TLS_RANDOM_SIZE); - memcpy (session->internals.resumed_security_parameters. - client_random, + memcpy (session->internals.resumed_security_parameters.client_random, session->security_parameters.client_random, TLS_RANDOM_SIZE); /* keep the ciphersuite and compression * That is because the client must see these in our * hello message. */ - memcpy (session->security_parameters.current_cipher_suite. - suite, - session->internals.resumed_security_parameters. - current_cipher_suite.suite, 2); + memcpy (session->security_parameters.current_cipher_suite.suite, + session->internals.resumed_security_parameters.current_cipher_suite. + suite, 2); session->internals.compression_method = session->internals.resumed_security_parameters.read_compression_algorithm; @@ -111,15 +108,15 @@ resume_copy_required_values (gnutls_session_t session) session->internals.resumed_security_parameters.entity; _gnutls_set_current_version (session, - session->internals. - resumed_security_parameters.version); + session->internals.resumed_security_parameters. + version); session->security_parameters.cert_type = session->internals.resumed_security_parameters.cert_type; memcpy (session->security_parameters.session_id, - session->internals.resumed_security_parameters. - session_id, sizeof (session->security_parameters.session_id)); + session->internals.resumed_security_parameters.session_id, + sizeof (session->security_parameters.session_id)); session->security_parameters.session_id_size = session->internals.resumed_security_parameters.session_id_size; } @@ -150,14 +147,16 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) const char *mesg; int rc; - rc = _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle_md5); + rc = + _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle_md5); if (rc < 0) { gnutls_assert (); return rc; } - rc = _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); + rc = + _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); if (rc < 0) { gnutls_assert (); @@ -178,11 +177,13 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) _gnutls_hash (&td_sha, mesg, siz); _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret, - session->security_parameters. - master_secret, TLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + TLS_MASTER_SIZE); _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16], - session->security_parameters. - master_secret, TLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + TLS_MASTER_SIZE); return 0; } @@ -206,7 +207,9 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) if (ver < GNUTLS_TLS1_2) { - rc = _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle_md5); + rc = + _gnutls_hash_copy (&td_md5, + &session->internals.handshake_mac_handle_md5); if (rc < 0) { gnutls_assert (); @@ -214,7 +217,8 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) } } - rc = _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); + rc = + _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); if (rc < 0) { gnutls_assert (); @@ -277,9 +281,11 @@ _gnutls_tls_create_random (opaque * dst) /* returns the 0 on success or a negative value. */ -int _gnutls_negotiate_version( gnutls_session_t session, gnutls_protocol_t adv_version) +int +_gnutls_negotiate_version (gnutls_session_t session, + gnutls_protocol_t adv_version) { -int ret; + int ret; /* if we do not support that version */ if (_gnutls_version_is_supported (session, adv_version) == 0) @@ -302,30 +308,33 @@ int ret; } _gnutls_set_current_version (session, ret); - + return ret; } -int _gnutls_user_hello_func( gnutls_session session, gnutls_protocol_t adv_version) +int +_gnutls_user_hello_func (gnutls_session session, + gnutls_protocol_t adv_version) { -int ret; + int ret; - if (session->internals.user_hello_func != NULL) + if (session->internals.user_hello_func != NULL) { - ret = session->internals.user_hello_func( session); - if (ret < 0) - { - gnutls_assert(); - return ret; - } + ret = session->internals.user_hello_func (session); + if (ret < 0) + { + gnutls_assert (); + return ret; + } /* Here we need to renegotiate the version since the callee might * have disabled some TLS versions. */ - ret = _gnutls_negotiate_version( session, adv_version); - if (ret < 0) { - gnutls_assert(); - return ret; - } + ret = _gnutls_negotiate_version (session, adv_version); + if (ret < 0) + { + gnutls_assert (); + return ret; + } } return 0; } @@ -360,10 +369,10 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, set_adv_version (session, data[pos], data[pos + 1]); pos += 2; - neg_version = _gnutls_negotiate_version( session, adv_version); + neg_version = _gnutls_negotiate_version (session, adv_version); if (neg_version < 0) { - gnutls_assert(); + gnutls_assert (); return neg_version; } @@ -389,7 +398,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } DECR_LEN (len, session_id_len); - + ret = _gnutls_server_restore_session (session, &data[pos], session_id_len); pos += session_id_len; @@ -397,14 +406,13 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, { /* resumed! */ resume_copy_required_values (session); session->internals.resumed = RESUME_TRUE; - return _gnutls_user_hello_func( session, adv_version); + return _gnutls_user_hello_func (session, adv_version); } else { - _gnutls_generate_session_id (session->security_parameters. - session_id, - &session->security_parameters. - session_id_size); + _gnutls_generate_session_id (session->security_parameters.session_id, + &session-> + security_parameters.session_id_size); session->internals.resumed = RESUME_FALSE; } @@ -422,7 +430,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, /* Point to the compression methods */ DECR_LEN (len, 1); - comp_size = data[pos++]; /* z is the number of compression methods */ + comp_size = data[pos++]; /* z is the number of compression methods */ DECR_LEN (len, comp_size); comp_ptr = &data[pos]; @@ -440,13 +448,13 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, } } - ret = _gnutls_user_hello_func( session, adv_version); - if (ret < 0) + ret = _gnutls_user_hello_func (session, adv_version); + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } - + if (neg_version >= GNUTLS_TLS1) { ret = _gnutls_parse_extensions (session, EXTENSION_TLS, &data[pos], len); /* len is the rest of the parsed length */ @@ -608,8 +616,8 @@ _gnutls_recv_finished (gnutls_session_t session) { ret = _gnutls_ssl3_finished (session, - (session->security_parameters. - entity + 1) % 2, data); + (session->security_parameters.entity + 1) % 2, + data); } else { /* TLS 1.0 */ @@ -748,8 +756,8 @@ _gnutls_server_select_suite (gnutls_session_t session, opaque * data, _gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session, _gnutls_cipher_suite_get_name (&cs)); - memcpy (session->security_parameters.current_cipher_suite. - suite, ciphers[i].suite, 2); + memcpy (session->security_parameters.current_cipher_suite.suite, + ciphers[i].suite, 2); retval = 0; goto finish; } @@ -769,8 +777,8 @@ finish: */ if (_gnutls_get_kx_cred (session, - _gnutls_cipher_suite_get_kx_algo (&session->security_parameters. - current_cipher_suite), + _gnutls_cipher_suite_get_kx_algo (&session-> + security_parameters.current_cipher_suite), &err) == NULL && err != 0) { gnutls_assert (); @@ -784,8 +792,8 @@ finish: */ session->internals.auth_struct = _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (session->internals.auth_struct == NULL) { @@ -834,8 +842,8 @@ _gnutls_server_select_comp_method (gnutls_session_t session, _gnutls_handshake_log ("HSK[%x]: Selected Compression Method: %s\n", session, - gnutls_compression_get_name (session->internals. - compression_method)); + gnutls_compression_get_name (session-> + internals.compression_method)); return 0; @@ -997,8 +1005,8 @@ _gnutls_recv_handshake_header (gnutls_session_t session, if (session->internals.handshake_header_buffer.header_size == handshake_header_size || (session->internals.v2_hello != 0 && type == GNUTLS_HANDSHAKE_CLIENT_HELLO - && session->internals. - handshake_header_buffer.packet_length > 0)) + && session->internals.handshake_header_buffer. + packet_length > 0)) { *recv_type = session->internals.handshake_header_buffer.recv_type; @@ -1048,13 +1056,12 @@ _gnutls_recv_handshake_header (gnutls_session_t session, ret = _gnutls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE, type, - &dataptr[session-> - internals. - handshake_header_buffer. - header_size], + &dataptr + [session->internals.handshake_header_buffer.header_size], HANDSHAKE_HEADER_SIZE - - session->internals. - handshake_header_buffer.header_size); + session-> + internals.handshake_header_buffer. + header_size); if (ret <= 0) { gnutls_assert (); @@ -1236,11 +1243,12 @@ _gnutls_recv_handshake (gnutls_session_t session, uint8_t ** data, ret = _gnutls_handshake_hash_add_recvd (session, recv_type, - session->internals. - handshake_header_buffer.header, - session->internals. - handshake_header_buffer. - header_size, dataptr, length32); + session-> + internals.handshake_header_buffer. + header, + session-> + internals.handshake_header_buffer.header_size, + dataptr, length32); if (ret < 0) { gnutls_assert (); @@ -1330,19 +1338,18 @@ _gnutls_client_set_ciphersuite (gnutls_session_t session, opaque suite[2]) memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2); _gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session, - _gnutls_cipher_suite_get_name (&session-> - security_parameters. - current_cipher_suite)); + _gnutls_cipher_suite_get_name + (&session->security_parameters.current_cipher_suite)); /* check if the credentials (username, public key etc.) are ok. * Actually checks if they exist. */ if (_gnutls_get_kx_cred - (session, _gnutls_cipher_suite_get_kx_algo (&session-> - security_parameters. - current_cipher_suite), - &err) == NULL && err != 0) + (session, + _gnutls_cipher_suite_get_kx_algo + (&session->security_parameters.current_cipher_suite), &err) == NULL + && err != 0) { gnutls_assert (); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; @@ -1355,8 +1362,8 @@ _gnutls_client_set_ciphersuite (gnutls_session_t session, opaque suite[2]) */ session->internals.auth_struct = _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (session->internals.auth_struct == NULL) { @@ -1433,15 +1440,13 @@ _gnutls_client_check_if_resuming (gnutls_session_t session, session->internals.resumed_security_parameters.session_id_size == session_id_len && memcmp (session_id, - session->internals.resumed_security_parameters. - session_id, session_id_len) == 0) + session->internals.resumed_security_parameters.session_id, + session_id_len) == 0) { /* resume session */ - memcpy (session->internals. - resumed_security_parameters.server_random, + memcpy (session->internals.resumed_security_parameters.server_random, session->security_parameters.server_random, TLS_RANDOM_SIZE); - memcpy (session->internals. - resumed_security_parameters.client_random, + memcpy (session->internals.resumed_security_parameters.client_random, session->security_parameters.client_random, TLS_RANDOM_SIZE); session->internals.resumed = RESUME_TRUE; /* we are resuming */ @@ -1958,8 +1963,8 @@ _gnutls_send_server_hello (gnutls_session_t session, int again) pos += 2; comp = - (uint8_t) _gnutls_compression_get_num (session-> - internals.compression_method); + (uint8_t) _gnutls_compression_get_num (session->internals. + compression_method); data[pos++] = comp; @@ -2122,7 +2127,8 @@ _gnutls_handshake_hash_init (gnutls_session_t session) if (session->internals.handshake_mac_handle_init == 0) { int ret = - _gnutls_hash_init (&session->internals.handshake_mac_handle_md5, GNUTLS_MAC_MD5); + _gnutls_hash_init (&session->internals.handshake_mac_handle_md5, + GNUTLS_MAC_MD5); if (ret < 0) { @@ -2130,13 +2136,15 @@ _gnutls_handshake_hash_init (gnutls_session_t session) return ret; } - ret = _gnutls_hash_init(&session->internals.handshake_mac_handle_sha, GNUTLS_MAC_SHA1); + ret = + _gnutls_hash_init (&session->internals.handshake_mac_handle_sha, + GNUTLS_MAC_SHA1); if (ret < 0) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } - + session->internals.handshake_mac_handle_init = 1; } @@ -2303,13 +2311,11 @@ _gnutls_handshake_client (gnutls_session_t session) if (session->internals.resumed_security_parameters.session_id_size > 0) _gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session, - _gnutls_bin2hex (session->internals. - resumed_security_parameters. - session_id, - session->internals. - resumed_security_parameters. - session_id_size, buf, - sizeof (buf))); + _gnutls_bin2hex (session-> + internals.resumed_security_parameters.session_id, + session-> + internals.resumed_security_parameters.session_id_size, + buf, sizeof (buf))); #endif switch (STATE) @@ -2873,7 +2879,8 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, if (ret < 0) { gnutls_assert (); - _gnutls_x509_log("Could not find an appropriate certificate: %s\n", gnutls_strerror(ret)); + _gnutls_x509_log ("Could not find an appropriate certificate: %s\n", + gnutls_strerror (ret)); cert_cred = NULL; } } @@ -2922,9 +2929,9 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, } /* These two SRP kx's are marked to require a CRD_CERTIFICATE, - (see cred_mappings in gnutls_algorithms.c), but it also - requires a SRP credential. Don't use SRP kx unless we have a - SRP credential too. */ + (see cred_mappings in gnutls_algorithms.c), but it also + requires a SRP credential. Don't use SRP kx unless we have a + SRP credential too. */ if (kx == GNUTLS_KX_SRP_RSA || kx == GNUTLS_KX_SRP_DSS) { if (!_gnutls_get_cred (session->key, GNUTLS_CRD_SRP, NULL)) diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c index 5620bcafb1..3e217f874e 100644 --- a/lib/gnutls_hash_int.c +++ b/lib/gnutls_hash_int.c @@ -30,55 +30,59 @@ #include <gnutls_hash_int.h> #include <gnutls_errors.h> -static int digest_length(gnutls_digest_algorithm_t algo) +static int +digest_length (gnutls_digest_algorithm_t algo) { - switch (algo) { - case GNUTLS_DIG_NULL: - return 0; - case GNUTLS_DIG_MD5: - case GNUTLS_DIG_MD2: - return 16; - case GNUTLS_DIG_SHA1: - case GNUTLS_DIG_RMD160: - return 20; - case GNUTLS_DIG_SHA256: - return 32; - case GNUTLS_DIG_SHA384: - return 48; - case GNUTLS_DIG_SHA512: - return 64; - case GNUTLS_DIG_SHA224: - return 28; - default: - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; + switch (algo) + { + case GNUTLS_DIG_NULL: + return 0; + case GNUTLS_DIG_MD5: + case GNUTLS_DIG_MD2: + return 16; + case GNUTLS_DIG_SHA1: + case GNUTLS_DIG_RMD160: + return 20; + case GNUTLS_DIG_SHA256: + return 32; + case GNUTLS_DIG_SHA384: + return 48; + case GNUTLS_DIG_SHA512: + return 64; + case GNUTLS_DIG_SHA224: + return 28; + default: + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; } } int -_gnutls_hash_init (digest_hd_st* dig, gnutls_digest_algorithm_t algorithm) +_gnutls_hash_init (digest_hd_st * dig, gnutls_digest_algorithm_t algorithm) { int result; - gnutls_crypto_single_digest_st * cc = NULL; + gnutls_crypto_single_digest_st *cc = NULL; dig->algorithm = algorithm; /* check if a digest has been registered */ - cc = _gnutls_get_crypto_digest( algorithm); - if (cc != NULL) { - dig->registered = 1; - dig->hd.rh.cc = cc; - if (cc->init(& dig->hd.rh.ctx) < 0) { - gnutls_assert(); - return GNUTLS_E_HASH_FAILED; + cc = _gnutls_get_crypto_digest (algorithm); + if (cc != NULL) + { + dig->registered = 1; + dig->hd.rh.cc = cc; + if (cc->init (&dig->hd.rh.ctx) < 0) + { + gnutls_assert (); + return GNUTLS_E_HASH_FAILED; + } + return 0; } - return 0; - } - dig->registered = 0; + dig->registered = 0; - result = _gnutls_digest_ops.init( algorithm, &dig->hd.gc); + result = _gnutls_digest_ops.init (algorithm, &dig->hd.gc); if (result < 0) { gnutls_assert (); @@ -93,22 +97,25 @@ _gnutls_hash_init (digest_hd_st* dig, gnutls_digest_algorithm_t algorithm) int _gnutls_hash_get_algo_len (gnutls_digest_algorithm_t algorithm) { - return digest_length(algorithm); + return digest_length (algorithm); } int -_gnutls_hash (const digest_hd_st* handle, const void *text, size_t textlen) +_gnutls_hash (const digest_hd_st * handle, const void *text, size_t textlen) { - if (textlen > 0) { - if (handle->registered) { - return handle->hd.rh.cc->hash( handle->hd.rh.ctx, text, textlen); + if (textlen > 0) + { + if (handle->registered) + { + return handle->hd.rh.cc->hash (handle->hd.rh.ctx, text, textlen); + } + return _gnutls_digest_ops.hash (handle->hd.gc, text, textlen); } - return _gnutls_digest_ops.hash (handle->hd.gc, text, textlen); - } return 0; } -int _gnutls_hash_copy (digest_hd_st* dst, digest_hd_st* src) +int +_gnutls_hash_copy (digest_hd_st * dst, digest_hd_st * src) { int result; @@ -117,14 +124,15 @@ int _gnutls_hash_copy (digest_hd_st* dst, digest_hd_st* src) dst->keysize = 0; dst->registered = src->registered; - if (src->registered) { - return src->hd.rh.cc->copy( &dst->hd.rh.ctx, src->hd.rh.ctx); - } + if (src->registered) + { + return src->hd.rh.cc->copy (&dst->hd.rh.ctx, src->hd.rh.ctx); + } - result = _gnutls_digest_ops.copy ( &dst->hd.gc, src->hd.gc); + result = _gnutls_digest_ops.copy (&dst->hd.gc, src->hd.gc); if (result < 0) { - gnutls_assert(); + gnutls_assert (); return result; } @@ -134,62 +142,63 @@ int _gnutls_hash_copy (digest_hd_st* dst, digest_hd_st* src) /* when the current output is needed without calling deinit */ void -_gnutls_hash_output (digest_hd_st* handle, void *digest) +_gnutls_hash_output (digest_hd_st * handle, void *digest) { int maclen; maclen = _gnutls_hash_get_algo_len (handle->algorithm); - if (handle->registered && handle->hd.rh.ctx != NULL) + if (handle->registered && handle->hd.rh.ctx != NULL) { if (digest != NULL) - handle->hd.rh.cc->output( handle->hd.rh.ctx, digest, maclen); + handle->hd.rh.cc->output (handle->hd.rh.ctx, digest, maclen); return; } if (digest != NULL) { - _gnutls_digest_ops.output( handle->hd.gc, digest, maclen); + _gnutls_digest_ops.output (handle->hd.gc, digest, maclen); } } void -_gnutls_hash_deinit (digest_hd_st* handle, void *digest) +_gnutls_hash_deinit (digest_hd_st * handle, void *digest) { - _gnutls_hash_output( handle, digest); + _gnutls_hash_output (handle, digest); - if (handle->registered && handle->hd.rh.ctx != NULL) + if (handle->registered && handle->hd.rh.ctx != NULL) { - handle->hd.rh.cc->deinit( handle->hd.rh.ctx); + handle->hd.rh.cc->deinit (handle->hd.rh.ctx); return; } - _gnutls_digest_ops.deinit( handle->hd.gc); + _gnutls_digest_ops.deinit (handle->hd.gc); } -int _gnutls_hash_fast( gnutls_digest_algorithm_t algorithm, - const void* text, size_t textlen, void* digest) +int +_gnutls_hash_fast (gnutls_digest_algorithm_t algorithm, + const void *text, size_t textlen, void *digest) { -digest_hd_st dig; -int ret; - - ret = _gnutls_hash_init( &dig, algorithm); - if (ret < 0) - { - gnutls_assert(); - return ret; - } - - ret = _gnutls_hash( &dig, text, textlen); - if (ret < 0) - { - gnutls_assert(); - _gnutls_hash_deinit( &dig, NULL); - return ret; - } - - _gnutls_hash_deinit( &dig, digest); - return 0; + digest_hd_st dig; + int ret; + + ret = _gnutls_hash_init (&dig, algorithm); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + + ret = _gnutls_hash (&dig, text, textlen); + if (ret < 0) + { + gnutls_assert (); + _gnutls_hash_deinit (&dig, NULL); + return ret; + } + + _gnutls_hash_deinit (&dig, digest); + return 0; } @@ -198,39 +207,41 @@ int ret; int _gnutls_hmac_get_algo_len (gnutls_mac_algorithm_t algorithm) { - return digest_length(algorithm); + return digest_length (algorithm); } -int _gnutls_hmac_fast( gnutls_mac_algorithm_t algorithm, const void* key, int keylen, - const void* text, size_t textlen, void* digest) +int +_gnutls_hmac_fast (gnutls_mac_algorithm_t algorithm, const void *key, + int keylen, const void *text, size_t textlen, void *digest) { -digest_hd_st dig; -int ret; - - ret = _gnutls_hmac_init( &dig, algorithm, key, keylen); - if (ret < 0) - { - gnutls_assert(); - return ret; - } - - ret = _gnutls_hmac( &dig, text, textlen); - if (ret < 0) - { - gnutls_assert(); - _gnutls_hmac_deinit( &dig, NULL); - return ret; - } - - _gnutls_hmac_deinit( &dig, digest); - return 0; + digest_hd_st dig; + int ret; + + ret = _gnutls_hmac_init (&dig, algorithm, key, keylen); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + + ret = _gnutls_hmac (&dig, text, textlen); + if (ret < 0) + { + gnutls_assert (); + _gnutls_hmac_deinit (&dig, NULL); + return ret; + } + + _gnutls_hmac_deinit (&dig, digest); + return 0; } -int _gnutls_hmac_init (digest_hd_st *dig, gnutls_mac_algorithm_t algorithm, +int +_gnutls_hmac_init (digest_hd_st * dig, gnutls_mac_algorithm_t algorithm, const void *key, int keylen) { int result; - gnutls_crypto_single_mac_st * cc = NULL; + gnutls_crypto_single_mac_st *cc = NULL; dig->algorithm = algorithm; dig->key = key; @@ -238,31 +249,34 @@ int _gnutls_hmac_init (digest_hd_st *dig, gnutls_mac_algorithm_t algorithm, /* check if a digest has been registered */ - cc = _gnutls_get_crypto_mac( algorithm); - if (cc != NULL) { - dig->registered = 1; + cc = _gnutls_get_crypto_mac (algorithm); + if (cc != NULL) + { + dig->registered = 1; - dig->hd.rh.cc = cc; - if (cc->init(&dig->hd.rh.ctx) < 0) { - gnutls_assert(); - return GNUTLS_E_HASH_FAILED; - } + dig->hd.rh.cc = cc; + if (cc->init (&dig->hd.rh.ctx) < 0) + { + gnutls_assert (); + return GNUTLS_E_HASH_FAILED; + } - if (cc->setkey( dig->hd.rh.ctx, key, keylen) < 0) { - gnutls_assert(); - cc->deinit(dig->hd.rh.ctx); - return GNUTLS_E_HASH_FAILED; - } + if (cc->setkey (dig->hd.rh.ctx, key, keylen) < 0) + { + gnutls_assert (); + cc->deinit (dig->hd.rh.ctx); + return GNUTLS_E_HASH_FAILED; + } - return 0; - } + return 0; + } - dig->registered = 0; + dig->registered = 0; result = _gnutls_mac_ops.init (algorithm, &dig->hd.gc); if (result < 0) - { - gnutls_assert(); + { + gnutls_assert (); return result; } @@ -272,49 +286,51 @@ int _gnutls_hmac_init (digest_hd_st *dig, gnutls_mac_algorithm_t algorithm, } int -_gnutls_hmac (const digest_hd_st* handle, const void *text, size_t textlen) +_gnutls_hmac (const digest_hd_st * handle, const void *text, size_t textlen) { - if (textlen > 0) { - if (handle->registered) { - return handle->hd.rh.cc->hash( handle->hd.rh.ctx, text, textlen); + if (textlen > 0) + { + if (handle->registered) + { + return handle->hd.rh.cc->hash (handle->hd.rh.ctx, text, textlen); + } + return _gnutls_mac_ops.hash (handle->hd.gc, text, textlen); } - return _gnutls_mac_ops.hash (handle->hd.gc, text, textlen); - } return 0; } void -_gnutls_hmac_output (digest_hd_st* handle, void *digest) +_gnutls_hmac_output (digest_hd_st * handle, void *digest) { int maclen; maclen = _gnutls_hmac_get_algo_len (handle->algorithm); - if (handle->registered && handle->hd.rh.ctx != NULL) + if (handle->registered && handle->hd.rh.ctx != NULL) { if (digest != NULL) - handle->hd.rh.cc->output( handle->hd.rh.ctx, digest, maclen); + handle->hd.rh.cc->output (handle->hd.rh.ctx, digest, maclen); return; } if (digest != NULL) { - _gnutls_mac_ops.output( handle->hd.gc, digest, maclen); + _gnutls_mac_ops.output (handle->hd.gc, digest, maclen); } } void -_gnutls_hmac_deinit (digest_hd_st* handle, void *digest) +_gnutls_hmac_deinit (digest_hd_st * handle, void *digest) { - _gnutls_hmac_output( handle, digest); + _gnutls_hmac_output (handle, digest); - if (handle->registered && handle->hd.rh.ctx != NULL) + if (handle->registered && handle->hd.rh.ctx != NULL) { - handle->hd.rh.cc->deinit( handle->hd.rh.ctx); + handle->hd.rh.cc->deinit (handle->hd.rh.ctx); return; } - _gnutls_mac_ops.deinit( handle->hd.gc); + _gnutls_mac_ops.deinit (handle->hd.gc); } inline static int @@ -335,8 +351,9 @@ get_padsize (gnutls_mac_algorithm_t algorithm) /* Special functions for SSL3 MAC */ -int _gnutls_mac_init_ssl3 (digest_hd_st* ret, gnutls_mac_algorithm_t algorithm, void *key, - int keylen) +int +_gnutls_mac_init_ssl3 (digest_hd_st * ret, gnutls_mac_algorithm_t algorithm, + void *key, int keylen) { opaque ipad[48]; int padsize, result; @@ -353,22 +370,22 @@ int _gnutls_mac_init_ssl3 (digest_hd_st* ret, gnutls_mac_algorithm_t algorithm, result = _gnutls_hash_init (ret, algorithm); if (result < 0) { - gnutls_assert(); + gnutls_assert (); return result; } - ret->key = key; - ret->keysize = keylen; + ret->key = key; + ret->keysize = keylen; - if (keylen > 0) - _gnutls_hash (ret, key, keylen); - _gnutls_hash (ret, ipad, padsize); + if (keylen > 0) + _gnutls_hash (ret, key, keylen); + _gnutls_hash (ret, ipad, padsize); return 0; } void -_gnutls_mac_deinit_ssl3 (digest_hd_st* handle, void *digest) +_gnutls_mac_deinit_ssl3 (digest_hd_st * handle, void *digest) { opaque ret[MAX_HASH_SIZE]; digest_hd_st td; @@ -388,25 +405,25 @@ _gnutls_mac_deinit_ssl3 (digest_hd_st* handle, void *digest) rc = _gnutls_hash_init (&td, handle->algorithm); if (rc < 0) { - gnutls_assert(); + gnutls_assert (); return; } - if (handle->keysize > 0) - _gnutls_hash (&td, handle->key, handle->keysize); + if (handle->keysize > 0) + _gnutls_hash (&td, handle->key, handle->keysize); - _gnutls_hash (&td, opad, padsize); - block = _gnutls_hmac_get_algo_len (handle->algorithm); - _gnutls_hash_deinit (handle, ret); /* get the previous hash */ - _gnutls_hash (&td, ret, block); + _gnutls_hash (&td, opad, padsize); + block = _gnutls_hmac_get_algo_len (handle->algorithm); + _gnutls_hash_deinit (handle, ret); /* get the previous hash */ + _gnutls_hash (&td, ret, block); - _gnutls_hash_deinit (&td, digest); - - return; + _gnutls_hash_deinit (&td, digest); + + return; } void -_gnutls_mac_deinit_ssl3_handshake (digest_hd_st* handle, +_gnutls_mac_deinit_ssl3_handshake (digest_hd_st * handle, void *digest, opaque * key, uint32_t key_size) { @@ -430,26 +447,26 @@ _gnutls_mac_deinit_ssl3_handshake (digest_hd_st* handle, rc = _gnutls_hash_init (&td, handle->algorithm); if (rc < 0) { - gnutls_assert(); + gnutls_assert (); return; } - if (key_size > 0) - _gnutls_hash (&td, key, key_size); + if (key_size > 0) + _gnutls_hash (&td, key, key_size); - _gnutls_hash (&td, opad, padsize); - block = _gnutls_hmac_get_algo_len (handle->algorithm); + _gnutls_hash (&td, opad, padsize); + block = _gnutls_hmac_get_algo_len (handle->algorithm); - if (key_size > 0) - _gnutls_hash (handle, key, key_size); - _gnutls_hash (handle, ipad, padsize); - _gnutls_hash_deinit (handle, ret); /* get the previous hash */ + if (key_size > 0) + _gnutls_hash (handle, key, key_size); + _gnutls_hash (handle, ipad, padsize); + _gnutls_hash_deinit (handle, ret); /* get the previous hash */ - _gnutls_hash (&td, ret, block); + _gnutls_hash (&td, ret, block); - _gnutls_hash_deinit (&td, digest); + _gnutls_hash_deinit (&td, digest); - return; + return; } static int diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index 950366d52f..c37d751792 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -65,17 +65,20 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) _gnutls_bin2hex (PREMASTER.data, PREMASTER.size, buf, sizeof (buf))); _gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, - _gnutls_bin2hex (session->security_parameters. - client_random, 32, buf, sizeof (buf))); + _gnutls_bin2hex (session-> + security_parameters.client_random, 32, + buf, sizeof (buf))); _gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, - _gnutls_bin2hex (session->security_parameters. - server_random, 32, buf, sizeof (buf))); + _gnutls_bin2hex (session-> + security_parameters.server_random, 32, + buf, sizeof (buf))); if (gnutls_protocol_get_version (session) == GNUTLS_SSL3) { opaque rnd[2 * TLS_RANDOM_SIZE + 1]; - memcpy (rnd, session->security_parameters.client_random, TLS_RANDOM_SIZE); + memcpy (rnd, session->security_parameters.client_random, + TLS_RANDOM_SIZE); memcpy (&rnd[TLS_RANDOM_SIZE], session->security_parameters.server_random, TLS_RANDOM_SIZE); @@ -83,8 +86,8 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) _gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, rnd, 2 * TLS_RANDOM_SIZE, TLS_MASTER_SIZE, - session->security_parameters. - master_secret); + session-> + security_parameters.master_secret); } else if (session->security_parameters.extensions.oprfi_client_len > 0 && @@ -104,21 +107,25 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) } _gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", - session->security_parameters. - extensions.oprfi_server_len, - _gnutls_bin2hex (session->security_parameters. - extensions.oprfi_client, - session->security_parameters. - extensions.oprfi_client_len, - buf, sizeof (buf))); + session->security_parameters.extensions. + oprfi_server_len, + _gnutls_bin2hex (session-> + security_parameters.extensions. + oprfi_client, + session-> + security_parameters.extensions. + oprfi_client_len, buf, + sizeof (buf))); _gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", - session->security_parameters. - extensions.oprfi_server_len, - _gnutls_bin2hex (session->security_parameters. - extensions.oprfi_server, - session->security_parameters. - extensions.oprfi_server_len, - buf, sizeof (buf))); + session->security_parameters.extensions. + oprfi_server_len, + _gnutls_bin2hex (session-> + security_parameters.extensions. + oprfi_server, + session-> + security_parameters.extensions. + oprfi_server_len, buf, + sizeof (buf))); memcpy (rnd, session->security_parameters.client_random, TLS_RANDOM_SIZE); @@ -127,8 +134,7 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) session->security_parameters.extensions.oprfi_client_len); memcpy (rnd + TLS_RANDOM_SIZE + session->security_parameters.extensions.oprfi_client_len, - session->security_parameters.server_random, - TLS_RANDOM_SIZE); + session->security_parameters.server_random, TLS_RANDOM_SIZE); memcpy (rnd + TLS_RANDOM_SIZE + session->security_parameters.extensions.oprfi_client_len + TLS_RANDOM_SIZE, @@ -146,7 +152,8 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) { opaque rnd[2 * TLS_RANDOM_SIZE + 1]; - memcpy (rnd, session->security_parameters.client_random, TLS_RANDOM_SIZE); + memcpy (rnd, session->security_parameters.client_random, + TLS_RANDOM_SIZE); memcpy (&rnd[TLS_RANDOM_SIZE], session->security_parameters.server_random, TLS_RANDOM_SIZE); @@ -168,9 +175,9 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) return ret; _gnutls_hard_log ("INT: MASTER SECRET: %s\n", - _gnutls_bin2hex (session->security_parameters. - master_secret, TLS_MASTER_SIZE, buf, - sizeof (buf))); + _gnutls_bin2hex (session-> + security_parameters.master_secret, + TLS_MASTER_SIZE, buf, sizeof (buf))); return ret; } @@ -196,8 +203,8 @@ _gnutls_send_server_kx_message (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_server_kx (session, &data); + session->internals.auth_struct->gnutls_generate_server_kx (session, + &data); if (data_size == GNUTLS_E_INT_RET_0) { @@ -235,8 +242,8 @@ _gnutls_send_server_certificate_request (gnutls_session_t session, int again) int data_size = 0; int ret = 0; - if (session->internals.auth_struct-> - gnutls_generate_server_certificate_request == NULL) + if (session->internals. + auth_struct->gnutls_generate_server_certificate_request == NULL) return 0; if (session->internals.send_cert_req <= 0) @@ -248,8 +255,9 @@ _gnutls_send_server_certificate_request (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_server_certificate_request (session, &data); + session->internals. + auth_struct->gnutls_generate_server_certificate_request (session, + &data); if (data_size < 0) { @@ -291,8 +299,8 @@ _gnutls_send_client_kx_message (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_client_kx (session, &data); + session->internals.auth_struct->gnutls_generate_client_kx (session, + &data); if (data_size < 0) { gnutls_assert (); @@ -348,8 +356,8 @@ _gnutls_send_client_certificate_verify (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_client_cert_vrfy (session, &data); + session->internals. + auth_struct->gnutls_generate_client_cert_vrfy (session, &data); if (data_size < 0) { gnutls_assert (); @@ -404,8 +412,9 @@ _gnutls_recv_server_kx_message (gnutls_session_t session) } ret = - session->internals.auth_struct-> - gnutls_process_server_kx (session, data, datasize); + session->internals.auth_struct->gnutls_process_server_kx (session, + data, + datasize); gnutls_free (data); if (ret < 0) @@ -425,8 +434,8 @@ _gnutls_recv_server_certificate_request (gnutls_session_t session) int datasize; int ret = 0; - if (session->internals.auth_struct-> - gnutls_process_server_certificate_request != NULL) + if (session->internals. + auth_struct->gnutls_process_server_certificate_request != NULL) { ret = @@ -441,8 +450,9 @@ _gnutls_recv_server_certificate_request (gnutls_session_t session) return 0; /* ignored */ ret = - session->internals.auth_struct-> - gnutls_process_server_certificate_request (session, data, datasize); + session->internals. + auth_struct->gnutls_process_server_certificate_request (session, data, + datasize); gnutls_free (data); if (ret < 0) return ret; @@ -472,8 +482,9 @@ _gnutls_recv_client_kx_message (gnutls_session_t session) return ret; ret = - session->internals.auth_struct-> - gnutls_process_client_kx (session, data, datasize); + session->internals.auth_struct->gnutls_process_client_kx (session, + data, + datasize); gnutls_free (data); if (ret < 0) return ret; @@ -497,8 +508,8 @@ _gnutls_send_client_certificate (gnutls_session_t session, int again) if (session->key->certificate_requested == 0) return 0; - if (session->internals.auth_struct-> - gnutls_generate_client_certificate == NULL) + if (session->internals.auth_struct->gnutls_generate_client_certificate == + NULL) return 0; data = NULL; @@ -512,8 +523,8 @@ _gnutls_send_client_certificate (gnutls_session_t session, int again) /* TLS 1.0 or SSL 3.0 with a valid certificate */ data_size = - session->internals.auth_struct-> - gnutls_generate_client_certificate (session, &data); + session->internals. + auth_struct->gnutls_generate_client_certificate (session, &data); if (data_size < 0) { @@ -564,8 +575,8 @@ _gnutls_send_server_certificate (gnutls_session_t session, int again) int ret = 0; - if (session->internals.auth_struct-> - gnutls_generate_server_certificate == NULL) + if (session->internals.auth_struct->gnutls_generate_server_certificate == + NULL) return 0; data = NULL; @@ -574,8 +585,8 @@ _gnutls_send_server_certificate (gnutls_session_t session, int again) if (again == 0) { data_size = - session->internals.auth_struct-> - gnutls_generate_server_certificate (session, &data); + session->internals. + auth_struct->gnutls_generate_server_certificate (session, &data); if (data_size < 0) { @@ -606,8 +617,8 @@ _gnutls_recv_client_certificate (gnutls_session_t session) int ret = 0; int optional; - if (session->internals.auth_struct-> - gnutls_process_client_certificate != NULL) + if (session->internals.auth_struct->gnutls_process_client_certificate != + NULL) { /* if we have not requested a certificate then just return @@ -648,8 +659,8 @@ _gnutls_recv_client_certificate (gnutls_session_t session) /* certificate was required */ - if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED - || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) + if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED + || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) && optional == MANDATORY_PACKET) { gnutls_assert (); @@ -669,8 +680,9 @@ _gnutls_recv_client_certificate (gnutls_session_t session) return 0; } ret = - session->internals.auth_struct-> - gnutls_process_client_certificate (session, data, datasize); + session->internals. + auth_struct->gnutls_process_client_certificate (session, data, + datasize); gnutls_free (data); if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) @@ -698,8 +710,8 @@ _gnutls_recv_server_certificate (gnutls_session_t session) opaque *data; int ret = 0; - if (session->internals.auth_struct-> - gnutls_process_server_certificate != NULL) + if (session->internals.auth_struct->gnutls_process_server_certificate != + NULL) { ret = @@ -714,8 +726,9 @@ _gnutls_recv_server_certificate (gnutls_session_t session) } ret = - session->internals.auth_struct-> - gnutls_process_server_certificate (session, data, datasize); + session->internals. + auth_struct->gnutls_process_server_certificate (session, data, + datasize); gnutls_free (data); if (ret < 0) { @@ -765,8 +778,9 @@ _gnutls_recv_client_certificate_verify_message (gnutls_session_t session) } ret = - session->internals.auth_struct-> - gnutls_process_client_cert_vrfy (session, data, datasize); + session->internals. + auth_struct->gnutls_process_client_cert_vrfy (session, data, + datasize); gnutls_free (data); if (ret < 0) return ret; diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c index ef1248af67..d31437856b 100644 --- a/lib/gnutls_mpi.c +++ b/lib/gnutls_mpi.c @@ -39,55 +39,60 @@ #define clearbit(v,n) ((unsigned char)(v) & ~( (unsigned char)(1) << (unsigned)(n))) /* FIXME: test this function */ -bigint_t _gnutls_mpi_randomize( bigint_t r, unsigned int bits, gnutls_rnd_level_t level) +bigint_t +_gnutls_mpi_randomize (bigint_t r, unsigned int bits, + gnutls_rnd_level_t level) { -opaque * buf = NULL; -int size = 1+(bits/8), ret; -int rem, i; -bigint_t tmp; + opaque *buf = NULL; + int size = 1 + (bits / 8), ret; + int rem, i; + bigint_t tmp; - buf = gnutls_malloc( size); + buf = gnutls_malloc (size); if (buf == NULL) { - gnutls_assert(); + gnutls_assert (); return NULL; } - ret = _gnutls_rnd( level, buf, size); + ret = _gnutls_rnd (level, buf, size); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); goto cleanup; } - + /* mask the bits that weren't requested */ rem = bits % 8; - if (rem == 0) { - buf[0]=0; - } else { - for (i=8;i>=rem;i--) - buf[0]=clearbit(buf[0], i); - } + if (rem == 0) + { + buf[0] = 0; + } + else + { + for (i = 8; i >= rem; i--) + buf[0] = clearbit (buf[0], i); + } - ret = _gnutls_mpi_scan ( &tmp, buf, size); - if (ret < 0) + ret = _gnutls_mpi_scan (&tmp, buf, size); + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); goto cleanup; } - - if (r != NULL) + + if (r != NULL) { - _gnutls_mpi_set(r, tmp); - _gnutls_mpi_release( &tmp); + _gnutls_mpi_set (r, tmp); + _gnutls_mpi_release (&tmp); return r; } return tmp; - + cleanup: - gnutls_free(buf); + gnutls_free (buf); return NULL; } @@ -104,26 +109,27 @@ _gnutls_mpi_release (bigint_t * x) /* returns zero on success */ int -_gnutls_mpi_scan (bigint_t * ret_mpi, const void * buffer, size_t nbytes) +_gnutls_mpi_scan (bigint_t * ret_mpi, const void *buffer, size_t nbytes) { - *ret_mpi = _gnutls_mpi_ops.bigint_scan (buffer, nbytes, GNUTLS_MPI_FORMAT_USG); + *ret_mpi = + _gnutls_mpi_ops.bigint_scan (buffer, nbytes, GNUTLS_MPI_FORMAT_USG); if (*ret_mpi == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - + return 0; } /* returns zero on success. Fails if the number is zero. */ int -_gnutls_mpi_scan_nz (bigint_t *ret_mpi, const void * buffer, size_t nbytes) +_gnutls_mpi_scan_nz (bigint_t * ret_mpi, const void *buffer, size_t nbytes) { -int ret; + int ret; - ret = _gnutls_mpi_scan(ret_mpi, buffer, nbytes); + ret = _gnutls_mpi_scan (ret_mpi, buffer, nbytes); if (ret < 0) return ret; @@ -139,15 +145,16 @@ int ret; } int -_gnutls_mpi_scan_pgp (bigint_t *ret_mpi, const void * buffer, size_t nbytes) +_gnutls_mpi_scan_pgp (bigint_t * ret_mpi, const void *buffer, size_t nbytes) { - *ret_mpi = _gnutls_mpi_ops.bigint_scan (buffer, nbytes, GNUTLS_MPI_FORMAT_PGP); + *ret_mpi = + _gnutls_mpi_ops.bigint_scan (buffer, nbytes, GNUTLS_MPI_FORMAT_PGP); if (*ret_mpi == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - + return 0; } @@ -226,19 +233,22 @@ _gnutls_mpi_dprint_size (const bigint_t a, gnutls_datum_t * dest, size_t size) _gnutls_mpi_print (a, NULL, &bytes); if (bytes != 0) - buf = gnutls_malloc (MAX(size, bytes)); + buf = gnutls_malloc (MAX (size, bytes)); if (buf == NULL) return GNUTLS_E_MEMORY_ERROR; - dest->size = MAX(size, bytes); + dest->size = MAX (size, bytes); - if (bytes <= size) { + if (bytes <= size) + { size_t diff = size - bytes; - for (i=0;i<diff;i++) - buf[i] = 0; - ret = _gnutls_mpi_print(a, &buf[diff], &bytes); - } else { - ret = _gnutls_mpi_print(a, buf, &bytes); + for (i = 0; i < diff; i++) + buf[i] = 0; + ret = _gnutls_mpi_print (a, &buf[diff], &bytes); + } + else + { + ret = _gnutls_mpi_print (a, buf, &bytes); } if (ret < 0) @@ -248,7 +258,7 @@ _gnutls_mpi_dprint_size (const bigint_t a, gnutls_datum_t * dest, size_t size) } dest->data = buf; - dest->size = MAX(size, bytes); + dest->size = MAX (size, bytes); return 0; } @@ -301,7 +311,8 @@ _gnutls_x509_read_int (ASN1_TYPE node, const char *value, bigint_t * ret_mpi) /* Writes the specified integer into the specified node. */ int -_gnutls_x509_write_int (ASN1_TYPE node, const char *value, bigint_t mpi, int lz) +_gnutls_x509_write_int (ASN1_TYPE node, const char *value, bigint_t mpi, + int lz) { opaque *tmpstr; size_t s_len; diff --git a/lib/gnutls_openpgp.c b/lib/gnutls_openpgp.c index 1a57dc2e67..cf3adb0c7e 100644 --- a/lib/gnutls_openpgp.c +++ b/lib/gnutls_openpgp.c @@ -76,7 +76,8 @@ _gnutls_map_cdk_rc (int rc) -*/ int _gnutls_openpgp_raw_crt_to_gcert (gnutls_cert * gcert, - const gnutls_datum_t * raw, const gnutls_openpgp_keyid_t keyid) + const gnutls_datum_t * raw, + const gnutls_openpgp_keyid_t keyid) { gnutls_openpgp_crt_t pcrt; int ret; @@ -98,13 +99,13 @@ _gnutls_openpgp_raw_crt_to_gcert (gnutls_cert * gcert, if (keyid != NULL) { - ret = gnutls_openpgp_crt_set_preferred_key_id( pcrt, keyid); + ret = gnutls_openpgp_crt_set_preferred_key_id (pcrt, keyid); if (ret < 0) - { - gnutls_assert(); - gnutls_openpgp_crt_deinit (pcrt); - return ret; - } + { + gnutls_assert (); + gnutls_openpgp_crt_deinit (pcrt); + return ret; + } } ret = _gnutls_openpgp_crt_to_gcert (gcert, pcrt); @@ -133,11 +134,11 @@ gnutls_certificate_set_openpgp_key (gnutls_certificate_credentials_t gnutls_openpgp_privkey_t pkey) { int ret; - + /* this should be first */ res->pkey = gnutls_realloc_fast (res->pkey, - (res->ncerts + 1) * + (res->ncerts + 1) * sizeof (gnutls_privkey)); if (res->pkey == NULL) { @@ -227,13 +228,13 @@ gnutls_openpgp_get_key (gnutls_datum_t * key, if (by == KEY_ATTR_SHORT_KEYID) { - keyid[0] = _gnutls_read_uint32(pattern); + keyid[0] = _gnutls_read_uint32 (pattern); desc = keyid; } else if (by == KEY_ATTR_KEYID) { - keyid[0] = _gnutls_read_uint32(pattern); - keyid[1] = _gnutls_read_uint32(pattern + 4); + keyid[0] = _gnutls_read_uint32 (pattern); + keyid[1] = _gnutls_read_uint32 (pattern + 4); desc = keyid; } else @@ -241,8 +242,8 @@ gnutls_openpgp_get_key (gnutls_datum_t * key, rc = cdk_keydb_search_start (&st, keyring->db, by, desc); if (!rc) rc = cdk_keydb_search (st, keyring->db, &knode); - - cdk_keydb_search_release( st); + + cdk_keydb_search_release (st); if (rc) { @@ -255,7 +256,7 @@ gnutls_openpgp_get_key (gnutls_datum_t * key, rc = GNUTLS_E_OPENPGP_GETKEY_FAILED; goto leave; } - + /* We let the function allocate the buffer to avoid to call the function twice. */ rc = cdk_kbnode_write_to_mem_alloc (knode, &buf, &len); @@ -316,23 +317,25 @@ gnutls_certificate_set_openpgp_key_file (gnutls_certificate_credentials_t keyfile, NULL, format); } -static int get_keyid( gnutls_openpgp_keyid_t keyid, const char* str) +static int +get_keyid (gnutls_openpgp_keyid_t keyid, const char *str) { - size_t keyid_size = sizeof(keyid); + size_t keyid_size = sizeof (keyid); - if (strlen(str) != 16) - { - _gnutls_debug_log("The OpenPGP subkey ID has to be 16 hexadecimal characters.\n"); - return GNUTLS_E_INVALID_REQUEST; - } + if (strlen (str) != 16) + { + _gnutls_debug_log + ("The OpenPGP subkey ID has to be 16 hexadecimal characters.\n"); + return GNUTLS_E_INVALID_REQUEST; + } - if (_gnutls_hex2bin (str, strlen(str), keyid, &keyid_size) < 0) - { - _gnutls_debug_log("Error converting hex string: %s.\n", str); - return GNUTLS_E_INVALID_REQUEST; - } - - return 0; + if (_gnutls_hex2bin (str, strlen (str), keyid, &keyid_size) < 0) + { + _gnutls_debug_log ("Error converting hex string: %s.\n", str); + return GNUTLS_E_INVALID_REQUEST; + } + + return 0; } /** @@ -358,73 +361,77 @@ static int get_keyid( gnutls_openpgp_keyid_t keyid, const char* str) **/ int gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t - res, const gnutls_datum_t * icert, - const gnutls_datum_t * ikey, - const char* subkey_id, - gnutls_openpgp_crt_fmt_t format) + res, const gnutls_datum_t * icert, + const gnutls_datum_t * ikey, + const char *subkey_id, + gnutls_openpgp_crt_fmt_t format) { gnutls_openpgp_privkey_t key; gnutls_openpgp_crt_t cert; int ret; - ret = gnutls_openpgp_privkey_init( &key); - if (ret < 0) { - gnutls_assert(); - return ret; - } + ret = gnutls_openpgp_privkey_init (&key); + if (ret < 0) + { + gnutls_assert (); + return ret; + } - ret = gnutls_openpgp_privkey_import( key, ikey, format, NULL, 0); - if (ret < 0) { - gnutls_assert(); - gnutls_openpgp_privkey_deinit( key); - return ret; - } + ret = gnutls_openpgp_privkey_import (key, ikey, format, NULL, 0); + if (ret < 0) + { + gnutls_assert (); + gnutls_openpgp_privkey_deinit (key); + return ret; + } - ret = gnutls_openpgp_crt_init( &cert); - if (ret < 0) { - gnutls_assert(); - gnutls_openpgp_privkey_deinit( key); - return ret; - } + ret = gnutls_openpgp_crt_init (&cert); + if (ret < 0) + { + gnutls_assert (); + gnutls_openpgp_privkey_deinit (key); + return ret; + } - ret = gnutls_openpgp_crt_import( cert, icert, format); - if (ret < 0) { - gnutls_assert(); - gnutls_openpgp_privkey_deinit( key); - gnutls_openpgp_crt_deinit( cert); - return ret; - } + ret = gnutls_openpgp_crt_import (cert, icert, format); + if (ret < 0) + { + gnutls_assert (); + gnutls_openpgp_privkey_deinit (key); + gnutls_openpgp_crt_deinit (cert); + return ret; + } if (subkey_id != NULL) { gnutls_openpgp_keyid_t keyid; - - if (strcasecmp( subkey_id, "auto")==0) - ret = gnutls_openpgp_crt_get_auth_subkey( cert, keyid, 1); + + if (strcasecmp (subkey_id, "auto") == 0) + ret = gnutls_openpgp_crt_get_auth_subkey (cert, keyid, 1); else - ret = get_keyid( keyid, subkey_id); + ret = get_keyid (keyid, subkey_id); if (ret >= 0) - { - ret = gnutls_openpgp_crt_set_preferred_key_id( cert, keyid); - if (ret >= 0) - ret = gnutls_openpgp_privkey_set_preferred_key_id( key, keyid); - } + { + ret = gnutls_openpgp_crt_set_preferred_key_id (cert, keyid); + if (ret >= 0) + ret = gnutls_openpgp_privkey_set_preferred_key_id (key, keyid); + } if (ret < 0) - { - gnutls_assert(); - gnutls_openpgp_privkey_deinit( key); - gnutls_openpgp_crt_deinit( cert); - return ret; - } + { + gnutls_assert (); + gnutls_openpgp_privkey_deinit (key); + gnutls_openpgp_crt_deinit (cert); + return ret; + } } - ret = gnutls_certificate_set_openpgp_key( res, cert, key); + ret = gnutls_certificate_set_openpgp_key (res, cert, key); + + gnutls_openpgp_privkey_deinit (key); + gnutls_openpgp_crt_deinit (cert); - gnutls_openpgp_privkey_deinit( key); - gnutls_openpgp_crt_deinit( cert); - return ret; } @@ -450,10 +457,10 @@ gnutls_certificate_set_openpgp_key_mem2 (gnutls_certificate_credentials_t **/ int gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t - res, const char *certfile, - const char *keyfile, - const char* subkey_id, - gnutls_openpgp_crt_fmt_t format) + res, const char *certfile, + const char *keyfile, + const char *subkey_id, + gnutls_openpgp_crt_fmt_t format) { struct stat statbuf; gnutls_datum_t key, cert; @@ -473,7 +480,7 @@ gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t } cert.data = read_binary_file (certfile, &size); - cert.size = (unsigned int)size; + cert.size = (unsigned int) size; if (cert.data == NULL) { gnutls_assert (); @@ -481,7 +488,7 @@ gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t } key.data = read_binary_file (keyfile, &size); - key.size = (unsigned int)size; + key.size = (unsigned int) size; if (key.data == NULL) { gnutls_assert (); @@ -489,7 +496,9 @@ gnutls_certificate_set_openpgp_key_file2 (gnutls_certificate_credentials_t return GNUTLS_E_FILE_ERROR; } - rc = gnutls_certificate_set_openpgp_key_mem2 (res, &cert, &key, subkey_id, format); + rc = + gnutls_certificate_set_openpgp_key_mem2 (res, &cert, &key, subkey_id, + format); free (cert.data); free (key.data); @@ -516,14 +525,14 @@ gnutls_openpgp_count_key_names (const gnutls_datum_t * cert) gnutls_assert (); return 0; } - + if (cdk_kbnode_read_from_mem (&knode, cert->data, cert->size)) { gnutls_assert (); return 0; } - - ctx = NULL; + + ctx = NULL; for (nuids = 0;;) { p = cdk_kbnode_walk (knode, &ctx, 0); @@ -533,7 +542,7 @@ gnutls_openpgp_count_key_names (const gnutls_datum_t * cert) if (pkt->pkttype == CDK_PKT_USER_ID) nuids++; } - + cdk_kbnode_release (knode); return nuids; } @@ -553,8 +562,8 @@ gnutls_openpgp_count_key_names (const gnutls_datum_t * cert) * negative error value. **/ int -gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c, - const char *file, +gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t + c, const char *file, gnutls_openpgp_crt_fmt_t format) { gnutls_datum_t ring; @@ -568,17 +577,19 @@ gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c, } ring.data = read_binary_file (file, &size); - ring.size = (unsigned int)size; + ring.size = (unsigned int) size; if (ring.data == NULL) { gnutls_assert (); return GNUTLS_E_FILE_ERROR; } - rc = gnutls_certificate_set_openpgp_keyring_mem (c, ring.data, ring.size, format); - - free( ring.data); - + rc = + gnutls_certificate_set_openpgp_keyring_mem (c, ring.data, ring.size, + format); + + free (ring.data); + return rc; } @@ -599,33 +610,36 @@ gnutls_certificate_set_openpgp_keyring_file (gnutls_certificate_credentials_t c, int gnutls_certificate_set_openpgp_keyring_mem (gnutls_certificate_credentials_t c, const opaque * data, - size_t dlen, gnutls_openpgp_crt_fmt_t format) + size_t dlen, + gnutls_openpgp_crt_fmt_t format) { gnutls_datum ddata; int rc; - - ddata.data = (void*)data; + + ddata.data = (void *) data; ddata.size = dlen; - + if (!c || !data || !dlen) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - rc = gnutls_openpgp_keyring_init( &c->keyring); - if (rc < 0) { - gnutls_assert(); - return rc; - } - - rc = gnutls_openpgp_keyring_import( c->keyring, &ddata, format); - if ( rc < 0) { - gnutls_assert(); - gnutls_openpgp_keyring_deinit( c->keyring); - return rc; - } - + rc = gnutls_openpgp_keyring_init (&c->keyring); + if (rc < 0) + { + gnutls_assert (); + return rc; + } + + rc = gnutls_openpgp_keyring_import (c->keyring, &ddata, format); + if (rc < 0) + { + gnutls_assert (); + gnutls_openpgp_keyring_deinit (c->keyring); + return rc; + } + return 0; } @@ -654,11 +668,11 @@ _gnutls_openpgp_request_key (gnutls_session_t session, gnutls_datum_t * ret, } if (key_fpr_size != 16 && key_fpr_size != 20) - return GNUTLS_E_HASH_FAILED; /* only MD5 and SHA1 are supported */ + return GNUTLS_E_HASH_FAILED; /* only MD5 and SHA1 are supported */ rc = gnutls_openpgp_get_key (ret, cred->keyring, KEY_ATTR_FPR, key_fpr); - if (rc >= 0) /* key was found */ + if (rc >= 0) /* key was found */ { rc = 0; goto error; @@ -680,7 +694,7 @@ _gnutls_openpgp_request_key (gnutls_session_t session, gnutls_datum_t * ret, } } - error: +error: return rc; } @@ -711,8 +725,8 @@ _gnutls_openpgp_privkey_to_gkey (gnutls_privkey * dest, int ret = 0; gnutls_openpgp_keyid_t keyid; char err_buf[33]; - - if (dest==NULL || src == NULL) + + if (dest == NULL || src == NULL) { gnutls_assert (); return GNUTLS_E_CERTIFICATE_ERROR; @@ -720,44 +734,52 @@ _gnutls_openpgp_privkey_to_gkey (gnutls_privkey * dest, dest->params_size = MAX_PRIV_PARAMS_SIZE; - ret = gnutls_openpgp_privkey_get_preferred_key_id( src, keyid); + ret = gnutls_openpgp_privkey_get_preferred_key_id (src, keyid); - if (ret == 0) + if (ret == 0) { int idx; uint32_t kid32[2]; - _gnutls_debug_log("Importing Openpgp key and using openpgp sub key: %s\n", - _gnutls_bin2hex( keyid, sizeof(keyid), err_buf, sizeof(err_buf))); + _gnutls_debug_log + ("Importing Openpgp key and using openpgp sub key: %s\n", + _gnutls_bin2hex (keyid, sizeof (keyid), err_buf, sizeof (err_buf))); + + KEYID_IMPORT (kid32, keyid); - KEYID_IMPORT(kid32, keyid); - - idx = gnutls_openpgp_privkey_get_subkey_idx( src, keyid); + idx = gnutls_openpgp_privkey_get_subkey_idx (src, keyid); if (idx < 0) - { - gnutls_assert(); - return idx; - } - - dest->pk_algorithm = gnutls_openpgp_privkey_get_subkey_pk_algorithm( src, idx, NULL); - - ret = _gnutls_openpgp_privkey_get_mpis( src, kid32, dest->params, &dest->params_size); + { + gnutls_assert (); + return idx; + } + + dest->pk_algorithm = + gnutls_openpgp_privkey_get_subkey_pk_algorithm (src, idx, NULL); + + ret = + _gnutls_openpgp_privkey_get_mpis (src, kid32, dest->params, + &dest->params_size); } else { - _gnutls_debug_log("Importing Openpgp key and using main openpgp key.\n"); + _gnutls_debug_log + ("Importing Openpgp key and using main openpgp key.\n"); - dest->pk_algorithm = gnutls_openpgp_privkey_get_pk_algorithm( src, NULL); - ret = _gnutls_openpgp_privkey_get_mpis( src, NULL, dest->params, &dest->params_size); + dest->pk_algorithm = + gnutls_openpgp_privkey_get_pk_algorithm (src, NULL); + ret = + _gnutls_openpgp_privkey_get_mpis (src, NULL, dest->params, + &dest->params_size); } - + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } - + return 0; } @@ -773,100 +795,109 @@ _gnutls_openpgp_crt_to_gcert (gnutls_cert * gcert, gnutls_openpgp_crt_t cert) memset (gcert, 0, sizeof (gnutls_cert)); gcert->cert_type = GNUTLS_CRT_OPENPGP; - gcert->version = gnutls_openpgp_crt_get_version( cert); + gcert->version = gnutls_openpgp_crt_get_version (cert); gcert->params_size = MAX_PUBLIC_PARAMS_SIZE; - - ret = gnutls_openpgp_crt_get_preferred_key_id( cert, keyid); - + + ret = gnutls_openpgp_crt_get_preferred_key_id (cert, keyid); + if (ret == 0) { int idx; uint32_t kid32[2]; - _gnutls_debug_log("Importing Openpgp cert and using openpgp sub key: %s\n", - _gnutls_bin2hex( keyid, sizeof(keyid), err_buf, sizeof(err_buf))); - - KEYID_IMPORT(kid32, keyid); + _gnutls_debug_log + ("Importing Openpgp cert and using openpgp sub key: %s\n", + _gnutls_bin2hex (keyid, sizeof (keyid), err_buf, sizeof (err_buf))); + + KEYID_IMPORT (kid32, keyid); - idx = gnutls_openpgp_crt_get_subkey_idx( cert, keyid); + idx = gnutls_openpgp_crt_get_subkey_idx (cert, keyid); if (idx < 0) - { - gnutls_assert(); - return idx; - } - - gcert->subject_pk_algorithm = gnutls_openpgp_crt_get_subkey_pk_algorithm( cert, idx, NULL); - - gnutls_openpgp_crt_get_subkey_usage( cert, idx, &gcert->key_usage); + { + gnutls_assert (); + return idx; + } + + gcert->subject_pk_algorithm = + gnutls_openpgp_crt_get_subkey_pk_algorithm (cert, idx, NULL); + + gnutls_openpgp_crt_get_subkey_usage (cert, idx, &gcert->key_usage); gcert->use_subkey = 1; - memcpy(gcert->subkey_id, keyid, sizeof(keyid)); + memcpy (gcert->subkey_id, keyid, sizeof (keyid)); - ret = _gnutls_openpgp_crt_get_mpis( cert, kid32, gcert->params, &gcert->params_size); + ret = + _gnutls_openpgp_crt_get_mpis (cert, kid32, gcert->params, + &gcert->params_size); } else { - _gnutls_debug_log("Importing Openpgp cert and using main openpgp key\n"); - gcert->subject_pk_algorithm = gnutls_openpgp_crt_get_pk_algorithm( cert, NULL); - - gnutls_openpgp_crt_get_key_usage( cert, &gcert->key_usage); - ret = _gnutls_openpgp_crt_get_mpis( cert, NULL, gcert->params, &gcert->params_size); + _gnutls_debug_log + ("Importing Openpgp cert and using main openpgp key\n"); + gcert->subject_pk_algorithm = + gnutls_openpgp_crt_get_pk_algorithm (cert, NULL); + + gnutls_openpgp_crt_get_key_usage (cert, &gcert->key_usage); + ret = + _gnutls_openpgp_crt_get_mpis (cert, NULL, gcert->params, + &gcert->params_size); gcert->use_subkey = 0; } - + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } - { /* copy the raw certificate */ + { /* copy the raw certificate */ #define SMALL_RAW 512 - opaque *raw; - size_t raw_size = SMALL_RAW; - - /* initially allocate a bogus size, just in case the certificate - * fits in it. That way we minimize the DER encodings performed. - */ - raw = gnutls_malloc (raw_size); - if (raw == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + opaque *raw; + size_t raw_size = SMALL_RAW; + + /* initially allocate a bogus size, just in case the certificate + * fits in it. That way we minimize the DER encodings performed. + */ + raw = gnutls_malloc (raw_size); + if (raw == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } - ret = - gnutls_openpgp_crt_export (cert, GNUTLS_OPENPGP_FMT_RAW, raw, &raw_size); - if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) - { - gnutls_assert (); - gnutls_free (raw); - return ret; - } + ret = + gnutls_openpgp_crt_export (cert, GNUTLS_OPENPGP_FMT_RAW, raw, + &raw_size); + if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) + { + gnutls_assert (); + gnutls_free (raw); + return ret; + } - if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) - { - raw = gnutls_realloc (raw, raw_size); - if (raw == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = - gnutls_openpgp_crt_export (cert, GNUTLS_OPENPGP_FMT_RAW, raw, - &raw_size); - if (ret < 0) - { - gnutls_assert (); - gnutls_free (raw); - return ret; - } - } + if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) + { + raw = gnutls_realloc (raw, raw_size); + if (raw == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + + ret = + gnutls_openpgp_crt_export (cert, GNUTLS_OPENPGP_FMT_RAW, raw, + &raw_size); + if (ret < 0) + { + gnutls_assert (); + gnutls_free (raw); + return ret; + } + } - gcert->raw.data = raw; - gcert->raw.size = raw_size; - } + gcert->raw.data = raw; + gcert->raw.size = raw_size; + } return 0; @@ -903,12 +934,12 @@ gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } - result = gnutls_openpgp_privkey_get_preferred_key_id( key, keyid); + result = gnutls_openpgp_privkey_get_preferred_key_id (key, keyid); if (result == 0) { uint32_t kid[2]; - KEYID_IMPORT( kid, keyid); + KEYID_IMPORT (kid, keyid); result = _gnutls_openpgp_privkey_get_mpis (key, kid, params, ¶ms_size); } @@ -926,11 +957,10 @@ gnutls_openpgp_privkey_sign_hash (gnutls_openpgp_privkey_t key, pk_algorithm = gnutls_openpgp_privkey_get_pk_algorithm (key, NULL); - result = _gnutls_sign (pk_algorithm, params, - params_size, hash, signature); + result = _gnutls_sign (pk_algorithm, params, params_size, hash, signature); - for (i=0;i<params_size;i++) - _gnutls_mpi_release( ¶ms[i]); + for (i = 0; i < params_size; i++) + _gnutls_mpi_release (¶ms[i]); if (result < 0) { diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index 8794207382..b97bc4d02c 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -97,7 +97,7 @@ _gnutls_pkcs1_rsa_encrypt (gnutls_datum_t * ciphertext, } ret = _gnutls_rnd (RND_RANDOM, ps, psize); - if ( ret < 0) + if (ret < 0) { gnutls_assert (); gnutls_free (edata); @@ -141,9 +141,11 @@ _gnutls_pkcs1_rsa_encrypt (gnutls_datum_t * ciphertext, to_encrypt.size = k; if (btype == 2) /* encrypt */ - ret = _gnutls_pk_encrypt (GNUTLS_PK_RSA, &encrypted, &to_encrypt, &pk_params); + ret = + _gnutls_pk_encrypt (GNUTLS_PK_RSA, &encrypted, &to_encrypt, &pk_params); else /* sign */ - ret = _gnutls_pk_sign (GNUTLS_PK_RSA, &encrypted, &to_encrypt, &pk_params); + ret = + _gnutls_pk_sign (GNUTLS_PK_RSA, &encrypted, &to_encrypt, &pk_params); gnutls_free (edata); @@ -185,7 +187,7 @@ _gnutls_pkcs1_rsa_encrypt (gnutls_datum_t * ciphertext, return GNUTLS_E_MEMORY_ERROR; } - memcpy( &ciphertext->data[pad], encrypted.data, encrypted.size); + memcpy (&ciphertext->data[pad], encrypted.data, encrypted.size); for (i = 0; i < pad; i++) ciphertext->data[i] = 0; @@ -233,11 +235,13 @@ _gnutls_pkcs1_rsa_decrypt (gnutls_datum_t * plaintext, */ if (btype == 2) { - ret = _gnutls_pk_decrypt (GNUTLS_PK_RSA, plaintext, ciphertext, &pk_params); + ret = + _gnutls_pk_decrypt (GNUTLS_PK_RSA, plaintext, ciphertext, &pk_params); } else { - ret = _gnutls_pk_encrypt (GNUTLS_PK_RSA, plaintext, ciphertext, &pk_params); + ret = + _gnutls_pk_encrypt (GNUTLS_PK_RSA, plaintext, ciphertext, &pk_params); } if (ret < 0) @@ -284,16 +288,16 @@ _gnutls_pkcs1_rsa_decrypt (gnutls_datum_t * plaintext, if (plaintext->data[i] != 0xff) { _gnutls_handshake_log ("PKCS #1 padding error"); - _gnutls_free_datum( plaintext); + _gnutls_free_datum (plaintext); /* PKCS #1 padding error. Don't use - GNUTLS_E_PKCS1_WRONG_PAD here. */ + GNUTLS_E_PKCS1_WRONG_PAD here. */ break; } } break; default: gnutls_assert (); - _gnutls_free_datum( plaintext); + _gnutls_free_datum (plaintext); break; } i++; @@ -301,11 +305,11 @@ _gnutls_pkcs1_rsa_decrypt (gnutls_datum_t * plaintext, if (ret < 0) { gnutls_assert (); - _gnutls_free_datum( plaintext); + _gnutls_free_datum (plaintext); return GNUTLS_E_DECRYPTION_FAILED; } - - memmove(plaintext->data, &plaintext->data[i], esize - i); + + memmove (plaintext->data, &plaintext->data[i], esize - i); plaintext->size = esize - i; return 0; @@ -434,7 +438,8 @@ _gnutls_dsa_sign (gnutls_datum_t * signature, /* decodes the Dss-Sig-Value structure */ int -_gnutls_decode_ber_rs (const gnutls_datum_t * sig_value, bigint_t * r, bigint_t * s) +_gnutls_decode_ber_rs (const gnutls_datum_t * sig_value, bigint_t * r, + bigint_t * s) { ASN1_TYPE sig; int result; @@ -511,78 +516,95 @@ _gnutls_dsa_verify (const gnutls_datum_t * vdata, } /* some generic pk functions */ -static -int _generate_params(int algo, bigint_t * resarr, unsigned int *resarr_len, int bits) +static int +_generate_params (int algo, bigint_t * resarr, unsigned int *resarr_len, + int bits) { -gnutls_pk_params_st params; -int ret; -unsigned int i; - - ret = _gnutls_pk_ops.generate( GNUTLS_PK_RSA, bits, ¶ms); - - if (ret < 0) { - gnutls_assert(); - return ret; - } + gnutls_pk_params_st params; + int ret; + unsigned int i; - if (resarr && resarr_len && *resarr_len > params.params_nr) { - *resarr_len = params.params_nr; - for (i=0;i<params.params_nr;i++) - resarr[i] = params.params[i]; - } else { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - return 0; + ret = _gnutls_pk_ops.generate (GNUTLS_PK_RSA, bits, ¶ms); + + if (ret < 0) + { + gnutls_assert (); + return ret; + } + + if (resarr && resarr_len && *resarr_len > params.params_nr) + { + *resarr_len = params.params_nr; + for (i = 0; i < params.params_nr; i++) + resarr[i] = params.params[i]; + } + else + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + return 0; } -int _gnutls_rsa_generate_params (bigint_t * resarr, unsigned int *resarr_len, int bits) +int +_gnutls_rsa_generate_params (bigint_t * resarr, unsigned int *resarr_len, + int bits) { - return _generate_params( GNUTLS_PK_RSA, resarr, resarr_len, bits); + return _generate_params (GNUTLS_PK_RSA, resarr, resarr_len, bits); } -int _gnutls_dsa_generate_params (bigint_t * resarr, unsigned int *resarr_len, int bits) +int +_gnutls_dsa_generate_params (bigint_t * resarr, unsigned int *resarr_len, + int bits) { - return _generate_params( GNUTLS_PK_DSA, resarr, resarr_len, bits); + return _generate_params (GNUTLS_PK_DSA, resarr, resarr_len, bits); } -int _gnutls_pk_params_copy( gnutls_pk_params_st* dst, bigint_t* params, int params_len) +int +_gnutls_pk_params_copy (gnutls_pk_params_st * dst, bigint_t * params, + int params_len) { -int i,j; - dst->params_nr = 0; + int i, j; + dst->params_nr = 0; - dst->params = gnutls_malloc( sizeof(bigint_t)*params_len); - if (dst->params == NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } + dst->params = gnutls_malloc (sizeof (bigint_t) * params_len); + if (dst->params == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } - for (i=0;i<params_len;i++) { - dst->params[i] = _gnutls_mpi_set( NULL, params[i]); - if (dst->params[i] == NULL) { - for (j=0;j<i;j++) - _gnutls_mpi_release( &dst->params[j]); - return GNUTLS_E_MEMORY_ERROR; - } - dst->params_nr++; + for (i = 0; i < params_len; i++) + { + dst->params[i] = _gnutls_mpi_set (NULL, params[i]); + if (dst->params[i] == NULL) + { + for (j = 0; j < i; j++) + _gnutls_mpi_release (&dst->params[j]); + return GNUTLS_E_MEMORY_ERROR; } - - return 0; + dst->params_nr++; + } + + return 0; } -void gnutls_pk_params_init( gnutls_pk_params_st* p) +void +gnutls_pk_params_init (gnutls_pk_params_st * p) { - memset( p, 0, sizeof(gnutls_pk_params_st)); + memset (p, 0, sizeof (gnutls_pk_params_st)); } -void gnutls_pk_params_release( gnutls_pk_params_st* p) +void +gnutls_pk_params_release (gnutls_pk_params_st * p) { -unsigned int i; - for (i=0;i<p->params_nr;i++) { - _gnutls_mpi_release( &p->params[i]); - } - gnutls_free( p->params); - p->params = NULL; + unsigned int i; + for (i = 0; i < p->params_nr; i++) + { + _gnutls_mpi_release (&p->params[i]); + } + gnutls_free (p->params); + p->params = NULL; } diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 870526a628..91a24ca820 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -418,7 +418,7 @@ gnutls_priority_set (gnutls_session_t session, gnutls_priority_t priority) { if (priority == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_NO_CIPHER_SUITES; } @@ -533,8 +533,8 @@ gnutls_priority_init (gnutls_priority_t * priority_cache, _set_priority (&(*priority_cache)->compression, comp_priority); _set_priority (&(*priority_cache)->cert_type, cert_type_priority); i = 0; - } - else + } + else { i = 1; } @@ -554,15 +554,18 @@ gnutls_priority_init (gnutls_priority_t * priority_cache, _set_priority (&(*priority_cache)->kx, kx_priority_secure); _set_priority (&(*priority_cache)->mac, mac_priority_secure); } - else if (strcasecmp (broken_list[i], "SECURE256") == 0 || strcasecmp (broken_list[i], "SECURE") == 0) + else if (strcasecmp (broken_list[i], "SECURE256") == 0 + || strcasecmp (broken_list[i], "SECURE") == 0) { - _set_priority (&(*priority_cache)->cipher, cipher_priority_secure256); + _set_priority (&(*priority_cache)->cipher, + cipher_priority_secure256); _set_priority (&(*priority_cache)->kx, kx_priority_secure); _set_priority (&(*priority_cache)->mac, mac_priority_secure); } else if (strcasecmp (broken_list[i], "SECURE128") == 0) { - _set_priority (&(*priority_cache)->cipher, cipher_priority_secure128); + _set_priority (&(*priority_cache)->cipher, + cipher_priority_secure128); _set_priority (&(*priority_cache)->kx, kx_priority_secure); _set_priority (&(*priority_cache)->mac, mac_priority_secure); } diff --git a/lib/gnutls_psk.c b/lib/gnutls_psk.c index 1c3209aeb9..f629fa6f14 100644 --- a/lib/gnutls_psk.c +++ b/lib/gnutls_psk.c @@ -129,7 +129,7 @@ gnutls_psk_set_client_credentials (gnutls_psk_client_credentials_t res, } ret = gnutls_hex_decode (key, (char *) res->key.data, &size); - res->key.size = (unsigned int)size; + res->key.size = (unsigned int) size; if (ret < 0) { gnutls_assert (); diff --git a/lib/gnutls_psk_netconf.c b/lib/gnutls_psk_netconf.c index 5e1fcc6e1f..967a964279 100644 --- a/lib/gnutls_psk_netconf.c +++ b/lib/gnutls_psk_netconf.c @@ -49,7 +49,7 @@ int gnutls_psk_netconf_derive_key (const char *password, const char *psk_identity, const char *psk_identity_hint, - gnutls_datum_t *output_key) + gnutls_datum_t * output_key) { const char netconf_key_pad[] = "Key Pad for Netconf"; size_t sha1len = _gnutls_hash_get_algo_len (GNUTLS_DIG_SHA1); diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index ca4aea7420..9c732d1b8d 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -371,8 +371,8 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, _gnutls_record_log ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - write_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.write_sequence_number), _gnutls_packet2str (type), type, sizeofdata); if (sizeofdata > MAX_RECORD_SEND_SIZE) @@ -410,7 +410,9 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, cipher_size = _gnutls_encrypt (session, headers, RECORD_HEADER_SIZE, data, - data2send_size, cipher, cipher_size, type, (session->internals.priorities.no_padding==0)?1:0); + data2send_size, cipher, cipher_size, type, + (session->internals.priorities.no_padding == + 0) ? 1 : 0); if (cipher_size <= 0) { gnutls_assert (); @@ -434,8 +436,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, return GNUTLS_E_RECORD_LIMIT_REACHED; } - ret = - _gnutls_io_write_buffered (session, cipher, cipher_size); + ret = _gnutls_io_write_buffered (session, cipher, cipher_size); gnutls_free (cipher); } @@ -465,9 +466,9 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, _gnutls_record_log ("REC[%x]: Sent Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session-> - connection_state. - write_sequence_number), + (int) + _gnutls_uint64touint32 + (&session->connection_state.write_sequence_number), _gnutls_packet2str (type), type, cipher_size); return retval; @@ -790,9 +791,9 @@ record_check_type (gnutls_session_t session, inline static int get_temp_recv_buffer (gnutls_session_t session, gnutls_datum_t * tmp) { -size_t max_record_size; + size_t max_record_size; - if (gnutls_compression_get(session) != GNUTLS_COMP_NULL) + if (gnutls_compression_get (session) != GNUTLS_COMP_NULL) max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE; else max_record_size = MAX_RECORD_RECV_SIZE; @@ -809,8 +810,7 @@ size_t max_record_size; /* Initialize the internal buffer. */ session->internals.recv_buffer.data = - gnutls_realloc (session->internals.recv_buffer.data, - max_record_size); + gnutls_realloc (session->internals.recv_buffer.data, max_record_size); if (session->internals.recv_buffer.data == NULL) { @@ -939,14 +939,14 @@ begin: _gnutls_record_log ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - read_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.read_sequence_number), _gnutls_packet2str (type), type, sizeofdata); - _gnutls_record_log - ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - read_sequence_number), - _gnutls_packet2str (recv_type), recv_type, length); + _gnutls_record_log ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", + session, + (int) _gnutls_uint64touint32 (&session-> + connection_state.read_sequence_number), + _gnutls_packet2str (recv_type), recv_type, length); if (length > MAX_RECV_SIZE) { @@ -1024,8 +1024,8 @@ begin: _gnutls_record_log ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session->connection_state. - read_sequence_number), + (int) _gnutls_uint64touint32 (&session-> + connection_state.read_sequence_number), _gnutls_packet2str (recv_type), recv_type, decrypted_length); /* increase sequence number diff --git a/lib/gnutls_session.c b/lib/gnutls_session.c index 62b8d8c953..62a3cdcf71 100644 --- a/lib/gnutls_session.c +++ b/lib/gnutls_session.c @@ -78,7 +78,7 @@ gnutls_session_get_data (gnutls_session_t session, ret = 0; error: - _gnutls_free_datum( &psession); + _gnutls_free_datum (&psession); return ret; } diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index f3b1255f74..9a48f25ebe 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -165,7 +165,7 @@ _gnutls_session_unpack (gnutls_session_t session, return GNUTLS_E_INTERNAL_ERROR; } - if (_gnutls_get_auth_info(session) != NULL) + if (_gnutls_get_auth_info (session) != NULL) { _gnutls_free_auth_info (session); } @@ -600,7 +600,8 @@ unpack_srp_auth_info (gnutls_session_t session, * x bytes the public key */ static int -pack_anon_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) +pack_anon_auth_info (gnutls_session_t session, + gnutls_datum_t * packed_session) { anon_auth_info_t info = _gnutls_get_auth_info (session); int pos = 0; @@ -766,8 +767,8 @@ pack_psk_auth_info (gnutls_session_t session, gnutls_datum_t * packed_session) if (info) { - username_size = strlen (info->username) + 1; /* include the terminating null */ - hint_size = strlen (info->hint) + 1; /* include the terminating null */ + username_size = strlen (info->username) + 1; /* include the terminating null */ + hint_size = strlen (info->hint) + 1; /* include the terminating null */ pack_size = username_size + hint_size + 2 + 4 * 3 + info->dh.prime.size + info->dh.generator.size + info->dh.public_key.size; @@ -1054,8 +1055,9 @@ pack_security_parameters (gnutls_session_t session, session->security_parameters.extensions.srp_username, len); pos += len; - _gnutls_write_uint16 (session->security_parameters.extensions. - server_names_size, &packed_session->data[pos]); + _gnutls_write_uint16 (session->security_parameters. + extensions.server_names_size, + &packed_session->data[pos]); pos += 2; for (i = 0; i < session->security_parameters.extensions.server_names_size; @@ -1063,15 +1065,15 @@ pack_security_parameters (gnutls_session_t session, { packed_session->data[pos++] = session->security_parameters.extensions.server_names[i].type; - _gnutls_write_uint16 (session->security_parameters.extensions. - server_names[i].name_length, + _gnutls_write_uint16 (session->security_parameters. + extensions.server_names[i].name_length, &packed_session->data[pos]); pos += 2; memcpy (&packed_session->data[pos], session->security_parameters.extensions.server_names[i].name, - session->security_parameters.extensions.server_names[i]. - name_length); + session->security_parameters.extensions. + server_names[i].name_length); pos += session->security_parameters.extensions.server_names[i].name_length; } @@ -1130,10 +1132,10 @@ unpack_security_parameters (gnutls_session_t session, packed_session->data[pos++]; session->internals.resumed_security_parameters.write_compression_algorithm = packed_session->data[pos++]; - session->internals.resumed_security_parameters.current_cipher_suite. - suite[0] = packed_session->data[pos++]; - session->internals.resumed_security_parameters.current_cipher_suite. - suite[1] = packed_session->data[pos++]; + session->internals.resumed_security_parameters. + current_cipher_suite.suite[0] = packed_session->data[pos++]; + session->internals.resumed_security_parameters. + current_cipher_suite.suite[1] = packed_session->data[pos++]; session->internals.resumed_security_parameters.cert_type = packed_session->data[pos++]; @@ -1182,34 +1184,35 @@ unpack_security_parameters (gnutls_session_t session, /* SRP */ len = packed_session->data[pos++]; /* srp username length */ - memcpy (session->internals.resumed_security_parameters.extensions. - srp_username, &packed_session->data[pos], len); - session->internals.resumed_security_parameters.extensions. - srp_username[len] = 0; + memcpy (session->internals.resumed_security_parameters. + extensions.srp_username, &packed_session->data[pos], len); + session->internals.resumed_security_parameters. + extensions.srp_username[len] = 0; pos += len; - session->internals.resumed_security_parameters.extensions. - server_names_size = _gnutls_read_uint16 (&packed_session->data[pos]); + session->internals.resumed_security_parameters. + extensions.server_names_size = + _gnutls_read_uint16 (&packed_session->data[pos]); pos += 2; for (i = 0; i < - session->internals.resumed_security_parameters.extensions. - server_names_size; i++) + session->internals.resumed_security_parameters. + extensions.server_names_size; i++) { - session->internals.resumed_security_parameters.extensions. - server_names[i].type = packed_session->data[pos++]; - session->internals.resumed_security_parameters.extensions. - server_names[i].name_length = + session->internals.resumed_security_parameters. + extensions.server_names[i].type = packed_session->data[pos++]; + session->internals.resumed_security_parameters. + extensions.server_names[i].name_length = _gnutls_read_uint16 (&packed_session->data[pos]); pos += 2; - memcpy (session->internals.resumed_security_parameters.extensions. - server_names[i].name, &packed_session->data[pos], - session->internals.resumed_security_parameters.extensions. - server_names[i].name_length); + memcpy (session->internals.resumed_security_parameters. + extensions.server_names[i].name, &packed_session->data[pos], + session->internals.resumed_security_parameters. + extensions.server_names[i].name_length); pos += - session->internals.resumed_security_parameters.extensions. - server_names[i].name_length; + session->internals.resumed_security_parameters. + extensions.server_names[i].name_length; } return 0; } diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c index e62d43fe02..e97978fbb6 100644 --- a/lib/gnutls_sig.c +++ b/lib/gnutls_sig.c @@ -59,7 +59,8 @@ _gnutls_tls_sign_hdata (gnutls_session_t session, digest_hd_st td_sha; gnutls_protocol_t ver = gnutls_protocol_get_version (session); - ret = _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); + ret = + _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); if (ret < 0) { gnutls_assert (); @@ -76,8 +77,9 @@ _gnutls_tls_sign_hdata (gnutls_session_t session, } _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], - session->security_parameters. - master_secret, TLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + TLS_MASTER_SIZE); } else _gnutls_hash_deinit (&td_sha, &concat[16]); @@ -85,7 +87,9 @@ _gnutls_tls_sign_hdata (gnutls_session_t session, switch (cert->subject_pk_algorithm) { case GNUTLS_PK_RSA: - ret = _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle_md5); + ret = + _gnutls_hash_copy (&td_md5, + &session->internals.handshake_mac_handle_md5); if (ret < 0) { gnutls_assert (); @@ -94,8 +98,9 @@ _gnutls_tls_sign_hdata (gnutls_session_t session, if (ver == GNUTLS_SSL3) _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, - session->security_parameters. - master_secret, TLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + TLS_MASTER_SIZE); else _gnutls_hash_deinit (&td_md5, concat); @@ -155,7 +160,7 @@ _gnutls_tls_sign_params (gnutls_session_t session, gnutls_cert * cert, { digest_hd_st td_md5; - ret =_gnutls_hash_init (&td_md5, GNUTLS_MAC_MD5); + ret = _gnutls_hash_init (&td_md5, GNUTLS_MAC_MD5); if (ret < 0) { gnutls_assert (); @@ -185,8 +190,7 @@ _gnutls_tls_sign_params (gnutls_session_t session, gnutls_cert * cert, #else /* No parameters field. */ memcpy (concat, - "\x30\x1f\x30\x07\x06\x05\x2b\x0e\x03\x02\x1a\x04\x14", - 13); + "\x30\x1f\x30\x07\x06\x05\x2b\x0e\x03\x02\x1a\x04\x14", 13); _gnutls_hash_deinit (&td_sha, &concat[13]); dconcat.size = 33; #endif @@ -284,8 +288,7 @@ _gnutls_tls_sign (gnutls_session_t session, return (*session->internals.sign_func) (session, session->internals.sign_func_userdata, - cert->cert_type, &cert->raw, - hash_concat, signature); + cert->cert_type, &cert->raw, hash_concat, signature); } return _gnutls_sign (pkey->pk_algorithm, pkey->params, @@ -295,8 +298,7 @@ _gnutls_tls_sign (gnutls_session_t session, static int _gnutls_verify_sig (gnutls_cert * cert, const gnutls_datum_t * hash_concat, - gnutls_datum_t * signature, - size_t sha1pos) + gnutls_datum_t * signature, size_t sha1pos) { int ret; gnutls_datum_t vdata; @@ -375,14 +377,16 @@ _gnutls_verify_sig_hdata (gnutls_session_t session, gnutls_cert * cert, gnutls_datum_t dconcat; gnutls_protocol_t ver = gnutls_protocol_get_version (session); - ret = _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle_md5); + ret = + _gnutls_hash_copy (&td_md5, &session->internals.handshake_mac_handle_md5); if (ret < 0) { gnutls_assert (); return ret; } - ret = _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); + ret = + _gnutls_hash_copy (&td_sha, &session->internals.handshake_mac_handle_sha); if (ret < 0) { gnutls_assert (); @@ -400,11 +404,13 @@ _gnutls_verify_sig_hdata (gnutls_session_t session, gnutls_cert * cert, } _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, - session->security_parameters. - master_secret, TLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + TLS_MASTER_SIZE); _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], - session->security_parameters. - master_secret, TLS_MASTER_SIZE); + session-> + security_parameters.master_secret, + TLS_MASTER_SIZE); } else { @@ -462,7 +468,7 @@ _gnutls_verify_sig_params (gnutls_session_t session, gnutls_cert * cert, { gnutls_assert (); if (ver < GNUTLS_TLS1_2) - _gnutls_hash_deinit (&td_md5, NULL); + _gnutls_hash_deinit (&td_md5, NULL); return ret; } @@ -490,8 +496,7 @@ _gnutls_verify_sig_params (gnutls_session_t session, gnutls_cert * cert, #else /* No parameters field. */ memcpy (concat, - "\x30\x1f\x30\x07\x06\x05\x2b\x0e\x03\x02\x1a\x04\x14", - 13); + "\x30\x1f\x30\x07\x06\x05\x2b\x0e\x03\x02\x1a\x04\x14", 13); _gnutls_hash_deinit (&td_sha, &concat[13]); dconcat.size = 33; #endif diff --git a/lib/gnutls_srp.c b/lib/gnutls_srp.c index 35df9dceea..a6722a8e33 100644 --- a/lib/gnutls_srp.c +++ b/lib/gnutls_srp.c @@ -220,7 +220,8 @@ _gnutls_calc_srp_u (bigint_t A, bigint_t B, bigint_t n) * this is our shared key (server premaster secret) */ bigint_t -_gnutls_calc_srp_S1 (bigint_t A, bigint_t b, bigint_t u, bigint_t v, bigint_t n) +_gnutls_calc_srp_S1 (bigint_t A, bigint_t b, bigint_t u, bigint_t v, + bigint_t n) { bigint_t tmp1 = NULL, tmp2 = NULL; bigint_t S = NULL; @@ -291,7 +292,7 @@ _gnutls_calc_srp_sha (const char *username, const char *password, digest_hd_st td; opaque res[MAX_HASH_SIZE]; int ret; - + *size = 20; ret = _gnutls_hash_init (&td, GNUTLS_MAC_SHA1); @@ -333,7 +334,8 @@ _gnutls_calc_srp_x (char *username, char *password, opaque * salt, * this is our shared key (client premaster secret) */ bigint_t -_gnutls_calc_srp_S2 (bigint_t B, bigint_t g, bigint_t x, bigint_t a, bigint_t u, bigint_t n) +_gnutls_calc_srp_S2 (bigint_t B, bigint_t g, bigint_t x, bigint_t a, + bigint_t u, bigint_t n) { bigint_t S = NULL, tmp1 = NULL, tmp2 = NULL; bigint_t tmp4 = NULL, tmp3 = NULL, k = NULL; @@ -626,8 +628,10 @@ gnutls_srp_set_server_credentials_function (gnutls_srp_server_credentials_t * -1 indicates an error. **/ void -gnutls_srp_set_client_credentials_function (gnutls_srp_client_credentials_t cred, - gnutls_srp_client_credentials_function * func) +gnutls_srp_set_client_credentials_function (gnutls_srp_client_credentials_t + cred, + gnutls_srp_client_credentials_function + * func) { cred->get_function = func; } diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 965de7f2ff..0b4a11f100 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -147,23 +147,23 @@ _gnutls_session_cert_type_supported (gnutls_session_t session, if (cred == NULL) return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - if( cred->server_get_cert_callback == NULL) - { - for (i = 0; i < cred->ncerts; i++) - { + if (cred->server_get_cert_callback == NULL) + { + for (i = 0; i < cred->ncerts; i++) + { if (cred->cert_list[i][0].cert_type == cert_type) - { - cert_found = 1; - break; - } - } + { + cert_found = 1; + break; + } + } - if (cert_found == 0) + if (cert_found == 0) /* no certificate is of that type. */ return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - } - } + } + } if (session->internals.priorities.cert_type.algorithms == 0 && cert_type == DEFAULT_CERT_TYPE) @@ -382,8 +382,8 @@ gnutls_deinit (gnutls_session_t session) if (session->connection_state.read_compression_state != NULL) _gnutls_comp_deinit (session->connection_state.read_compression_state, 1); if (session->connection_state.write_compression_state != NULL) - _gnutls_comp_deinit (session->connection_state. - write_compression_state, 0); + _gnutls_comp_deinit (session->connection_state.write_compression_state, + 0); _gnutls_free_datum (&session->cipher_specs.server_write_mac_secret); _gnutls_free_datum (&session->cipher_specs.client_write_mac_secret); @@ -482,7 +482,7 @@ _gnutls_dh_set_peer_public (gnutls_session_t session, bigint_t public) } if (dh->public_key.data) - _gnutls_free_datum(&dh->public_key); + _gnutls_free_datum (&dh->public_key); ret = _gnutls_mpi_dprint_lz (public, &dh->public_key); if (ret < 0) @@ -551,10 +551,10 @@ _gnutls_rsa_export_set_pubkey (gnutls_session_t session, return GNUTLS_E_INTERNAL_ERROR; if (info->rsa_export.modulus.data) - _gnutls_free_datum(&info->rsa_export.modulus); + _gnutls_free_datum (&info->rsa_export.modulus); if (info->rsa_export.exponent.data) - _gnutls_free_datum(&info->rsa_export.exponent); + _gnutls_free_datum (&info->rsa_export.exponent); ret = _gnutls_mpi_dprint_lz (modulus, &info->rsa_export.modulus); if (ret < 0) @@ -622,10 +622,10 @@ _gnutls_dh_set_group (gnutls_session_t session, bigint_t gen, bigint_t prime) } if (dh->prime.data) - _gnutls_free_datum(&dh->prime); + _gnutls_free_datum (&dh->prime); if (dh->generator.data) - _gnutls_free_datum(&dh->generator); + _gnutls_free_datum (&dh->generator); /* prime */ @@ -662,7 +662,7 @@ _gnutls_dh_set_group (gnutls_session_t session, bigint_t gen, bigint_t prime) **/ void gnutls_openpgp_send_cert (gnutls_session_t session, - gnutls_openpgp_crt_status_t status) + gnutls_openpgp_crt_status_t status) { session->internals.pgp_fingerprint = status; } @@ -895,8 +895,7 @@ _gnutls_PRF (gnutls_session_t session, { result = _gnutls_P_hash (GNUTLS_MAC_SHA1, secret, secret_size, - s_seed, s_seed_size, - total_bytes, ret); + s_seed, s_seed_size, total_bytes, ret); if (result < 0) { gnutls_assert (); @@ -1131,8 +1130,8 @@ gnutls_session_is_resumed (gnutls_session_t session) session->security_parameters.session_id_size == session->internals.resumed_security_parameters.session_id_size && memcmp (session->security_parameters.session_id, - session->internals.resumed_security_parameters. - session_id, + session->internals. + resumed_security_parameters.session_id, session->security_parameters.session_id_size) == 0) return 1; } @@ -1158,8 +1157,8 @@ _gnutls_session_is_export (gnutls_session_t session) gnutls_cipher_algorithm_t cipher; cipher = - _gnutls_cipher_suite_get_cipher_algo (&session->security_parameters. - current_cipher_suite); + _gnutls_cipher_suite_get_cipher_algo (&session-> + security_parameters.current_cipher_suite); if (_gnutls_cipher_get_export_flag (cipher) != 0) return 1; @@ -1180,8 +1179,9 @@ _gnutls_session_is_psk (gnutls_session_t session) { gnutls_kx_algorithm_t kx; - kx = _gnutls_cipher_suite_get_kx_algo (&session->security_parameters. - current_cipher_suite); + kx = + _gnutls_cipher_suite_get_kx_algo (&session-> + security_parameters.current_cipher_suite); if (kx == GNUTLS_KX_PSK || kx == GNUTLS_KX_DHE_PSK) return 1; @@ -1285,7 +1285,8 @@ _gnutls_rsa_pms_set_version (gnutls_session_t session, **/ void gnutls_handshake_set_post_client_hello_function (gnutls_session_t session, - gnutls_handshake_post_client_hello_func func) + gnutls_handshake_post_client_hello_func + func) { session->internals.user_hello_func = func; } @@ -1305,5 +1306,5 @@ gnutls_handshake_set_post_client_hello_function (gnutls_session_t session, void gnutls_session_enable_compatibility_mode (gnutls_session_t session) { - gnutls_record_disable_padding( session); + gnutls_record_disable_padding (session); } diff --git a/lib/gnutls_str.c b/lib/gnutls_str.c index 1cc1916ca9..768510a719 100644 --- a/lib/gnutls_str.c +++ b/lib/gnutls_str.c @@ -285,12 +285,10 @@ _gnutls_bin2hex (const void *_old, size_t oldlen, * Since: 2.4.0 **/ int -gnutls_hex2bin (const char * hex_data, - size_t hex_size, - char * bin_data, - size_t * bin_size) +gnutls_hex2bin (const char *hex_data, + size_t hex_size, char *bin_data, size_t * bin_size) { - return _gnutls_hex2bin (hex_data, (int)hex_size, bin_data, bin_size); + return _gnutls_hex2bin (hex_data, (int) hex_size, bin_data, bin_size); } int @@ -335,31 +333,32 @@ _gnutls_hex2bin (const opaque * hex_data, int hex_size, opaque * bin_data, int _gnutls_hostname_compare (const char *certname, const char *hostname) { - /* find the first different character */ - for (; *certname && *hostname && toupper(*certname) == toupper(*hostname); certname++, hostname++) + /* find the first different character */ + for (; *certname && *hostname && toupper (*certname) == toupper (*hostname); + certname++, hostname++) ; - - /* the strings are the same */ + + /* the strings are the same */ if (strlen (certname) == 0 && strlen (hostname) == 0) return 1; - + if (*certname == '*') { /* a wildcard certificate */ certname++; - + while (1) - { + { /* Use a recursive call to allow multiple wildcards */ if (_gnutls_hostname_compare (certname, hostname)) - { - return 1; - } - /* wildcards are only allowed to match a single domain component or component fragment */ - if (*hostname == '\0' || *hostname == '.') - break; - hostname++; + { + return 1; + } + /* wildcards are only allowed to match a single domain component or component fragment */ + if (*hostname == '\0' || *hostname == '.') + break; + hostname++; } return 0; diff --git a/lib/gnutls_supplemental.c b/lib/gnutls_supplemental.c index f8a5510133..cf6362c22c 100644 --- a/lib/gnutls_supplemental.c +++ b/lib/gnutls_supplemental.c @@ -51,10 +51,8 @@ #include "gnutls_num.h" typedef int (*supp_recv_func) (gnutls_session_t session, - const opaque *data, - size_t data_size); -typedef int (*supp_send_func) (gnutls_session_t session, - gnutls_buffer *buf); + const opaque * data, size_t data_size); +typedef int (*supp_send_func) (gnutls_session_t session, gnutls_buffer * buf); typedef struct { @@ -65,7 +63,7 @@ typedef struct } gnutls_supplemental_entry; gnutls_supplemental_entry _gnutls_supplemental[] = { - { 0, 0, 0, 0 } + {0, 0, 0, 0} }; const char * @@ -73,8 +71,8 @@ gnutls_supplemental_get_name (gnutls_supplemental_data_format_type_t type) { gnutls_supplemental_entry *p; - for(p = _gnutls_supplemental; p->name != NULL; p++) - if(p->type == type) + for (p = _gnutls_supplemental; p->name != NULL; p++) + if (p->type == type) return p->name; return NULL; @@ -85,15 +83,15 @@ get_supp_func_recv (gnutls_supplemental_data_format_type_t type) { gnutls_supplemental_entry *p; - for(p = _gnutls_supplemental; p->name != NULL; p++) - if(p->type == type) + for (p = _gnutls_supplemental; p->name != NULL; p++) + if (p->type == type) return p->supp_recv_func; return NULL; } int -_gnutls_gen_supplemental (gnutls_session_t session, gnutls_buffer *buf) +_gnutls_gen_supplemental (gnutls_session_t session, gnutls_buffer * buf) { gnutls_supplemental_entry *p; int ret; @@ -106,7 +104,7 @@ _gnutls_gen_supplemental (gnutls_session_t session, gnutls_buffer *buf) return ret; } - for(p = _gnutls_supplemental; p->name; p++) + for (p = _gnutls_supplemental; p->name; p++) { supp_send_func supp_send = p->supp_send_func; size_t sizepos = buf->length; @@ -133,7 +131,7 @@ _gnutls_gen_supplemental (gnutls_session_t session, gnutls_buffer *buf) buf->data[sizepos] = 0; buf->data[sizepos + 1] = p->type; buf->data[sizepos + 2] = ((buf->length - sizepos - 4) >> 8) & 0xFF; - buf->data[sizepos + 3] = (buf->length - sizepos -4) & 0xFF; + buf->data[sizepos + 3] = (buf->length - sizepos - 4) & 0xFF; } else buf->length -= 4; @@ -151,8 +149,7 @@ _gnutls_gen_supplemental (gnutls_session_t session, gnutls_buffer *buf) int _gnutls_parse_supplemental (gnutls_session_t session, - const uint8_t * data, - int datalen) + const uint8_t * data, int datalen) { const opaque *p = data; ssize_t dsize = datalen; @@ -162,9 +159,9 @@ _gnutls_parse_supplemental (gnutls_session_t session, total_size = _gnutls_read_uint24 (p); p += 3; - if (dsize != (ssize_t)total_size) + if (dsize != (ssize_t) total_size) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; } diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c index 277dfe441c..69c0413a58 100644 --- a/lib/gnutls_ui.c +++ b/lib/gnutls_ui.c @@ -556,10 +556,11 @@ gnutls_fingerprint (gnutls_digest_algorithm_t algo, if (result) { int ret = _gnutls_hash_init (&td, HASH2MAC (algo)); - if (ret < 0) { - gnutls_assert(); - return ret; - } + if (ret < 0) + { + gnutls_assert (); + return ret; + } _gnutls_hash (&td, data->data, data->size); diff --git a/lib/gnutls_v2_compat.c b/lib/gnutls_v2_compat.c index 95cbd2ff65..828b8ced36 100644 --- a/lib/gnutls_v2_compat.c +++ b/lib/gnutls_v2_compat.c @@ -116,8 +116,8 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, adv_version = _gnutls_version_get (data[pos], data[pos + 1]); - ret = _gnutls_negotiate_version( session, adv_version); - if (ret < 0) + ret = _gnutls_negotiate_version (session, adv_version); + if (ret < 0) { gnutls_assert (); return ret; @@ -154,10 +154,10 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, /* call the user hello callback */ - ret = _gnutls_user_hello_func( session, adv_version); - if (ret < 0) + ret = _gnutls_user_hello_func (session, adv_version); + if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } @@ -177,8 +177,8 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, */ if (_gnutls_get_kx_cred (session, - _gnutls_cipher_suite_get_kx_algo (&session->security_parameters. - current_cipher_suite), + _gnutls_cipher_suite_get_kx_algo (&session-> + security_parameters.current_cipher_suite), &err) == NULL && err != 0) { gnutls_assert (); @@ -191,8 +191,8 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, */ session->internals.auth_struct = _gnutls_kx_auth_struct (_gnutls_cipher_suite_get_kx_algo - (&session->security_parameters. - current_cipher_suite)); + (&session-> + security_parameters.current_cipher_suite)); if (session->internals.auth_struct == NULL) { @@ -232,24 +232,21 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, ret = _gnutls_server_restore_session (session, session_id, session_id_len); if (ret == 0) - { /* resumed! */ + { /* resumed! */ /* get the new random values */ - memcpy (session->internals.resumed_security_parameters. - server_random, session->security_parameters.server_random, - TLS_RANDOM_SIZE); - memcpy (session->internals.resumed_security_parameters. - client_random, session->security_parameters.client_random, - TLS_RANDOM_SIZE); + memcpy (session->internals.resumed_security_parameters.server_random, + session->security_parameters.server_random, TLS_RANDOM_SIZE); + memcpy (session->internals.resumed_security_parameters.client_random, + session->security_parameters.client_random, TLS_RANDOM_SIZE); session->internals.resumed = RESUME_TRUE; return 0; } else { - _gnutls_generate_session_id (session->security_parameters. - session_id, - &session->security_parameters. - session_id_size); + _gnutls_generate_session_id (session->security_parameters.session_id, + &session-> + security_parameters.session_id_size); session->internals.resumed = RESUME_FALSE; } diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c index b2a834dadc..de9a1aa06e 100644 --- a/lib/gnutls_x509.c +++ b/lib/gnutls_x509.c @@ -218,8 +218,8 @@ _gnutls_check_key_cert_match (gnutls_certificate_credentials_t res) 1].params_size, &kid); - _gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0]. - params, + _gnutls_x509_write_rsa_params (res-> + cert_list[res->ncerts - 1][0].params, res->cert_list[res->ncerts - 1][0].params_size, &cid); } @@ -230,8 +230,8 @@ _gnutls_check_key_cert_match (gnutls_certificate_credentials_t res) res->pkey[res->ncerts - 1].params_size, &kid); - _gnutls_x509_write_dsa_params (res->cert_list[res->ncerts - 1][0]. - params, + _gnutls_x509_write_dsa_params (res-> + cert_list[res->ncerts - 1][0].params, res->cert_list[res->ncerts - 1][0].params_size, &cid); } @@ -681,7 +681,9 @@ _gnutls_x509_raw_privkey_to_gkey (gnutls_privkey * privkey, /* If normal key decoding doesn't work try decoding a plain PKCS #8 key */ if (ret < 0) - ret = gnutls_x509_privkey_import_pkcs8( tmpkey, raw_key, type, NULL, GNUTLS_PKCS_PLAIN); + ret = + gnutls_x509_privkey_import_pkcs8 (tmpkey, raw_key, type, NULL, + GNUTLS_PKCS_PLAIN); if (ret < 0) { @@ -731,7 +733,8 @@ read_key_mem (gnutls_certificate_credentials_t res, tmp.size = key_size; ret = - _gnutls_x509_raw_privkey_to_gkey (&res->pkey[res->ncerts], &tmp, type); + _gnutls_x509_raw_privkey_to_gkey (&res->pkey[res->ncerts], &tmp, + type); if (ret < 0) { gnutls_assert (); @@ -1171,7 +1174,7 @@ parse_pem_ca_mem (gnutls_x509_crt_t ** cert_list, unsigned *ncerts, ptr3 = memmem (ptr, size, PEM_CERT_SEP, sizeof (PEM_CERT_SEP) - 1); if (ptr3 == NULL) ptr3 = memmem (ptr, size, - PEM_CERT_SEP2, sizeof (PEM_CERT_SEP2) - 1); + PEM_CERT_SEP2, sizeof (PEM_CERT_SEP2) - 1); ptr = ptr3; size = input_cert_size - (ptr - input_cert); @@ -1316,19 +1319,19 @@ gnutls_certificate_set_x509_trust (gnutls_certificate_credentials_t res, for (i = 0; i < ca_list_size; i++) { - ret = gnutls_x509_crt_init (&res->x509_ca_list[ res->x509_ncas]); + ret = gnutls_x509_crt_init (&res->x509_ca_list[res->x509_ncas]); if (ret < 0) { gnutls_assert (); return ret; } - ret = _gnutls_x509_crt_cpy (res->x509_ca_list[ res->x509_ncas], + ret = _gnutls_x509_crt_cpy (res->x509_ca_list[res->x509_ncas], ca_list[i]); if (ret < 0) { gnutls_assert (); - gnutls_x509_crt_deinit (res->x509_ca_list[ res->x509_ncas]); + gnutls_x509_crt_deinit (res->x509_ca_list[res->x509_ncas]); return ret; } res->x509_ncas++; @@ -1375,11 +1378,9 @@ gnutls_certificate_set_x509_trust_file (gnutls_certificate_credentials_t } if (type == GNUTLS_X509_FMT_DER) - ret = parse_der_ca_mem (&res->x509_ca_list, &res->x509_ncas, - data, size); + ret = parse_der_ca_mem (&res->x509_ca_list, &res->x509_ncas, data, size); else - ret = parse_pem_ca_mem (&res->x509_ca_list, &res->x509_ncas, - data, size); + ret = parse_pem_ca_mem (&res->x509_ca_list, &res->x509_ncas, data, size); free (data); @@ -1879,9 +1880,9 @@ done: * Returns: %GNUTLS_E_SUCCESS on success, or an error code. **/ int -gnutls_certificate_set_x509_simple_pkcs12_file -(gnutls_certificate_credentials_t res, const char *pkcs12file, - gnutls_x509_crt_fmt_t type, const char *password) + gnutls_certificate_set_x509_simple_pkcs12_file + (gnutls_certificate_credentials_t res, const char *pkcs12file, + gnutls_x509_crt_fmt_t type, const char *password) { gnutls_pkcs12_t p12; gnutls_datum_t p12blob; @@ -1899,7 +1900,7 @@ gnutls_certificate_set_x509_simple_pkcs12_file } p12blob.data = read_binary_file (pkcs12file, &size); - p12blob.size = (unsigned int)size; + p12blob.size = (unsigned int) size; if (p12blob.data == NULL) { gnutls_assert (); diff --git a/lib/mac-libgcrypt.c b/lib/mac-libgcrypt.c index 0443a75342..9d17169831 100644 --- a/lib/mac-libgcrypt.c +++ b/lib/mac-libgcrypt.c @@ -30,102 +30,107 @@ #include <gnutls_errors.h> #include <gcrypt.h> -static int wrap_gcry_mac_init( gnutls_mac_algorithm_t algo, void** ctx) +static int +wrap_gcry_mac_init (gnutls_mac_algorithm_t algo, void **ctx) { -int err; -unsigned int flags = GCRY_MD_FLAG_HMAC; + int err; + unsigned int flags = GCRY_MD_FLAG_HMAC; switch (algo) { case GNUTLS_MAC_MD5: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_MD5, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_MD5, flags); break; case GNUTLS_MAC_SHA1: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA1, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA1, flags); break; case GNUTLS_MAC_RMD160: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_RMD160, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_RMD160, flags); break; case GNUTLS_MAC_MD2: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_MD2, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_MD2, flags); break; case GNUTLS_MAC_SHA256: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA256, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA256, flags); break; case GNUTLS_MAC_SHA384: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA384, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA384, flags); break; case GNUTLS_MAC_SHA512: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA512, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA512, flags); break; default: - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - if (err == 0) return 0; - - gnutls_assert(); - return GNUTLS_E_ENCRYPTION_FAILED; + + if (err == 0) + return 0; + + gnutls_assert (); + return GNUTLS_E_ENCRYPTION_FAILED; } -static int wrap_gcry_hash_init( gnutls_digest_algorithm_t algo, void** ctx) +static int +wrap_gcry_hash_init (gnutls_digest_algorithm_t algo, void **ctx) { -int err; -unsigned int flags = 0; + int err; + unsigned int flags = 0; switch (algo) { case GNUTLS_DIG_MD5: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_MD5, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_MD5, flags); break; case GNUTLS_DIG_SHA1: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA1, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA1, flags); break; case GNUTLS_DIG_RMD160: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_RMD160, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_RMD160, flags); break; case GNUTLS_DIG_MD2: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_MD2, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_MD2, flags); break; case GNUTLS_DIG_SHA256: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA256, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA256, flags); break; case GNUTLS_DIG_SHA224: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA224, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA224, flags); break; case GNUTLS_DIG_SHA384: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA384, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA384, flags); break; case GNUTLS_DIG_SHA512: - err = gcry_md_open( (gcry_md_hd_t*)ctx, GCRY_MD_SHA512, flags); + err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA512, flags); break; default: - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - if (err == 0) return 0; - - gnutls_assert(); - return GNUTLS_E_ENCRYPTION_FAILED; + + if (err == 0) + return 0; + + gnutls_assert (); + return GNUTLS_E_ENCRYPTION_FAILED; } -int wrap_gcry_mac_output( void* src_ctx, void* digest, size_t digestsize) +int +wrap_gcry_mac_output (void *src_ctx, void *digest, size_t digestsize) { -opaque *_digest = gcry_md_read (src_ctx, 0); + opaque *_digest = gcry_md_read (src_ctx, 0); if (_digest != NULL) { - int len = gcry_md_get_algo_dlen(gcry_md_get_algo(src_ctx)); - + int len = gcry_md_get_algo_dlen (gcry_md_get_algo (src_ctx)); + if (len <= digestsize && digest != NULL) - memcpy( digest, _digest, len); - + memcpy (digest, _digest, len); + return 0; } - - gnutls_assert(); + + gnutls_assert (); return GNUTLS_E_HASH_FAILED; } diff --git a/lib/minitasn1/structure.c b/lib/minitasn1/structure.c index 743e9ba42a..a7a4c623b9 100644 --- a/lib/minitasn1/structure.c +++ b/lib/minitasn1/structure.c @@ -409,7 +409,7 @@ _asn1_copy_structure3 (node_asn * source_node) if (p_s->name) _asn1_set_name (p_d, p_s->name); if (p_s->value) - _asn1_set_value (p_d, p_s->value, p_s->value_len); + _asn1_set_value (p_d, p_s->value, p_s->value_len); move = DOWN; } else diff --git a/lib/mpi-libgcrypt.c b/lib/mpi-libgcrypt.c index 5e20ab7971..29e31b9cf2 100644 --- a/lib/mpi-libgcrypt.c +++ b/lib/mpi-libgcrypt.c @@ -36,22 +36,27 @@ /* Functions that refer to the libgcrypt library. */ -static inline int _format_conv( gnutls_bigint_format_t format) +static inline int +_format_conv (gnutls_bigint_format_t format) { - if (format == GNUTLS_MPI_FORMAT_USG) return GCRYMPI_FMT_USG; - else if (format == GNUTLS_MPI_FORMAT_STD) return GCRYMPI_FMT_STD; - else return GCRYMPI_FMT_PGP; + if (format == GNUTLS_MPI_FORMAT_USG) + return GCRYMPI_FMT_USG; + else if (format == GNUTLS_MPI_FORMAT_STD) + return GCRYMPI_FMT_STD; + else + return GCRYMPI_FMT_PGP; } /* returns zero on success */ bigint_t -wrap_gcry_mpi_scan (const void * buffer, size_t nbytes, gnutls_bigint_format_t format) +wrap_gcry_mpi_scan (const void *buffer, size_t nbytes, + gnutls_bigint_format_t format) { gcry_mpi_t ret_mpi = NULL; int ret; - ret = gcry_mpi_scan (&ret_mpi, _format_conv(format), buffer, nbytes, NULL); + ret = gcry_mpi_scan (&ret_mpi, _format_conv (format), buffer, nbytes, NULL); if (ret != 0) return NULL; @@ -59,16 +64,17 @@ wrap_gcry_mpi_scan (const void * buffer, size_t nbytes, gnutls_bigint_format_t f } int -wrap_gcry_mpi_print (const bigint_t a, void *buffer, size_t * nbytes, gnutls_bigint_format_t format) +wrap_gcry_mpi_print (const bigint_t a, void *buffer, size_t * nbytes, + gnutls_bigint_format_t format) { int ret; - format = _format_conv(format); - + format = _format_conv (format); + if (nbytes == NULL || a == NULL) return GNUTLS_E_INVALID_REQUEST; - ret = gcry_mpi_print( format, buffer, *nbytes, nbytes, a); + ret = gcry_mpi_print (format, buffer, *nbytes, nbytes, a); if (!ret) return 0; @@ -78,168 +84,186 @@ wrap_gcry_mpi_print (const bigint_t a, void *buffer, size_t * nbytes, gnutls_big #undef _gnutls_mpi_alloc_like #define _gnutls_mpi_alloc_like(x) gcry_mpi_new(gcry_mpi_get_nbits(x)) -bigint_t wrap_gcry_mpi_mod( const bigint_t a, const bigint_t b) +bigint_t +wrap_gcry_mpi_mod (const bigint_t a, const bigint_t b) { bigint_t r = _gnutls_mpi_alloc_like (b); - + if (r == NULL) return NULL; - - gcry_mpi_mod( r, a, b); + + gcry_mpi_mod (r, a, b); return r; } -bigint_t wrap_gcry_mpi_powm( bigint_t w, const bigint_t b, const bigint_t e, const bigint_t m) +bigint_t +wrap_gcry_mpi_powm (bigint_t w, const bigint_t b, const bigint_t e, + const bigint_t m) { if (w == NULL) w = _gnutls_mpi_alloc_like (m); - + if (w == NULL) return NULL; - - gcry_mpi_powm( w, b, e, m); + + gcry_mpi_powm (w, b, e, m); return w; } -bigint_t wrap_gcry_mpi_addm( bigint_t w, const bigint_t a, const bigint_t b, const bigint_t m) +bigint_t +wrap_gcry_mpi_addm (bigint_t w, const bigint_t a, const bigint_t b, + const bigint_t m) { if (w == NULL) w = _gnutls_mpi_alloc_like (m); - + if (w == NULL) return NULL; - - gcry_mpi_addm( w, a, b, m); + + gcry_mpi_addm (w, a, b, m); return w; } -bigint_t wrap_gcry_mpi_subm( bigint_t w, const bigint_t a, const bigint_t b, const bigint_t m) +bigint_t +wrap_gcry_mpi_subm (bigint_t w, const bigint_t a, const bigint_t b, + const bigint_t m) { if (w == NULL) w = _gnutls_mpi_alloc_like (m); - + if (w == NULL) return NULL; - - gcry_mpi_subm( w, a, b, m); + + gcry_mpi_subm (w, a, b, m); return w; } -bigint_t wrap_gcry_mpi_mulm( bigint_t w, const bigint_t a, const bigint_t b, const bigint_t m) +bigint_t +wrap_gcry_mpi_mulm (bigint_t w, const bigint_t a, const bigint_t b, + const bigint_t m) { if (w == NULL) w = _gnutls_mpi_alloc_like (m); - + if (w == NULL) return NULL; - - gcry_mpi_mulm( w, a, b, m); + + gcry_mpi_mulm (w, a, b, m); return w; } -bigint_t wrap_gcry_mpi_add( bigint_t w, const bigint_t a, const bigint_t b) +bigint_t +wrap_gcry_mpi_add (bigint_t w, const bigint_t a, const bigint_t b) { if (w == NULL) w = _gnutls_mpi_alloc_like (b); - + if (w == NULL) return NULL; - - gcry_mpi_add( w, a, b); + + gcry_mpi_add (w, a, b); return w; } -bigint_t wrap_gcry_mpi_sub( bigint_t w, const bigint_t a, const bigint_t b) +bigint_t +wrap_gcry_mpi_sub (bigint_t w, const bigint_t a, const bigint_t b) { if (w == NULL) w = _gnutls_mpi_alloc_like (b); - + if (w == NULL) return NULL; - - gcry_mpi_sub( w, a, b); + + gcry_mpi_sub (w, a, b); return w; } -bigint_t wrap_gcry_mpi_mul( bigint_t w, const bigint_t a, const bigint_t b) +bigint_t +wrap_gcry_mpi_mul (bigint_t w, const bigint_t a, const bigint_t b) { if (w == NULL) w = _gnutls_mpi_alloc_like (b); - + if (w == NULL) return NULL; - - gcry_mpi_mul( w, a, b); + + gcry_mpi_mul (w, a, b); return w; } /* q = a / b */ -bigint_t wrap_gcry_mpi_div( bigint_t q, const bigint_t a, const bigint_t b) +bigint_t +wrap_gcry_mpi_div (bigint_t q, const bigint_t a, const bigint_t b) { if (q == NULL) q = _gnutls_mpi_alloc_like (a); - + if (q == NULL) return NULL; - - gcry_mpi_div( q, NULL, a, b, 0); + + gcry_mpi_div (q, NULL, a, b, 0); return q; } -bigint_t wrap_gcry_mpi_add_ui( bigint_t w, const bigint_t a, unsigned long b) +bigint_t +wrap_gcry_mpi_add_ui (bigint_t w, const bigint_t a, unsigned long b) { if (w == NULL) w = _gnutls_mpi_alloc_like (a); - + if (w == NULL) return NULL; - - gcry_mpi_add_ui( w, a, b); + + gcry_mpi_add_ui (w, a, b); return w; } -bigint_t wrap_gcry_mpi_sub_ui( bigint_t w, const bigint_t a, unsigned long b) +bigint_t +wrap_gcry_mpi_sub_ui (bigint_t w, const bigint_t a, unsigned long b) { if (w == NULL) w = _gnutls_mpi_alloc_like (a); - + if (w == NULL) return NULL; - - gcry_mpi_sub_ui( w, a, b); + + gcry_mpi_sub_ui (w, a, b); return w; } -bigint_t wrap_gcry_mpi_mul_ui( bigint_t w, const bigint_t a, unsigned long b) +bigint_t +wrap_gcry_mpi_mul_ui (bigint_t w, const bigint_t a, unsigned long b) { if (w == NULL) w = _gnutls_mpi_alloc_like (a); - + if (w == NULL) return NULL; - - gcry_mpi_mul_ui( w, a, b); + + gcry_mpi_mul_ui (w, a, b); return w; } -int wrap_gcry_prime_check( bigint_t pp) +int +wrap_gcry_prime_check (bigint_t pp) { - return gcry_prime_check( pp, 0); + return gcry_prime_check (pp, 0); } -int wrap_gcry_generate_group( gnutls_group_st *group, unsigned int bits) +int +wrap_gcry_generate_group (gnutls_group_st * group, unsigned int bits) { bigint_t g = NULL, prime = NULL; gcry_error_t err; @@ -253,7 +277,7 @@ int wrap_gcry_generate_group( gnutls_group_st *group, unsigned int bits) qbits = bits / 2; else { - qbits = (bits/40) + 105; + qbits = (bits / 40) + 105; } if (qbits & 1) /* better have an even number */ @@ -270,7 +294,7 @@ int wrap_gcry_generate_group( gnutls_group_st *group, unsigned int bits) gcry_prime_release_factors (factors); } - err = gcry_prime_generate ((gcry_mpi_t*)&prime, bits, qbits, + err = gcry_prime_generate ((gcry_mpi_t *) & prime, bits, qbits, &factors, NULL, NULL, GCRY_STRONG_RANDOM, GCRY_PRIME_FLAG_SPECIAL_FACTOR); @@ -296,7 +320,7 @@ int wrap_gcry_generate_group( gnutls_group_st *group, unsigned int bits) /* generate the group generator. */ - err = gcry_prime_group_generator ((gcry_mpi_t*)&g, prime, factors, NULL); + err = gcry_prime_group_generator ((gcry_mpi_t *) & g, prime, factors, NULL); if (err != 0) { gnutls_assert (); @@ -326,7 +350,7 @@ int crypto_bigint_prio = INT_MAX; gnutls_crypto_bigint_st _gnutls_mpi_ops = { .bigint_new = gcry_mpi_new, .bigint_cmp = gcry_mpi_cmp, - .bigint_cmp_ui = gcry_mpi_cmp_ui, + .bigint_cmp_ui = gcry_mpi_cmp_ui, .bigint_mod = wrap_gcry_mpi_mod, .bigint_set = gcry_mpi_set, .bigint_set_ui = gcry_mpi_set_ui, diff --git a/lib/opencdk/armor.c b/lib/opencdk/armor.c index 8c5eb5ed63..9919890d1a 100644 --- a/lib/opencdk/armor.c +++ b/lib/opencdk/armor.c @@ -50,89 +50,121 @@ #define b64val(c) index64[(unsigned int)(c)] static u32 crc_table[] = { -0x000000, 0x864CFB, 0x8AD50D, 0x0C99F6, 0x93E6E1, 0x15AA1A, 0x1933EC, 0x9F7F17, -0xA18139, 0x27CDC2, 0x2B5434, 0xAD18CF, 0x3267D8, 0xB42B23, 0xB8B2D5, 0x3EFE2E, -0xC54E89, 0x430272, 0x4F9B84, 0xC9D77F, 0x56A868, 0xD0E493, 0xDC7D65, 0x5A319E, -0x64CFB0, 0xE2834B, 0xEE1ABD, 0x685646, 0xF72951, 0x7165AA, 0x7DFC5C, 0xFBB0A7, -0x0CD1E9, 0x8A9D12, 0x8604E4, 0x00481F, 0x9F3708, 0x197BF3, 0x15E205, 0x93AEFE, -0xAD50D0, 0x2B1C2B, 0x2785DD, 0xA1C926, 0x3EB631, 0xB8FACA, 0xB4633C, 0x322FC7, -0xC99F60, 0x4FD39B, 0x434A6D, 0xC50696, 0x5A7981, 0xDC357A, 0xD0AC8C, 0x56E077, -0x681E59, 0xEE52A2, 0xE2CB54, 0x6487AF, 0xFBF8B8, 0x7DB443, 0x712DB5, 0xF7614E, -0x19A3D2, 0x9FEF29, 0x9376DF, 0x153A24, 0x8A4533, 0x0C09C8, 0x00903E, 0x86DCC5, -0xB822EB, 0x3E6E10, 0x32F7E6, 0xB4BB1D, 0x2BC40A, 0xAD88F1, 0xA11107, 0x275DFC, -0xDCED5B, 0x5AA1A0, 0x563856, 0xD074AD, 0x4F0BBA, 0xC94741, 0xC5DEB7, 0x43924C, -0x7D6C62, 0xFB2099, 0xF7B96F, 0x71F594, 0xEE8A83, 0x68C678, 0x645F8E, 0xE21375, -0x15723B, 0x933EC0, 0x9FA736, 0x19EBCD, 0x8694DA, 0x00D821, 0x0C41D7, 0x8A0D2C, -0xB4F302, 0x32BFF9, 0x3E260F, 0xB86AF4, 0x2715E3, 0xA15918, 0xADC0EE, 0x2B8C15, -0xD03CB2, 0x567049, 0x5AE9BF, 0xDCA544, 0x43DA53, 0xC596A8, 0xC90F5E, 0x4F43A5, -0x71BD8B, 0xF7F170, 0xFB6886, 0x7D247D, 0xE25B6A, 0x641791, 0x688E67, 0xEEC29C, -0x3347A4, 0xB50B5F, 0xB992A9, 0x3FDE52, 0xA0A145, 0x26EDBE, 0x2A7448, 0xAC38B3, -0x92C69D, 0x148A66, 0x181390, 0x9E5F6B, 0x01207C, 0x876C87, 0x8BF571, 0x0DB98A, -0xF6092D, 0x7045D6, 0x7CDC20, 0xFA90DB, 0x65EFCC, 0xE3A337, 0xEF3AC1, 0x69763A, -0x578814, 0xD1C4EF, 0xDD5D19, 0x5B11E2, 0xC46EF5, 0x42220E, 0x4EBBF8, 0xC8F703, -0x3F964D, 0xB9DAB6, 0xB54340, 0x330FBB, 0xAC70AC, 0x2A3C57, 0x26A5A1, 0xA0E95A, -0x9E1774, 0x185B8F, 0x14C279, 0x928E82, 0x0DF195, 0x8BBD6E, 0x872498, 0x016863, -0xFAD8C4, 0x7C943F, 0x700DC9, 0xF64132, 0x693E25, 0xEF72DE, 0xE3EB28, 0x65A7D3, -0x5B59FD, 0xDD1506, 0xD18CF0, 0x57C00B, 0xC8BF1C, 0x4EF3E7, 0x426A11, 0xC426EA, -0x2AE476, 0xACA88D, 0xA0317B, 0x267D80, 0xB90297, 0x3F4E6C, 0x33D79A, 0xB59B61, -0x8B654F, 0x0D29B4, 0x01B042, 0x87FCB9, 0x1883AE, 0x9ECF55, 0x9256A3, 0x141A58, -0xEFAAFF, 0x69E604, 0x657FF2, 0xE33309, 0x7C4C1E, 0xFA00E5, 0xF69913, 0x70D5E8, -0x4E2BC6, 0xC8673D, 0xC4FECB, 0x42B230, 0xDDCD27, 0x5B81DC, 0x57182A, 0xD154D1, -0x26359F, 0xA07964, 0xACE092, 0x2AAC69, 0xB5D37E, 0x339F85, 0x3F0673, 0xB94A88, -0x87B4A6, 0x01F85D, 0x0D61AB, 0x8B2D50, 0x145247, 0x921EBC, 0x9E874A, 0x18CBB1, -0xE37B16, 0x6537ED, 0x69AE1B, 0xEFE2E0, 0x709DF7, 0xF6D10C, 0xFA48FA, 0x7C0401, -0x42FA2F, 0xC4B6D4, 0xC82F22, 0x4E63D9, 0xD11CCE, 0x575035, 0x5BC9C3, 0xDD8538 + 0x000000, 0x864CFB, 0x8AD50D, 0x0C99F6, 0x93E6E1, 0x15AA1A, 0x1933EC, + 0x9F7F17, + 0xA18139, 0x27CDC2, 0x2B5434, 0xAD18CF, 0x3267D8, 0xB42B23, 0xB8B2D5, + 0x3EFE2E, + 0xC54E89, 0x430272, 0x4F9B84, 0xC9D77F, 0x56A868, 0xD0E493, 0xDC7D65, + 0x5A319E, + 0x64CFB0, 0xE2834B, 0xEE1ABD, 0x685646, 0xF72951, 0x7165AA, 0x7DFC5C, + 0xFBB0A7, + 0x0CD1E9, 0x8A9D12, 0x8604E4, 0x00481F, 0x9F3708, 0x197BF3, 0x15E205, + 0x93AEFE, + 0xAD50D0, 0x2B1C2B, 0x2785DD, 0xA1C926, 0x3EB631, 0xB8FACA, 0xB4633C, + 0x322FC7, + 0xC99F60, 0x4FD39B, 0x434A6D, 0xC50696, 0x5A7981, 0xDC357A, 0xD0AC8C, + 0x56E077, + 0x681E59, 0xEE52A2, 0xE2CB54, 0x6487AF, 0xFBF8B8, 0x7DB443, 0x712DB5, + 0xF7614E, + 0x19A3D2, 0x9FEF29, 0x9376DF, 0x153A24, 0x8A4533, 0x0C09C8, 0x00903E, + 0x86DCC5, + 0xB822EB, 0x3E6E10, 0x32F7E6, 0xB4BB1D, 0x2BC40A, 0xAD88F1, 0xA11107, + 0x275DFC, + 0xDCED5B, 0x5AA1A0, 0x563856, 0xD074AD, 0x4F0BBA, 0xC94741, 0xC5DEB7, + 0x43924C, + 0x7D6C62, 0xFB2099, 0xF7B96F, 0x71F594, 0xEE8A83, 0x68C678, 0x645F8E, + 0xE21375, + 0x15723B, 0x933EC0, 0x9FA736, 0x19EBCD, 0x8694DA, 0x00D821, 0x0C41D7, + 0x8A0D2C, + 0xB4F302, 0x32BFF9, 0x3E260F, 0xB86AF4, 0x2715E3, 0xA15918, 0xADC0EE, + 0x2B8C15, + 0xD03CB2, 0x567049, 0x5AE9BF, 0xDCA544, 0x43DA53, 0xC596A8, 0xC90F5E, + 0x4F43A5, + 0x71BD8B, 0xF7F170, 0xFB6886, 0x7D247D, 0xE25B6A, 0x641791, 0x688E67, + 0xEEC29C, + 0x3347A4, 0xB50B5F, 0xB992A9, 0x3FDE52, 0xA0A145, 0x26EDBE, 0x2A7448, + 0xAC38B3, + 0x92C69D, 0x148A66, 0x181390, 0x9E5F6B, 0x01207C, 0x876C87, 0x8BF571, + 0x0DB98A, + 0xF6092D, 0x7045D6, 0x7CDC20, 0xFA90DB, 0x65EFCC, 0xE3A337, 0xEF3AC1, + 0x69763A, + 0x578814, 0xD1C4EF, 0xDD5D19, 0x5B11E2, 0xC46EF5, 0x42220E, 0x4EBBF8, + 0xC8F703, + 0x3F964D, 0xB9DAB6, 0xB54340, 0x330FBB, 0xAC70AC, 0x2A3C57, 0x26A5A1, + 0xA0E95A, + 0x9E1774, 0x185B8F, 0x14C279, 0x928E82, 0x0DF195, 0x8BBD6E, 0x872498, + 0x016863, + 0xFAD8C4, 0x7C943F, 0x700DC9, 0xF64132, 0x693E25, 0xEF72DE, 0xE3EB28, + 0x65A7D3, + 0x5B59FD, 0xDD1506, 0xD18CF0, 0x57C00B, 0xC8BF1C, 0x4EF3E7, 0x426A11, + 0xC426EA, + 0x2AE476, 0xACA88D, 0xA0317B, 0x267D80, 0xB90297, 0x3F4E6C, 0x33D79A, + 0xB59B61, + 0x8B654F, 0x0D29B4, 0x01B042, 0x87FCB9, 0x1883AE, 0x9ECF55, 0x9256A3, + 0x141A58, + 0xEFAAFF, 0x69E604, 0x657FF2, 0xE33309, 0x7C4C1E, 0xFA00E5, 0xF69913, + 0x70D5E8, + 0x4E2BC6, 0xC8673D, 0xC4FECB, 0x42B230, 0xDDCD27, 0x5B81DC, 0x57182A, + 0xD154D1, + 0x26359F, 0xA07964, 0xACE092, 0x2AAC69, 0xB5D37E, 0x339F85, 0x3F0673, + 0xB94A88, + 0x87B4A6, 0x01F85D, 0x0D61AB, 0x8B2D50, 0x145247, 0x921EBC, 0x9E874A, + 0x18CBB1, + 0xE37B16, 0x6537ED, 0x69AE1B, 0xEFE2E0, 0x709DF7, 0xF6D10C, 0xFA48FA, + 0x7C0401, + 0x42FA2F, 0xC4B6D4, 0xC82F22, 0x4E63D9, 0xD11CCE, 0x575035, 0x5BC9C3, + 0xDD8538 }; static const char *armor_begin[] = { - "BEGIN PGP MESSAGE", - "BEGIN PGP PUBLIC KEY BLOCK", - "BEGIN PGP PRIVATE KEY BLOCK", - "BEGIN PGP SIGNATURE", - NULL + "BEGIN PGP MESSAGE", + "BEGIN PGP PUBLIC KEY BLOCK", + "BEGIN PGP PRIVATE KEY BLOCK", + "BEGIN PGP SIGNATURE", + NULL }; static const char *armor_end[] = { - "END PGP MESSAGE", - "END PGP PUBLIC KEY BLOCK", - "END PGP PRIVATE KEY BLOCK", - "END PGP SIGNATURE", - NULL + "END PGP MESSAGE", + "END PGP PUBLIC KEY BLOCK", + "END PGP PRIVATE KEY BLOCK", + "END PGP SIGNATURE", + NULL }; static const char *valid_headers[] = { - "Comment", - "Version", - "MessageID", - "Hash", - "Charset", - NULL + "Comment", + "Version", + "MessageID", + "Hash", + "Charset", + NULL }; static char b64chars[] = -"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; static int index64[128] = { - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, - -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, - 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, - -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, - 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, - -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, - 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1 + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63, + 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1, -1, -1, -1, + -1, 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, + 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1, + -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, + 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1 }; /* encode a raw binary buffer to a null-terminated base64 strings */ static int -base64_encode (char *out, const byte *in, size_t len, size_t olen) +base64_encode (char *out, const byte * in, size_t len, size_t olen) { if (!out || !in) return CDK_Inv_Value; - + while (len >= 3 && olen > 10) - { + { *out++ = b64chars[in[0] >> 2]; *out++ = b64chars[((in[0] << 4) & 0x30) | (in[1] >> 4)]; *out++ = b64chars[((in[1] << 2) & 0x3c) | (in[2] >> 6)]; @@ -141,7 +173,7 @@ base64_encode (char *out, const byte *in, size_t len, size_t olen) len -= 3; in += 3; } - + /* clean up remainder */ if (len > 0 && olen > 4) { @@ -162,22 +194,22 @@ base64_encode (char *out, const byte *in, size_t len, size_t olen) /* Convert '\0'-terminated base64 string to raw byte buffer. Returns length of returned buffer, or -1 on error. */ static int -base64_decode (byte *out, const char *in) +base64_decode (byte * out, const char *in) { size_t len; byte digit1, digit2, digit3, digit4; - + if (!out || !in) return -1; len = 0; - do + do { digit1 = in[0]; if (digit1 > 127 || b64val (digit1) == BAD) return -1; digit2 = in[1]; - if( digit2 > 127 || b64val (digit2) == BAD ) + if (digit2 > 127 || b64val (digit2) == BAD) return -1; digit3 = in[2]; if (digit3 > 127 || ((digit3 != '=') && (b64val (digit3) == BAD))) @@ -186,11 +218,11 @@ base64_decode (byte *out, const char *in) if (digit4 > 127 || ((digit4 != '=') && (b64val (digit4) == BAD))) return -1; in += 4; - + /* digits are already sanity-checked */ *out++ = (b64val (digit1) << 2) | (b64val (digit2) >> 4); len++; - if (digit3 != '=') + if (digit3 != '=') { *out++ = ((b64val (digit2) << 4) & 0xf0) | (b64val (digit3) >> 2); len++; @@ -200,9 +232,9 @@ base64_decode (byte *out, const char *in) len++; } } - } + } while (*in && digit4 != '='); - + return len; } @@ -211,8 +243,7 @@ base64_decode (byte *out, const char *in) If the parameter is not set after execution, the stream is not compressed. */ static int -compress_get_algo (cdk_stream_t inp, int *r_zipalgo) - +compress_get_algo (cdk_stream_t inp, int *r_zipalgo) { byte plain[512]; char buf[128]; @@ -220,13 +251,13 @@ compress_get_algo (cdk_stream_t inp, int *r_zipalgo) *r_zipalgo = 0; cdk_stream_seek (inp, 0); - while (!cdk_stream_eof (inp)) - { - nread = _cdk_stream_gets (inp, buf, DIM (buf)-1); + while (!cdk_stream_eof (inp)) + { + nread = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nread || nread == -1) break; if (nread == 1 && !cdk_stream_eof (inp) - && (nread = _cdk_stream_gets (inp, buf, DIM (buf)-1)) > 0) + && (nread = _cdk_stream_gets (inp, buf, DIM (buf) - 1)) > 0) { base64_decode (plain, buf); if (!(*plain & 0x80)) @@ -234,7 +265,7 @@ compress_get_algo (cdk_stream_t inp, int *r_zipalgo) pkttype = *plain & 0x40 ? (*plain & 0x3f) : ((*plain >> 2) & 0xf); if (pkttype == CDK_PKT_COMPRESSED && r_zipalgo) { - _cdk_log_debug ("armor compressed (algo=%d)\n", *(plain+1)); + _cdk_log_debug ("armor compressed (algo=%d)\n", *(plain + 1)); *r_zipalgo = *(plain + 1); } break; @@ -250,9 +281,9 @@ check_armor (cdk_stream_t inp, int *r_zipalgo) char buf[4096]; size_t nread; int check; - + check = 0; - nread = cdk_stream_read (inp, buf, DIM (buf)-1); + nread = cdk_stream_read (inp, buf, DIM (buf) - 1); if (nread > 0) { buf[nread] = '\0'; @@ -261,7 +292,7 @@ check_armor (cdk_stream_t inp, int *r_zipalgo) compress_get_algo (inp, r_zipalgo); check = 1; } - cdk_stream_seek (inp, 0); + cdk_stream_seek (inp, 0); } return check; } @@ -273,8 +304,8 @@ is_armored (int ctb) int pkttype = 0; if (!(ctb & 0x80)) - return 1; /* invalid packet: assume it is armored */ - pkttype = ctb & 0x40 ? (ctb & 0x3f) : ((ctb >> 2) & 0xf); + return 1; /* invalid packet: assume it is armored */ + pkttype = ctb & 0x40 ? (ctb & 0x3f) : ((ctb >> 2) & 0xf); switch (pkttype) { case CDK_PKT_MARKER: @@ -285,20 +316,20 @@ is_armored (int ctb) case CDK_PKT_SIGNATURE: case CDK_PKT_LITERAL: case CDK_PKT_COMPRESSED: - return 0; /* seems to be a regular packet: not armored */ + return 0; /* seems to be a regular packet: not armored */ } return 1; } static u32 -update_crc (u32 crc, const byte *buf, size_t buflen) +update_crc (u32 crc, const byte * buf, size_t buflen) { unsigned int j; - + if (!crc) crc = CRCINIT; - + for (j = 0; j < buflen; j++) crc = (crc << 8) ^ crc_table[0xff & ((crc >> 16) ^ buf[j])]; crc &= 0xffffff; @@ -307,44 +338,44 @@ update_crc (u32 crc, const byte *buf, size_t buflen) static cdk_error_t -armor_encode (void *opaque, FILE *in, FILE *out) +armor_encode (void *opaque, FILE * in, FILE * out) { - armor_filter_t * afx = opaque; + armor_filter_t *afx = opaque; struct stat statbuf; char crcbuf[5], buf[128], raw[49]; byte crcbuf2[3]; size_t nread = 0; - const char * lf; - + const char *lf; + if (!afx) return CDK_Inv_Value; - if (afx->idx < 0 || afx->idx > (int)DIM (armor_begin) || - afx->idx2 < 0 || afx->idx2 > (int)DIM (armor_end)) - return CDK_Inv_Value; + if (afx->idx < 0 || afx->idx > (int) DIM (armor_begin) || + afx->idx2 < 0 || afx->idx2 > (int) DIM (armor_end)) + return CDK_Inv_Value; _cdk_log_debug ("armor filter: encode\n"); - + memset (crcbuf, 0, sizeof (crcbuf)); lf = afx->le ? afx->le : LF; fprintf (out, "-----%s-----%s", armor_begin[afx->idx], lf); - fprintf (out, "Version: OpenPrivacy "PACKAGE_VERSION"%s", lf); + fprintf (out, "Version: OpenPrivacy " PACKAGE_VERSION "%s", lf); if (afx->hdrlines) fwrite (afx->hdrlines, 1, strlen (afx->hdrlines), out); fprintf (out, "%s", lf); - + if (fstat (fileno (in), &statbuf)) return CDK_General_Error; while (!feof (in)) { - nread = fread (raw, 1, DIM (raw)-1, in); + nread = fread (raw, 1, DIM (raw) - 1, in); if (!nread) break; if (ferror (in)) return CDK_File_Error; - afx->crc = update_crc (afx->crc, (byte*)raw, nread); - base64_encode (buf, (byte*)raw, nread, DIM (buf)-1); + afx->crc = update_crc (afx->crc, (byte *) raw, nread); + base64_encode (buf, (byte *) raw, nread, DIM (buf) - 1); fprintf (out, "%s%s", buf, lf); } @@ -352,12 +383,12 @@ armor_encode (void *opaque, FILE *in, FILE *out) crcbuf2[1] = afx->crc >> 8; crcbuf2[2] = afx->crc; crcbuf[0] = b64chars[crcbuf2[0] >> 2]; - crcbuf[1] = b64chars[((crcbuf2[0] << 4) & 0x30) |(crcbuf2[1] >> 4)]; - crcbuf[2] = b64chars[((crcbuf2[1] << 2) & 0x3c) |(crcbuf2[2] >> 6)]; + crcbuf[1] = b64chars[((crcbuf2[0] << 4) & 0x30) | (crcbuf2[1] >> 4)]; + crcbuf[2] = b64chars[((crcbuf2[1] << 2) & 0x3c) | (crcbuf2[2] >> 6)]; crcbuf[3] = b64chars[crcbuf2[2] & 0x3f]; fprintf (out, "=%s%s", crcbuf, lf); fprintf (out, "-----%s-----%s", armor_end[afx->idx2], lf); - + return 0; } @@ -377,7 +408,7 @@ cdk_armor_filter_use (cdk_stream_t inp) zipalgo = 0; c = cdk_stream_getc (inp); if (c == EOF) - return 0; /* EOF, doesn't matter whether armored or not */ + return 0; /* EOF, doesn't matter whether armored or not */ cdk_stream_seek (inp, 0); check = is_armored (c); if (check) @@ -395,9 +426,9 @@ search_header (const char *buf, const char **array) { const char *s; int i; - + if (strlen (buf) < 5 || strncmp (buf, "-----", 5)) - return -1; + return -1; for (i = 0; (s = array[i]); i++) { if (!strncmp (s, buf + 5, strlen (s))) @@ -407,17 +438,17 @@ search_header (const char *buf, const char **array) } -const char* -_cdk_armor_get_lineend( void ) +const char * +_cdk_armor_get_lineend (void) { return LF; } static cdk_error_t -armor_decode (void *opaque, FILE *in, FILE *out) +armor_decode (void *opaque, FILE * in, FILE * out) { - armor_filter_t * afx = opaque; + armor_filter_t *afx = opaque; const char *s; char buf[127]; byte raw[128], crcbuf[4]; @@ -425,37 +456,37 @@ armor_decode (void *opaque, FILE *in, FILE *out) ssize_t nread = 0; int i, pgp_data = 0; cdk_error_t rc = 0; - + if (!afx) return CDK_Inv_Value; - + _cdk_log_debug ("armor filter: decode\n"); - + fseek (in, 0, SEEK_SET); /* Search the begin of the message */ while (!feof (in) && !pgp_data) { - s = fgets (buf, DIM (buf)-1, in); + s = fgets (buf, DIM (buf) - 1, in); if (!s) break; afx->idx = search_header (buf, armor_begin); if (afx->idx >= 0) pgp_data = 1; } - - if (feof (in) || !pgp_data) - return CDK_Armor_Error; /* no data found */ - + + if (feof (in) || !pgp_data) + return CDK_Armor_Error; /* no data found */ + /* Parse header until the empty line is reached */ - while (!feof (in)) + while (!feof (in)) { - s = fgets (buf, DIM (buf)-1, in); + s = fgets (buf, DIM (buf) - 1, in); if (!s) return CDK_EOF; - if (strlen (s) == strlen (LF)) + if (strlen (s) == strlen (LF)) { rc = 0; - break; /* empty line */ + break; /* empty line */ } /* From RFC2440: OpenPGP should consider improperly formatted Armor Headers to be corruption of the ASCII Armor. A colon and a single @@ -464,11 +495,11 @@ armor_decode (void *opaque, FILE *in, FILE *out) return CDK_Armor_Error; rc = CDK_General_Error; for (i = 0; (s = valid_headers[i]); i++) - { + { if (!strncmp (s, buf, strlen (s))) rc = 0; } - if (rc) + if (rc) { /* From RFC2440: Unknown keys should be reported to the user, but OpenPGP should continue to process the message. */ @@ -478,32 +509,32 @@ armor_decode (void *opaque, FILE *in, FILE *out) } /* Read the data body */ - while (!feof (in)) + while (!feof (in)) { - s = fgets (buf, DIM (buf)-1, in); + s = fgets (buf, DIM (buf) - 1, in); if (!s) break; buf[strlen (buf) - strlen (LF)] = '\0'; - if (buf[0] == '=' && strlen (s) == 5) - { /* CRC */ + if (buf[0] == '=' && strlen (s) == 5) + { /* CRC */ memset (crcbuf, 0, sizeof (crcbuf)); base64_decode (crcbuf, buf + 1); crc2 = (crcbuf[0] << 16) | (crcbuf[1] << 8) | crcbuf[2]; - break; /* stop here */ + break; /* stop here */ } else { - nread = base64_decode(raw, buf); + nread = base64_decode (raw, buf); if (nread == -1 || nread == 0) break; afx->crc = update_crc (afx->crc, raw, nread); fwrite (raw, 1, nread, out); } } - + /* Search the tail of the message */ - s = fgets (buf, DIM (buf)-1, in); - if (s) + s = fgets (buf, DIM (buf) - 1, in); + if (s) { buf[strlen (buf) - strlen (LF)] = '\0'; rc = CDK_General_Error; @@ -511,19 +542,19 @@ armor_decode (void *opaque, FILE *in, FILE *out) if (afx->idx2 >= 0) rc = 0; } - + /* This catches error when no tail was found or the header is different then the tail line. */ if (rc || afx->idx != afx->idx2) rc = CDK_Armor_Error; - + afx->crc_okay = (afx->crc == crc2) ? 1 : 0; - if (!afx->crc_okay && !rc) + if (!afx->crc_okay && !rc) { _cdk_log_debug ("file crc=%08lX afx_crc=%08lX\n", crc2, afx->crc); rc = CDK_Armor_CRC_Error; } - + return rc; } @@ -537,26 +568,26 @@ armor_decode (void *opaque, FILE *in, FILE *out) * Protect a file with ASCII armor. **/ cdk_error_t -cdk_file_armor (cdk_ctx_t hd, const char * file, const char * output) +cdk_file_armor (cdk_ctx_t hd, const char *file, const char *output) { cdk_stream_t inp, out; cdk_error_t rc; - + rc = _cdk_check_args (hd->opt.overwrite, file, output); if (rc) return rc; - + rc = cdk_stream_open (file, &inp); if (rc) return rc; - + rc = cdk_stream_new (output, &out); - if (rc) + if (rc) { cdk_stream_close (inp); return rc; } - + cdk_stream_set_armor_flag (out, CDK_ARMOR_MESSAGE); if (hd->opt.compress) rc = cdk_stream_set_compress_flag (out, hd->compress.algo, @@ -567,7 +598,7 @@ cdk_file_armor (cdk_ctx_t hd, const char * file, const char * output) rc = cdk_stream_kick_off (inp, out); if (!rc) rc = _cdk_stream_get_errno (out); - + cdk_stream_close (out); cdk_stream_close (inp); return rc; @@ -582,7 +613,7 @@ cdk_file_armor (cdk_ctx_t hd, const char * file, const char * output) * Remove ASCII armor from a file. **/ cdk_error_t -cdk_file_dearmor (const char * file, const char * output) +cdk_file_dearmor (const char *file, const char *output) { cdk_stream_t inp, out; cdk_error_t rc; @@ -591,18 +622,18 @@ cdk_file_dearmor (const char * file, const char * output) rc = _cdk_check_args (1, file, output); if (rc) return rc; - + rc = cdk_stream_open (file, &inp); if (rc) return rc; - + rc = cdk_stream_create (output, &out); if (rc) - { - cdk_stream_close( inp ); + { + cdk_stream_close (inp); return rc; } - + if (cdk_armor_filter_use (inp)) { rc = cdk_stream_set_literal_flag (inp, 0, NULL); @@ -616,7 +647,7 @@ cdk_file_dearmor (const char * file, const char * output) if (!rc) rc = _cdk_stream_get_errno (inp); } - + cdk_stream_close (inp); cdk_stream_close (out); return rc; @@ -624,7 +655,7 @@ cdk_file_dearmor (const char * file, const char * output) int -_cdk_filter_armor (void *opaque, int ctl, FILE * in, FILE *out) +_cdk_filter_armor (void *opaque, int ctl, FILE * in, FILE * out) { if (ctl == STREAMCTL_READ) return armor_decode (opaque, in, out); @@ -632,7 +663,7 @@ _cdk_filter_armor (void *opaque, int ctl, FILE * in, FILE *out) return armor_encode (opaque, in, out); else if (ctl == STREAMCTL_FREE) { - armor_filter_t * afx = opaque; + armor_filter_t *afx = opaque; if (afx) { _cdk_log_debug ("free armor filter\n"); @@ -657,69 +688,80 @@ _cdk_filter_armor (void *opaque, int ctl, FILE * in, FILE *out) * Encode the given buffer into base64 format. **/ cdk_error_t -cdk_armor_encode_buffer (const byte *inbuf, size_t inlen, - char *outbuf, size_t outlen, - size_t *nwritten, int type) +cdk_armor_encode_buffer (const byte * inbuf, size_t inlen, + char *outbuf, size_t outlen, + size_t * nwritten, int type) { const char *head, *tail, *le; byte tempbuf[48]; char tempout[128]; size_t pos, off, len, rest; - + if (!inbuf || !nwritten) return CDK_Inv_Value; if (type > CDK_ARMOR_SIGNATURE) return CDK_Inv_Mode; - - head = armor_begin [type]; - tail = armor_end [type]; + + head = armor_begin[type]; + tail = armor_end[type]; le = _cdk_armor_get_lineend (); - pos = strlen (head) + 10 + 2 + 2 + strlen (tail) + 10 + 2 + 5 + 2; + pos = strlen (head) + 10 + 2 + 2 + strlen (tail) + 10 + 2 + 5 + 2; /* The output data is 4/3 times larger, plus a line end for each line. */ - pos += (4*inlen/3) + 2*(4*inlen/3/64); - + pos += (4 * inlen / 3) + 2 * (4 * inlen / 3 / 64); + if (outbuf && outlen < pos) return CDK_Too_Short; - + /* Only return the size of the output. */ if (!outbuf) { *nwritten = pos; return 0; - } - + } + pos = 0; memset (outbuf, 0, outlen); - memcpy (outbuf+pos, "-----", 5); pos += 5; - memcpy (outbuf+pos, head, strlen (head)); pos += strlen (head); - memcpy (outbuf+pos, "-----", 5); pos += 5; - memcpy (outbuf+pos, le, strlen (le)); pos += strlen (le); - memcpy (outbuf+pos, le, strlen (le)); pos += strlen (le); + memcpy (outbuf + pos, "-----", 5); + pos += 5; + memcpy (outbuf + pos, head, strlen (head)); + pos += strlen (head); + memcpy (outbuf + pos, "-----", 5); + pos += 5; + memcpy (outbuf + pos, le, strlen (le)); + pos += strlen (le); + memcpy (outbuf + pos, le, strlen (le)); + pos += strlen (le); rest = inlen; for (off = 0; off < inlen;) { if (rest > 48) - { - memcpy (tempbuf, inbuf+off, 48); + { + memcpy (tempbuf, inbuf + off, 48); off += 48; len = 48; } else { - memcpy (tempbuf, inbuf+off, rest); + memcpy (tempbuf, inbuf + off, rest); off += rest; len = rest; } rest -= len; - base64_encode (tempout, tempbuf, len, DIM (tempout)-1); - memcpy (outbuf+pos, tempout, strlen (tempout)); pos += strlen (tempout); - memcpy (outbuf+pos, le, strlen (le)); pos += strlen (le); + base64_encode (tempout, tempbuf, len, DIM (tempout) - 1); + memcpy (outbuf + pos, tempout, strlen (tempout)); + pos += strlen (tempout); + memcpy (outbuf + pos, le, strlen (le)); + pos += strlen (le); } - - memcpy (outbuf+pos, "-----", 5); pos += 5; - memcpy (outbuf+pos, tail, strlen (tail)); pos += strlen (tail); - memcpy (outbuf+pos, "-----", 5); pos += 5; - memcpy (outbuf+pos, le, strlen (le)); pos += strlen (le); + + memcpy (outbuf + pos, "-----", 5); + pos += 5; + memcpy (outbuf + pos, tail, strlen (tail)); + pos += strlen (tail); + memcpy (outbuf + pos, "-----", 5); + pos += 5; + memcpy (outbuf + pos, le, strlen (le)); + pos += strlen (le); *nwritten = pos; return 0; } diff --git a/lib/opencdk/dummy.c b/lib/opencdk/dummy.c index 4fd2596cc3..0ede7ed41d 100644 --- a/lib/opencdk/dummy.c +++ b/lib/opencdk/dummy.c @@ -9,8 +9,7 @@ cdk_error_t _cdk_proc_packets (cdk_ctx_t hd, cdk_stream_t inp, cdk_stream_t data, const char *output, cdk_stream_t outstream, - digest_hd_st* md) + digest_hd_st * md) { return 0; } - diff --git a/lib/opencdk/hash.c b/lib/opencdk/hash.c index a5c5dc05a8..afc5c990c2 100644 --- a/lib/opencdk/hash.c +++ b/lib/opencdk/hash.c @@ -33,27 +33,27 @@ #include "filters.h" static cdk_error_t -hash_encode (void *opaque, FILE *in, FILE *out) +hash_encode (void *opaque, FILE * in, FILE * out) { md_filter_t *mfx = opaque; byte buf[BUFSIZE]; int err; int nread; - + if (!mfx) return CDK_Inv_Value; - + _cdk_log_debug ("hash filter: encode algo=%d\n", mfx->digest_algo); - + if (!mfx->md_initialized) { err = _gnutls_hash_init (&mfx->md, mfx->digest_algo); if (err < 0) return map_gnutls_error (err); - + mfx->md_initialized = 1; } - + while (!feof (in)) { nread = fread (buf, 1, BUFSIZE, in); @@ -61,26 +61,26 @@ hash_encode (void *opaque, FILE *in, FILE *out) break; _gnutls_hash (&mfx->md, buf, nread); } - + wipemem (buf, sizeof (buf)); return 0; } cdk_error_t -_cdk_filter_hash (void *opaque, int ctl, FILE *in, FILE *out) +_cdk_filter_hash (void *opaque, int ctl, FILE * in, FILE * out) { if (ctl == STREAMCTL_READ) return hash_encode (opaque, in, out); else if (ctl == STREAMCTL_FREE) { md_filter_t *mfx = opaque; - if (mfx) + if (mfx) { _cdk_log_debug ("free hash filter\n"); _gnutls_hash_deinit (&mfx->md, NULL); mfx->md_initialized = 0; return 0; - } + } } return CDK_Inv_Mode; } diff --git a/lib/opencdk/kbnode.c b/lib/opencdk/kbnode.c index 466213c66c..5b79b99a7b 100644 --- a/lib/opencdk/kbnode.c +++ b/lib/opencdk/kbnode.c @@ -44,7 +44,7 @@ cdk_kbnode_t cdk_kbnode_new (cdk_packet_t pkt) { cdk_kbnode_t n; - + n = cdk_calloc (1, sizeof *n); if (!n) return NULL; @@ -73,8 +73,8 @@ void cdk_kbnode_release (cdk_kbnode_t node) { cdk_kbnode_t n2; - - while (node) + + while (node) { n2 = node->next; if (!node->is_cloned) @@ -104,7 +104,7 @@ void _cdk_kbnode_add (cdk_kbnode_t root, cdk_kbnode_t node) { cdk_kbnode_t n1; - + for (n1 = root; n1->next; n1 = n1->next) ; n1->next = node; @@ -121,19 +121,20 @@ _cdk_kbnode_add (cdk_kbnode_t root, cdk_kbnode_t node) * type @pkttype (only if @pkttype != 0). **/ void -cdk_kbnode_insert (cdk_kbnode_t root, cdk_kbnode_t node, cdk_packet_type_t pkttype) +cdk_kbnode_insert (cdk_kbnode_t root, cdk_kbnode_t node, + cdk_packet_type_t pkttype) { if (!pkttype) { node->next = root->next; root->next = node; } - else + else { cdk_kbnode_t n1; - + for (n1 = root; n1->next; n1 = n1->next) - if (pkttype != n1->next->pkt->pkttype) + if (pkttype != n1->next->pkt->pkttype) { node->next = n1->next; n1->next = node; @@ -156,10 +157,11 @@ cdk_kbnode_insert (cdk_kbnode_t root, cdk_kbnode_t node, cdk_packet_type_t pktty * with pkttype @pkttype in the list starting with @root of @node. **/ cdk_kbnode_t -cdk_kbnode_find_prev (cdk_kbnode_t root, cdk_kbnode_t node, cdk_packet_type_t pkttype) +cdk_kbnode_find_prev (cdk_kbnode_t root, cdk_kbnode_t node, + cdk_packet_type_t pkttype) { cdk_kbnode_t n1; - + for (n1 = NULL; root && root != node; root = root->next) { if (!pkttype || root->pkt->pkttype == pkttype) @@ -234,9 +236,9 @@ cdk_packet_t cdk_kbnode_find_packet (cdk_kbnode_t node, cdk_packet_type_t pkttype) { cdk_kbnode_t res; - + res = cdk_kbnode_find (node, pkttype); - return res? res->pkt : NULL; + return res ? res->pkt : NULL; } @@ -249,18 +251,18 @@ cdk_kbnode_find_packet (cdk_kbnode_t node, cdk_packet_type_t pkttype) * to start with ROOT). */ cdk_kbnode_t -cdk_kbnode_walk (cdk_kbnode_t root, cdk_kbnode_t *ctx, int all) +cdk_kbnode_walk (cdk_kbnode_t root, cdk_kbnode_t * ctx, int all) { cdk_kbnode_t n; - - do + + do { - if (! *ctx) + if (!*ctx) { *ctx = root; n = root; } - else + else { n = (*ctx)->next; *ctx = n; @@ -282,11 +284,11 @@ cdk_kbnode_walk (cdk_kbnode_t root, cdk_kbnode_t *ctx, int all) * Returns: true if any node has been changed */ int -cdk_kbnode_commit (cdk_kbnode_t *root) +cdk_kbnode_commit (cdk_kbnode_t * root) { cdk_kbnode_t n, nl; int changed = 0; - + for (n = *root, nl = NULL; n; n = nl->next) { if (n->is_deleted) @@ -315,10 +317,10 @@ cdk_kbnode_commit (cdk_kbnode_t *root) * Removes a node from the root node. */ void -cdk_kbnode_remove (cdk_kbnode_t *root, cdk_kbnode_t node) +cdk_kbnode_remove (cdk_kbnode_t * root, cdk_kbnode_t node) { cdk_kbnode_t n, nl; - + for (n = *root, nl = NULL; n; n = nl->next) { if (n == node) @@ -350,16 +352,16 @@ void cdk_kbnode_move (cdk_kbnode_t * root, cdk_kbnode_t node, cdk_kbnode_t where) { cdk_kbnode_t tmp, prev; - + if (!root || !*root || !node) return; for (prev = *root; prev && prev->next != node; prev = prev->next) ; if (!prev) - return; /* Node is not in the list */ - - if (!where) - { /* Move node before root */ + return; /* Node is not in the list */ + + if (!where) + { /* Move node before root */ if (node == *root) return; prev->next = node->next; @@ -367,7 +369,7 @@ cdk_kbnode_move (cdk_kbnode_t * root, cdk_kbnode_t node, cdk_kbnode_t where) *root = node; return; } - if (node == where) /* Move it after where. */ + if (node == where) /* Move it after where. */ return; tmp = node->next; node->next = where->next; @@ -402,25 +404,25 @@ cdk_kbnode_get_packet (cdk_kbnode_t node) * Tries to read a key node from the memory buffer @buf. **/ cdk_error_t -cdk_kbnode_read_from_mem (cdk_kbnode_t *ret_node, - const byte *buf, size_t buflen) +cdk_kbnode_read_from_mem (cdk_kbnode_t * ret_node, + const byte * buf, size_t buflen) { cdk_stream_t inp; cdk_error_t rc; - + if (!ret_node || !buf) return CDK_Inv_Value; - + *ret_node = NULL; if (!buflen) - return CDK_Too_Short; - + return CDK_Too_Short; + rc = cdk_stream_tmp_from_mem (buf, buflen, &inp); if (rc) return rc; rc = cdk_keydb_get_keyblock (inp, ret_node); if (rc) - gnutls_assert(); + gnutls_assert (); cdk_stream_close (inp); return rc; } @@ -436,24 +438,24 @@ cdk_kbnode_read_from_mem (cdk_kbnode_t *ret_node, * it allocates the buffer to avoid the lengthy second run. */ cdk_error_t -cdk_kbnode_write_to_mem_alloc (cdk_kbnode_t node, - byte **r_buf, size_t *r_buflen) +cdk_kbnode_write_to_mem_alloc (cdk_kbnode_t node, + byte ** r_buf, size_t * r_buflen) { cdk_kbnode_t n; cdk_stream_t s; cdk_error_t rc; size_t len; - + if (!node || !r_buf || !r_buflen) return CDK_Inv_Value; - + *r_buf = NULL; *r_buflen = 0; - + rc = cdk_stream_tmp_new (&s); if (rc) return rc; - + for (n = node; n; n = n->next) { /* Skip all packets which cannot occur in a key composition. */ @@ -472,16 +474,16 @@ cdk_kbnode_write_to_mem_alloc (cdk_kbnode_t node, return rc; } } - + cdk_stream_seek (s, 0); - len = cdk_stream_get_length (s); + len = cdk_stream_get_length (s); *r_buf = cdk_calloc (1, len); *r_buflen = cdk_stream_read (s, *r_buf, len); cdk_stream_close (s); return 0; } - - + + /** * cdk_kbnode_write_to_mem: * @node: the key node @@ -494,20 +496,20 @@ cdk_kbnode_write_to_mem_alloc (cdk_kbnode_t node, * Whenever it is possible, the cdk_kbnode_write_to_mem_alloc should be used. **/ cdk_error_t -cdk_kbnode_write_to_mem (cdk_kbnode_t node, byte *buf, size_t *r_nbytes) +cdk_kbnode_write_to_mem (cdk_kbnode_t node, byte * buf, size_t * r_nbytes) { cdk_kbnode_t n; - cdk_stream_t s; + cdk_stream_t s; cdk_error_t rc; size_t len; - + if (!node || !r_nbytes) return CDK_Inv_Value; - + rc = cdk_stream_tmp_new (&s); if (rc) return rc; - + for (n = node; n; n = n->next) { /* Skip all packets which cannot occur in a key composition. */ @@ -526,17 +528,17 @@ cdk_kbnode_write_to_mem (cdk_kbnode_t node, byte *buf, size_t *r_nbytes) return rc; } } - + cdk_stream_seek (s, 0); len = cdk_stream_get_length (s); - if (!buf) + if (!buf) { - *r_nbytes = len; /* Only return the length of the buffer */ + *r_nbytes = len; /* Only return the length of the buffer */ cdk_stream_close (s); return 0; } if (*r_nbytes < len) - { + { *r_nbytes = len; rc = CDK_Too_Short; } @@ -561,40 +563,40 @@ cdk_kbnode_write_to_mem (cdk_kbnode_t node, byte *buf, size_t *r_nbytes) * is extracted from it. **/ cdk_error_t -cdk_kbnode_hash (cdk_kbnode_t node, digest_hd_st* md, int is_v4, - cdk_packet_type_t pkttype, int flags) +cdk_kbnode_hash (cdk_kbnode_t node, digest_hd_st * md, int is_v4, + cdk_packet_type_t pkttype, int flags) { cdk_packet_t pkt; - + if (!node || !md) return CDK_Inv_Value; if (!pkttype) - { + { pkt = cdk_kbnode_get_packet (node); pkttype = pkt->pkttype; - } + } else - { + { pkt = cdk_kbnode_find_packet (node, pkttype); if (!pkt) return CDK_Inv_Packet; } - - switch (pkttype) + + switch (pkttype) { case CDK_PKT_PUBLIC_KEY: case CDK_PKT_PUBLIC_SUBKEY: _cdk_hash_pubkey (pkt->pkt.public_key, md, flags & 1); break; - + case CDK_PKT_USER_ID: - _cdk_hash_userid (pkt->pkt.user_id, is_v4, md); + _cdk_hash_userid (pkt->pkt.user_id, is_v4, md); break; - + case CDK_PKT_SIGNATURE: _cdk_hash_sig_data (pkt->pkt.signature, md); break; - + default: return CDK_Inv_Mode; } diff --git a/lib/opencdk/keydb.c b/lib/opencdk/keydb.c index 0580c58ebb..7407f5c121 100644 --- a/lib/opencdk/keydb.c +++ b/lib/opencdk/keydb.c @@ -44,12 +44,12 @@ static void keydb_cache_free (key_table_t cache); static int classify_data (const byte * buf, size_t len); static cdk_kbnode_t find_selfsig_node (cdk_kbnode_t key, cdk_pkt_pubkey_t pk); - -static char* + +static char * keydb_idx_mkname (const char *file) { char *fname, *fmt; - + fmt = "%s.idx"; fname = cdk_calloc (1, strlen (file) + strlen (fmt) + 1); if (!fname) @@ -75,24 +75,24 @@ keydb_idx_build (const char *file) { cdk_packet_t pkt; cdk_stream_t inp, out = NULL; - byte buf[4+8+KEY_FPR_LEN]; + byte buf[4 + 8 + KEY_FPR_LEN]; char *idx_name; u32 keyid[2]; cdk_error_t rc; - + if (!file) return CDK_Inv_Value; - + rc = cdk_stream_open (file, &inp); if (rc) return rc; - + idx_name = keydb_idx_mkname (file); if (!idx_name) { cdk_stream_close (inp); return CDK_Out_Of_Core; - } + } rc = cdk_stream_create (idx_name, &out); cdk_free (idx_name); if (rc) @@ -102,17 +102,17 @@ keydb_idx_build (const char *file) } cdk_pkt_new (&pkt); - while (!cdk_stream_eof (inp)) + while (!cdk_stream_eof (inp)) { off_t pos = cdk_stream_tell (inp); - + rc = cdk_pkt_read (inp, pkt); if (rc) { _cdk_log_debug ("index build failed packet off=%lu\n", pos); /* FIXME: The index is incomplete */ break; - } + } if (pkt->pkttype == CDK_PKT_PUBLIC_KEY || pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY) { @@ -120,14 +120,14 @@ keydb_idx_build (const char *file) cdk_pk_get_keyid (pkt->pkt.public_key, keyid); _cdk_u32tobuf (keyid[0], buf + 4); _cdk_u32tobuf (keyid[1], buf + 8); - cdk_pk_get_fingerprint (pkt->pkt.public_key, buf+12); - cdk_stream_write (out, buf, 4+8+KEY_FPR_LEN); - } + cdk_pk_get_fingerprint (pkt->pkt.public_key, buf + 12); + cdk_stream_write (out, buf, 4 + 8 + KEY_FPR_LEN); + } cdk_pkt_free (pkt); } - + cdk_pkt_release (pkt); - + cdk_stream_close (out); cdk_stream_close (inp); return rc; @@ -147,12 +147,12 @@ cdk_keydb_idx_rebuild (cdk_keydb_hd_t db, cdk_keydb_search_t dbs) char *tmp_idx_name; cdk_error_t rc; int err; - - if (!db || !db->name|| !dbs) + + if (!db || !db->name || !dbs) return CDK_Inv_Value; if (db->secret) return 0; - + tmp_idx_name = keydb_idx_mkname (db->name); if (!tmp_idx_name) return CDK_Out_Of_Core; @@ -161,11 +161,11 @@ cdk_keydb_idx_rebuild (cdk_keydb_hd_t db, cdk_keydb_search_t dbs) /* This function expects an existing index which can be rebuild, if no index exists we do not build one and just return. */ if (err) - return 0; - + return 0; + cdk_stream_close (dbs->idx); dbs->idx = NULL; - if (!dbs->idx_name) + if (!dbs->idx_name) { dbs->idx_name = keydb_idx_mkname (db->name); if (!dbs->idx_name) @@ -179,37 +179,38 @@ cdk_keydb_idx_rebuild (cdk_keydb_hd_t db, cdk_keydb_search_t dbs) static cdk_error_t -keydb_idx_parse (cdk_stream_t inp, key_idx_t *r_idx) +keydb_idx_parse (cdk_stream_t inp, key_idx_t * r_idx) { key_idx_t idx; byte buf[4]; - + if (!inp || !r_idx) return CDK_Inv_Value; - + idx = cdk_calloc (1, sizeof *idx); if (!idx) return CDK_Out_Of_Core; - - while (!cdk_stream_eof (inp)) + + while (!cdk_stream_eof (inp)) { if (cdk_stream_read (inp, buf, 4) == CDK_EOF) break; idx->offset = _cdk_buftou32 (buf); cdk_stream_read (inp, buf, 4); idx->keyid[0] = _cdk_buftou32 (buf); - cdk_stream_read (inp, buf, 4); + cdk_stream_read (inp, buf, 4); idx->keyid[1] = _cdk_buftou32 (buf); cdk_stream_read (inp, idx->fpr, KEY_FPR_LEN); - break; + break; } *r_idx = idx; - return cdk_stream_eof (inp)? CDK_EOF : 0; + return cdk_stream_eof (inp) ? CDK_EOF : 0; } static cdk_error_t -keydb_idx_search (cdk_stream_t inp, u32 *keyid, const byte *fpr, off_t *r_off) +keydb_idx_search (cdk_stream_t inp, u32 * keyid, const byte * fpr, + off_t * r_off) { key_idx_t idx; @@ -223,23 +224,23 @@ keydb_idx_search (cdk_stream_t inp, u32 *keyid, const byte *fpr, off_t *r_off) be 0 and then we cannot differ between the begin and an EOF. */ *r_off = 0xFFFFFFFF; cdk_stream_seek (inp, 0); - while (keydb_idx_parse (inp, &idx) != CDK_EOF) + while (keydb_idx_parse (inp, &idx) != CDK_EOF) { if (keyid && KEYID_CMP (keyid, idx->keyid)) { *r_off = idx->offset; - break; + break; } else if (fpr && !memcmp (idx->fpr, fpr, KEY_FPR_LEN)) { *r_off = idx->offset; - break; - } + break; + } cdk_free (idx); - idx = NULL; + idx = NULL; } cdk_free (idx); - return *r_off != 0xFFFFFFFF? 0 : CDK_EOF; + return *r_off != 0xFFFFFFFF ? 0 : CDK_EOF; } @@ -252,19 +253,19 @@ keydb_idx_search (cdk_stream_t inp, u32 *keyid, const byte *fpr, off_t *r_off) * Create a new keyring db handle from the contents of a buffer. */ cdk_error_t -cdk_keydb_new_from_mem (cdk_keydb_hd_t *r_db, int secret, +cdk_keydb_new_from_mem (cdk_keydb_hd_t * r_db, int secret, const void *data, size_t datlen) { cdk_keydb_hd_t db; cdk_error_t rc; - + if (!r_db) return CDK_Inv_Value; *r_db = NULL; db = calloc (1, sizeof *db); rc = cdk_stream_tmp_from_mem (data, datlen, &db->fp); if (!db->fp) - { + { cdk_free (db); return rc; } @@ -287,35 +288,34 @@ cdk_keydb_new_from_mem (cdk_keydb_hd_t *r_db, int secret, * stream. The stream is not closed in cdk_keydb_free() and it * is up to the caller to close it. No decoding is done. */ -cdk_error_t -cdk_keydb_new_from_stream (cdk_keydb_hd_t *r_hd, int secret, - cdk_stream_t in) +cdk_error_t +cdk_keydb_new_from_stream (cdk_keydb_hd_t * r_hd, int secret, cdk_stream_t in) { cdk_keydb_hd_t hd; - + if (!r_hd) return CDK_Inv_Value; *r_hd = NULL; - + hd = calloc (1, sizeof *hd); hd->fp = in; hd->fp_ref = 1; hd->type = CDK_DBTYPE_STREAM; hd->secret = secret; *r_hd = hd; - + /* We do not push any filters and thus we expect that the format of the stream has the format the user wanted. */ - + return 0; } - + cdk_error_t -cdk_keydb_new_from_file (cdk_keydb_hd_t *r_hd, int secret, const char *fname) +cdk_keydb_new_from_file (cdk_keydb_hd_t * r_hd, int secret, const char *fname) { cdk_keydb_hd_t hd; - + if (!r_hd) return CDK_Inv_Value; *r_hd = NULL; @@ -326,13 +326,13 @@ cdk_keydb_new_from_file (cdk_keydb_hd_t *r_hd, int secret, const char *fname) cdk_free (hd); return CDK_Out_Of_Core; } - hd->type = secret? CDK_DBTYPE_SK_KEYRING : CDK_DBTYPE_PK_KEYRING; + hd->type = secret ? CDK_DBTYPE_SK_KEYRING : CDK_DBTYPE_PK_KEYRING; hd->secret = secret; *r_hd = hd; return 0; } - + /** * cdk_keydb_new: @@ -344,21 +344,21 @@ cdk_keydb_new_from_file (cdk_keydb_hd_t *r_hd, int secret, const char *fname) * Create a new keydb object **/ cdk_error_t -cdk_keydb_new (cdk_keydb_hd_t *r_hd, int type, void *data, size_t count) +cdk_keydb_new (cdk_keydb_hd_t * r_hd, int type, void *data, size_t count) { - switch (type) + switch (type) { case CDK_DBTYPE_PK_KEYRING: case CDK_DBTYPE_SK_KEYRING: - return cdk_keydb_new_from_file (r_hd, type == CDK_DBTYPE_SK_KEYRING, - (const char*)data); - + return cdk_keydb_new_from_file (r_hd, type == CDK_DBTYPE_SK_KEYRING, + (const char *) data); + case CDK_DBTYPE_DATA: return cdk_keydb_new_from_mem (r_hd, 0, data, count); - + case CDK_DBTYPE_STREAM: - return cdk_keydb_new_from_stream (r_hd, 0, (cdk_stream_t)data); - + return cdk_keydb_new_from_stream (r_hd, 0, (cdk_stream_t) data); + default: return CDK_Inv_Mode; } @@ -383,14 +383,14 @@ cdk_keydb_free (cdk_keydb_hd_t hd) cdk_free (hd->name); hd->name = NULL; } - + if (hd->fp && !hd->fp_ref) { cdk_stream_close (hd->fp); hd->fp = NULL; } - - + + hd->isopen = 0; hd->secret = 0; cdk_free (hd); @@ -398,19 +398,19 @@ cdk_keydb_free (cdk_keydb_hd_t hd) cdk_error_t -_cdk_keydb_open (cdk_keydb_hd_t hd, cdk_stream_t *ret_kr) +_cdk_keydb_open (cdk_keydb_hd_t hd, cdk_stream_t * ret_kr) { cdk_error_t rc; cdk_stream_t kr; if (!hd || !ret_kr) return CDK_Inv_Value; - + rc = 0; - if ((hd->type == CDK_DBTYPE_DATA || hd->type == CDK_DBTYPE_STREAM) + if ((hd->type == CDK_DBTYPE_DATA || hd->type == CDK_DBTYPE_STREAM) && hd->fp) { - kr = hd->fp; + kr = hd->fp; cdk_stream_seek (kr, 0); } else if (hd->type == CDK_DBTYPE_PK_KEYRING || @@ -419,15 +419,15 @@ _cdk_keydb_open (cdk_keydb_hd_t hd, cdk_stream_t *ret_kr) rc = cdk_stream_open (hd->name, &kr); if (rc) - goto leave; + goto leave; if (cdk_armor_filter_use (kr)) - cdk_stream_set_armor_flag (kr, 0); + cdk_stream_set_armor_flag (kr, 0); } else return CDK_Inv_Mode; - - leave: + +leave: *ret_kr = kr; return rc; @@ -454,17 +454,17 @@ find_by_keyid (cdk_kbnode_t knode, cdk_keydb_search_t ks) if (keyid[1] == ks->u.keyid[1]) return 1; break; - + case CDK_DBSEARCH_KEYID: - if (KEYID_CMP (keyid, ks->u.keyid)) + if (KEYID_CMP (keyid, ks->u.keyid)) return 1; break; - + default: _cdk_log_debug ("find_by_keyid: invalid mode = %d\n", ks->type); return 0; - } - } + } + } } return 0; } @@ -475,10 +475,10 @@ find_by_fpr (cdk_kbnode_t knode, cdk_keydb_search_t ks) { cdk_kbnode_t node; byte fpr[KEY_FPR_LEN]; - + if (ks->type != CDK_DBSEARCH_FPR) return 0; - + for (node = knode; node; node = node->next) { if (node->pkt->pkttype == CDK_PKT_PUBLIC_KEY || @@ -492,7 +492,7 @@ find_by_fpr (cdk_kbnode_t knode, cdk_keydb_search_t ks) break; } } - + return 0; } @@ -503,24 +503,24 @@ find_by_pattern (cdk_kbnode_t knode, cdk_keydb_search_t ks) cdk_kbnode_t node; size_t uidlen; char *name; - + for (node = knode; node; node = node->next) { if (node->pkt->pkttype != CDK_PKT_USER_ID) continue; if (node->pkt->pkt.user_id->attrib_img != NULL) - continue; /* Skip attribute packets. */ + continue; /* Skip attribute packets. */ uidlen = node->pkt->pkt.user_id->len; name = node->pkt->pkt.user_id->name; switch (ks->type) { case CDK_DBSEARCH_EXACT: - if (name && + if (name && (strlen (ks->u.pattern) == uidlen && !strncmp (ks->u.pattern, name, uidlen))) return 1; break; - + case CDK_DBSEARCH_SUBSTR: if (uidlen > 65536) break; @@ -529,10 +529,10 @@ find_by_pattern (cdk_kbnode_t knode, cdk_keydb_search_t ks) if (name && _cdk_memistr (name, uidlen, ks->u.pattern)) return 1; break; - - default: /* Invalid mode */ + + default: /* Invalid mode */ return 0; - } + } } return 0; } @@ -542,7 +542,7 @@ static void keydb_cache_free (key_table_t cache) { key_table_t c2; - + while (cache) { c2 = cache->next; @@ -554,11 +554,11 @@ keydb_cache_free (key_table_t cache) static key_table_t -keydb_cache_find ( cdk_keydb_search_t desc) +keydb_cache_find (cdk_keydb_search_t desc) { key_table_t cache = desc->cache; key_table_t t; - + for (t = cache; t; t = t->next) { switch (desc->type) @@ -579,25 +579,25 @@ keydb_cache_find ( cdk_keydb_search_t desc) if (strstr (desc->u.pattern, desc->u.pattern)) return t; break; - + case CDK_DBSEARCH_FPR: if (!memcmp (desc->u.fpr, desc->u.fpr, KEY_FPR_LEN)) return t; break; - } + } } - + return NULL; } - + static cdk_error_t -keydb_cache_add ( cdk_keydb_search_t dbs, off_t offset) +keydb_cache_add (cdk_keydb_search_t dbs, off_t offset) { key_table_t k; if (dbs->ncache > KEYDB_CACHE_ENTRIES) - return 0; /* FIXME: we should replace the last entry. */ + return 0; /* FIXME: we should replace the last entry. */ k = cdk_calloc (1, sizeof *k); if (!k) return CDK_Out_Of_Core; @@ -611,43 +611,44 @@ keydb_cache_add ( cdk_keydb_search_t dbs, off_t offset) return 0; } -static cdk_error_t idx_init( cdk_keydb_hd_t db, cdk_keydb_search_t dbs) +static cdk_error_t +idx_init (cdk_keydb_hd_t db, cdk_keydb_search_t dbs) { -cdk_error_t ec, rc = 0; + cdk_error_t ec, rc = 0; - if (cdk_stream_get_length (db->fp) < 524288) - { - dbs->no_cache = 1; - goto leave; - } + if (cdk_stream_get_length (db->fp) < 524288) + { + dbs->no_cache = 1; + goto leave; + } - dbs->idx_name = keydb_idx_mkname (db->name); - if (!dbs->idx_name) - { - rc = CDK_Out_Of_Core; - goto leave; - } - ec = cdk_stream_open (dbs->idx_name, &dbs->idx); + dbs->idx_name = keydb_idx_mkname (db->name); + if (!dbs->idx_name) + { + rc = CDK_Out_Of_Core; + goto leave; + } + ec = cdk_stream_open (dbs->idx_name, &dbs->idx); - if (ec && !db->secret) - { - rc = keydb_idx_build (db->name); - if (!rc) - rc = cdk_stream_open (dbs->idx_name, &dbs->idx); - if (!rc) - { - _cdk_log_debug ("create key index table\n"); - } - else - { - /* This is no real error, it just means we can't create - the index at the given directory. maybe we've no write - access. in this case, we simply disable the index. */ - _cdk_log_debug ("disable key index table err=%d\n", rc); - rc = 0; - dbs->no_cache = 1; - } - } + if (ec && !db->secret) + { + rc = keydb_idx_build (db->name); + if (!rc) + rc = cdk_stream_open (dbs->idx_name, &dbs->idx); + if (!rc) + { + _cdk_log_debug ("create key index table\n"); + } + else + { + /* This is no real error, it just means we can't create + the index at the given directory. maybe we've no write + access. in this case, we simply disable the index. */ + _cdk_log_debug ("disable key index table err=%d\n", rc); + rc = 0; + dbs->no_cache = 1; + } + } leave: @@ -664,31 +665,32 @@ leave: * Create a new keydb search object. **/ cdk_error_t -cdk_keydb_search_start (cdk_keydb_search_t* st, cdk_keydb_hd_t db, int type, void *desc) +cdk_keydb_search_start (cdk_keydb_search_t * st, cdk_keydb_hd_t db, int type, + void *desc) { u32 *keyid; char *p, tmp[3]; int i; cdk_error_t rc; - + if (!db) return CDK_Inv_Value; if (type != CDK_DBSEARCH_NEXT && !desc) return CDK_Inv_Mode; - - *st = cdk_calloc (1, sizeof(cdk_keydb_search_s)); + + *st = cdk_calloc (1, sizeof (cdk_keydb_search_s)); if (!(*st)) return CDK_Out_Of_Core; - rc = idx_init( db, *st); + rc = idx_init (db, *st); if (rc != CDK_Success) { - free(*st); + free (*st); return rc; } (*st)->type = type; - switch (type) + switch (type) { case CDK_DBSEARCH_EXACT: case CDK_DBSEARCH_SUBSTR: @@ -700,25 +702,25 @@ cdk_keydb_search_start (cdk_keydb_search_t* st, cdk_keydb_hd_t db, int type, voi return CDK_Out_Of_Core; } break; - + case CDK_DBSEARCH_SHORT_KEYID: keyid = desc; (*st)->u.keyid[1] = keyid[0]; break; - + case CDK_DBSEARCH_KEYID: keyid = desc; (*st)->u.keyid[0] = keyid[0]; (*st)->u.keyid[1] = keyid[1]; break; - + case CDK_DBSEARCH_FPR: memcpy ((*st)->u.fpr, desc, KEY_FPR_LEN); break; - + case CDK_DBSEARCH_NEXT: break; - + case CDK_DBSEARCH_AUTO: /* Override the type with the actual db search type. */ (*st)->type = classify_data (desc, strlen (desc)); @@ -728,13 +730,13 @@ cdk_keydb_search_start (cdk_keydb_search_t* st, cdk_keydb_hd_t db, int type, voi case CDK_DBSEARCH_EXACT: cdk_free ((*st)->u.pattern); p = (*st)->u.pattern = cdk_strdup (desc); - if (!p) + if (!p) { cdk_free (*st); return CDK_Out_Of_Core; } break; - + case CDK_DBSEARCH_SHORT_KEYID: case CDK_DBSEARCH_KEYID: p = desc; @@ -747,70 +749,70 @@ cdk_keydb_search_start (cdk_keydb_search_t* st, cdk_keydb_hd_t db, int type, voi } else if (strlen (p) == 16) { - (*st)->u.keyid[0] = strtoul (p , NULL, 16); + (*st)->u.keyid[0] = strtoul (p, NULL, 16); (*st)->u.keyid[1] = strtoul (p + 8, NULL, 16); } - else - { /* Invalid key ID object. */ + else + { /* Invalid key ID object. */ cdk_free (*st); return CDK_Inv_Mode; - } + } break; - + case CDK_DBSEARCH_FPR: p = desc; - if (strlen (p) != 2*KEY_FPR_LEN) + if (strlen (p) != 2 * KEY_FPR_LEN) { cdk_free (*st); return CDK_Inv_Mode; } for (i = 0; i < KEY_FPR_LEN; i++) { - tmp[0] = p[2*i]; - tmp[1] = p[2*i+1]; + tmp[0] = p[2 * i]; + tmp[1] = p[2 * i + 1]; tmp[2] = 0x00; (*st)->u.fpr[i] = strtoul (tmp, NULL, 16); } break; } break; - + default: cdk_free (*st); _cdk_log_debug ("cdk_keydb_search_start: invalid mode = %d\n", type); return CDK_Inv_Mode; } - + return 0; } static cdk_error_t keydb_pos_from_cache (cdk_keydb_hd_t hd, cdk_keydb_search_t ks, - int *r_cache_hit, off_t *r_off) + int *r_cache_hit, off_t * r_off) { key_table_t c; if (!hd || !r_cache_hit || !r_off) return CDK_Inv_Value; - + /* Reset the values. */ *r_cache_hit = 0; *r_off = 0; - - c = keydb_cache_find ( ks); + + c = keydb_cache_find (ks); if (c != NULL) - { + { _cdk_log_debug ("cache: found entry in cache.\n"); *r_cache_hit = 1; *r_off = c->offset; return 0; } - + /* No index cache available so we just return here. */ if (!ks->idx) return 0; - + if (ks->idx) { if (ks->type == CDK_DBSEARCH_KEYID) @@ -819,7 +821,7 @@ keydb_pos_from_cache (cdk_keydb_hd_t hd, cdk_keydb_search_t ks, return CDK_Error_No_Key; _cdk_log_debug ("cache: found keyid entry in idx table.\n"); *r_cache_hit = 1; - } + } else if (ks->type == CDK_DBSEARCH_FPR) { if (keydb_idx_search (ks->idx, NULL, ks->u.fpr, r_off)) @@ -832,17 +834,17 @@ keydb_pos_from_cache (cdk_keydb_hd_t hd, cdk_keydb_search_t ks, return 0; } -void cdk_keydb_search_release( cdk_keydb_search_t st) +void +cdk_keydb_search_release (cdk_keydb_search_t st) { - keydb_cache_free ( st->cache); + keydb_cache_free (st->cache); if (st->idx) cdk_stream_close (st->idx); if (!st) return; - if (st->type == CDK_DBSEARCH_EXACT || - st->type == CDK_DBSEARCH_SUBSTR) + if (st->type == CDK_DBSEARCH_EXACT || st->type == CDK_DBSEARCH_SUBSTR) cdk_free (st->u.pattern); cdk_free (st); @@ -858,24 +860,25 @@ void cdk_keydb_search_release( cdk_keydb_search_t st) * via @ks. If the key was found, @ret_key contains the key data. **/ cdk_error_t -cdk_keydb_search (cdk_keydb_search_t st, cdk_keydb_hd_t hd, cdk_kbnode_t *ret_key) +cdk_keydb_search (cdk_keydb_search_t st, cdk_keydb_hd_t hd, + cdk_kbnode_t * ret_key) { cdk_stream_t kr; cdk_kbnode_t knode; cdk_error_t rc = 0; off_t pos = 0, off = 0; - int key_found = 0, cache_hit = 0; - + int key_found = 0, cache_hit = 0; + if (!hd || !ret_key || !st) return CDK_Inv_Value; - + *ret_key = NULL; kr = NULL; rc = _cdk_keydb_open (hd, &kr); if (rc) return rc; - + if (!st->no_cache) { /* It is possible the index is not up-to-date and thus we do @@ -885,57 +888,57 @@ cdk_keydb_search (cdk_keydb_search_t st, cdk_keydb_hd_t hd, cdk_kbnode_t *ret_ke if (rc) cache_hit = 0; } - + knode = NULL; while (!key_found && !rc) { if (cache_hit && st->type != CDK_DBSEARCH_NEXT) cdk_stream_seek (kr, off); - else if ( st->type == CDK_DBSEARCH_NEXT) - cdk_stream_seek (kr, st->off); + else if (st->type == CDK_DBSEARCH_NEXT) + cdk_stream_seek (kr, st->off); pos = cdk_stream_tell (kr); rc = cdk_keydb_get_keyblock (kr, &knode); - if (rc) + if (rc) { if (rc == CDK_EOF) break; else return rc; } - + switch (st->type) { case CDK_DBSEARCH_SHORT_KEYID: case CDK_DBSEARCH_KEYID: key_found = find_by_keyid (knode, st); break; - + case CDK_DBSEARCH_FPR: key_found = find_by_fpr (knode, st); break; - + case CDK_DBSEARCH_EXACT: case CDK_DBSEARCH_SUBSTR: key_found = find_by_pattern (knode, st); break; - + case CDK_DBSEARCH_NEXT: st->off = cdk_stream_tell (kr); - key_found = knode? 1 : 0; + key_found = knode ? 1 : 0; break; } - + if (key_found) { - if (!keydb_cache_find ( st)) - keydb_cache_add ( st, pos); + if (!keydb_cache_find (st)) + keydb_cache_add (st, pos); break; - } - + } + cdk_kbnode_release (knode); knode = NULL; } @@ -944,42 +947,43 @@ cdk_keydb_search (cdk_keydb_search_t st, cdk_keydb_hd_t hd, cdk_kbnode_t *ret_ke rc = 0; else if (rc == CDK_EOF && !key_found) rc = CDK_Error_No_Key; - *ret_key = key_found? knode : NULL; + *ret_key = key_found ? knode : NULL; return rc; } cdk_error_t -cdk_keydb_get_bykeyid (cdk_keydb_hd_t hd, u32 *keyid, cdk_kbnode_t *ret_key) +cdk_keydb_get_bykeyid (cdk_keydb_hd_t hd, u32 * keyid, cdk_kbnode_t * ret_key) { cdk_error_t rc; cdk_keydb_search_t st; - + if (!hd || !keyid || !ret_key) return CDK_Inv_Value; - + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_KEYID, keyid); if (!rc) rc = cdk_keydb_search (st, hd, ret_key); - - cdk_keydb_search_release( st); + + cdk_keydb_search_release (st); return rc; } cdk_error_t -cdk_keydb_get_byfpr (cdk_keydb_hd_t hd, const byte *fpr, cdk_kbnode_t *r_key) +cdk_keydb_get_byfpr (cdk_keydb_hd_t hd, const byte * fpr, + cdk_kbnode_t * r_key) { cdk_error_t rc; cdk_keydb_search_t st; if (!hd || !fpr || !r_key) return CDK_Inv_Value; - - rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_FPR, (byte *)fpr); + + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_FPR, (byte *) fpr); if (!rc) rc = cdk_keydb_search (st, hd, r_key); - - cdk_keydb_search_release( st); + + cdk_keydb_search_release (st); return rc; } @@ -993,12 +997,12 @@ cdk_keydb_get_bypattern (cdk_keydb_hd_t hd, const char *patt, if (!hd || !patt || !ret_key) return CDK_Inv_Value; - - rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_SUBSTR, (char *)patt); + + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_SUBSTR, (char *) patt); if (!rc) rc = cdk_keydb_search (st, hd, ret_key); - - cdk_keydb_search_release( st); + + cdk_keydb_search_release (st); return rc; } @@ -1008,20 +1012,20 @@ keydb_check_key (cdk_packet_t pkt) { cdk_pkt_pubkey_t pk; int is_sk, valid; - + if (pkt->pkttype == CDK_PKT_PUBLIC_KEY || pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY) - { + { pk = pkt->pkt.public_key; is_sk = 0; - } + } else if (pkt->pkttype == CDK_PKT_SECRET_KEY || pkt->pkttype == CDK_PKT_SECRET_SUBKEY) { pk = pkt->pkt.secret_key->pk; is_sk = 1; } - else /* No key object. */ + else /* No key object. */ return 0; valid = !pk->is_revoked && !pk->has_expired; if (is_sk) @@ -1036,15 +1040,15 @@ static cdk_kbnode_t kbnode_find_valid (cdk_kbnode_t root, cdk_packet_type_t pkttype) { cdk_kbnode_t n; - - for (n = root; n ; n = n->next) + + for (n = root; n; n = n->next) { if (n->pkt->pkttype != pkttype) continue; if (keydb_check_key (n->pkt)) return n; } - + return NULL; } @@ -1055,15 +1059,15 @@ keydb_find_byusage (cdk_kbnode_t root, int req_usage, int is_pk) cdk_kbnode_t node, key; int req_type; long timestamp; - - req_type = is_pk? CDK_PKT_PUBLIC_KEY : CDK_PKT_SECRET_KEY; + + req_type = is_pk ? CDK_PKT_PUBLIC_KEY : CDK_PKT_SECRET_KEY; if (!req_usage) return kbnode_find_valid (root, req_type); - + node = cdk_kbnode_find (root, req_type); if (node && !keydb_check_key (node->pkt)) return NULL; - + key = NULL; timestamp = 0; /* We iteratre over the all nodes and search for keys or @@ -1087,24 +1091,23 @@ keydb_find_byusage (cdk_kbnode_t root, int req_usage, int is_pk) if (node->pkt->pkt.secret_key->pk->timestamp > timestamp) key = node; } - + } return key; } static cdk_kbnode_t -keydb_find_bykeyid (cdk_kbnode_t root, const u32 *keyid, int search_mode) +keydb_find_bykeyid (cdk_kbnode_t root, const u32 * keyid, int search_mode) { cdk_kbnode_t node; u32 kid[2]; - + for (node = root; node; node = node->next) { if (!_cdk_pkt_get_keyid (node->pkt, kid)) continue; - if (search_mode == CDK_DBSEARCH_SHORT_KEYID && - kid[1] == keyid[1]) + if (search_mode == CDK_DBSEARCH_SHORT_KEYID && kid[1] == keyid[1]) return node; else if (kid[0] == keyid[0] && kid[1] == keyid[1]) return node; @@ -1115,7 +1118,7 @@ keydb_find_bykeyid (cdk_kbnode_t root, const u32 *keyid, int search_mode) cdk_error_t _cdk_keydb_get_sk_byusage (cdk_keydb_hd_t hd, const char *name, - cdk_seckey_t* ret_sk, int usage) + cdk_seckey_t * ret_sk, int usage) { cdk_kbnode_t knode = NULL; cdk_kbnode_t node, sk_node, pk_node; @@ -1129,40 +1132,40 @@ _cdk_keydb_get_sk_byusage (cdk_keydb_hd_t hd, const char *name, return CDK_Inv_Value; if (!hd) return CDK_Error_No_Keyring; - + *ret_sk = NULL; - rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_AUTO, (char *)name); + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_AUTO, (char *) name); if (rc) return rc; - + rc = cdk_keydb_search (st, hd, &knode); if (rc) return rc; - cdk_keydb_search_release( st); - + cdk_keydb_search_release (st); + sk_node = keydb_find_byusage (knode, usage, 0); if (!sk_node) { cdk_kbnode_release (knode); return CDK_Unusable_Key; - } - + } + /* We clone the node with the secret key to avoid that the packet will be released. */ _cdk_kbnode_clone (sk_node); - sk = sk_node->pkt->pkt.secret_key; + sk = sk_node->pkt->pkt.secret_key; for (node = knode; node; node = node->next) { - if (node->pkt->pkttype == CDK_PKT_USER_ID) + if (node->pkt->pkttype == CDK_PKT_USER_ID) { s = node->pkt->pkt.user_id->name; if (sk && !sk->pk->uid && _cdk_memistr (s, strlen (s), name)) { _cdk_copy_userid (&sk->pk->uid, node->pkt->pkt.user_id); break; - } + } } } @@ -1173,13 +1176,13 @@ _cdk_keydb_get_sk_byusage (cdk_keydb_hd_t hd, const char *name, { cdk_kbnode_release (knode); return CDK_Unusable_Key; - } + } node = find_selfsig_node (knode, pk_node->pkt->pkt.secret_key->pk); if (sk->pk->uid && node) _cdk_copy_signature (&sk->pk->uid->selfsig, node->pkt->pkt.signature); /* We only release the outer packet. */ - _cdk_pkt_detach_free (sk_node->pkt, &pkttype, (void*)&sk); + _cdk_pkt_detach_free (sk_node->pkt, &pkttype, (void *) &sk); cdk_kbnode_release (knode); *ret_sk = sk; return rc; @@ -1188,7 +1191,7 @@ _cdk_keydb_get_sk_byusage (cdk_keydb_hd_t hd, const char *name, cdk_error_t _cdk_keydb_get_pk_byusage (cdk_keydb_hd_t hd, const char *name, - cdk_pubkey_t *ret_pk, int usage) + cdk_pubkey_t * ret_pk, int usage) { cdk_kbnode_t knode, node, pk_node; cdk_pkt_pubkey_t pk; @@ -1200,26 +1203,26 @@ _cdk_keydb_get_pk_byusage (cdk_keydb_hd_t hd, const char *name, return CDK_Inv_Value; if (!hd) return CDK_Error_No_Keyring; - + *ret_pk = NULL; - rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_AUTO, (char *)name); + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_AUTO, (char *) name); if (!rc) rc = cdk_keydb_search (st, hd, &knode); if (rc) return rc; - - cdk_keydb_search_release( st); - + + cdk_keydb_search_release (st); + node = keydb_find_byusage (knode, usage, 1); - if (!node) + if (!node) { cdk_kbnode_release (knode); return CDK_Unusable_Key; - } - + } + pk = NULL; _cdk_copy_pubkey (&pk, node->pkt->pkt.public_key); - for (node = knode; node; node = node->next) + for (node = knode; node; node = node->next) { if (node->pkt->pkttype == CDK_PKT_USER_ID) { @@ -1231,7 +1234,7 @@ _cdk_keydb_get_pk_byusage (cdk_keydb_hd_t hd, const char *name, } } } - + /* Same as in the sk code, the selected key can be a sub key and thus we need the primary key to find the self sig. */ pk_node = cdk_kbnode_find (knode, CDK_PKT_PUBLIC_KEY); @@ -1260,7 +1263,7 @@ _cdk_keydb_get_pk_byusage (cdk_keydb_hd_t hd, const char *name, * key without any signatures or user id's. **/ cdk_error_t -cdk_keydb_get_pk (cdk_keydb_hd_t hd, u32 *keyid, cdk_pubkey_t *r_pk) +cdk_keydb_get_pk (cdk_keydb_hd_t hd, u32 * keyid, cdk_pubkey_t * r_pk) { cdk_kbnode_t knode = NULL, node; cdk_pubkey_t pk; @@ -1273,27 +1276,27 @@ cdk_keydb_get_pk (cdk_keydb_hd_t hd, u32 *keyid, cdk_pubkey_t *r_pk) return CDK_Inv_Value; if (!hd) return CDK_Error_No_Keyring; - + *r_pk = NULL; - s_type = !keyid[0]? CDK_DBSEARCH_SHORT_KEYID : CDK_DBSEARCH_KEYID; + s_type = !keyid[0] ? CDK_DBSEARCH_SHORT_KEYID : CDK_DBSEARCH_KEYID; rc = cdk_keydb_search_start (&st, hd, s_type, keyid); if (rc) return rc; rc = cdk_keydb_search (st, hd, &knode); if (rc) return rc; - - cdk_keydb_search_release( st); - + + cdk_keydb_search_release (st); + node = keydb_find_bykeyid (knode, keyid, s_type); - if (!node) + if (!node) { cdk_kbnode_release (knode); return CDK_Error_No_Key; } - + /* See comment in cdk_keydb_get_sk() */ - _cdk_pkt_detach_free (node->pkt, &pkttype, (void*)&pk); + _cdk_pkt_detach_free (node->pkt, &pkttype, (void *) &pk); *r_pk = pk; _cdk_kbnode_clone (node); cdk_kbnode_release (knode); @@ -1313,7 +1316,7 @@ cdk_keydb_get_pk (cdk_keydb_hd_t hd, u32 *keyid, cdk_pubkey_t *r_pk) * like the user id or the signatures. **/ cdk_error_t -cdk_keydb_get_sk (cdk_keydb_hd_t hd, u32 *keyid, cdk_seckey_t *ret_sk) +cdk_keydb_get_sk (cdk_keydb_hd_t hd, u32 * keyid, cdk_seckey_t * ret_sk) { cdk_kbnode_t snode, node; cdk_seckey_t sk; @@ -1339,27 +1342,27 @@ cdk_keydb_get_sk (cdk_keydb_hd_t hd, u32 *keyid, cdk_seckey_t *ret_sk) /* We need to release the packet itself but not its contents and thus we detach the openpgp packet and release the structure. */ - _cdk_pkt_detach_free (node->pkt, &pkttype, (void*)&sk); + _cdk_pkt_detach_free (node->pkt, &pkttype, (void *) &sk); _cdk_kbnode_clone (node); cdk_kbnode_release (snode); - + *ret_sk = sk; return 0; } static int -is_selfsig (cdk_kbnode_t node, const u32 *keyid) +is_selfsig (cdk_kbnode_t node, const u32 * keyid) { cdk_pkt_signature_t sig; - + if (node->pkt->pkttype != CDK_PKT_SIGNATURE) return 0; sig = node->pkt->pkt.signature; if ((sig->sig_class >= 0x10 && sig->sig_class <= 0x13) && sig->keyid[0] == keyid[0] && sig->keyid[1] == keyid[1]) return 1; - + return 0; } @@ -1372,48 +1375,47 @@ find_selfsig_node (cdk_kbnode_t key, cdk_pkt_pubkey_t pk) cdk_kbnode_t n, sig; unsigned int ts; u32 keyid[2]; - + cdk_pk_get_keyid (pk, keyid); sig = NULL; ts = 0; for (n = key; n; n = n->next) { - if (is_selfsig (n, keyid) && - n->pkt->pkt.signature->timestamp > ts) + if (is_selfsig (n, keyid) && n->pkt->pkt.signature->timestamp > ts) { ts = n->pkt->pkt.signature->timestamp; sig = n; } } - + return sig; } -static -unsigned int key_usage_to_cdk_usage( unsigned int usage) +static unsigned int +key_usage_to_cdk_usage (unsigned int usage) { -unsigned key_usage = 0; - - if (usage & 0x01) /* cert + sign data */ - key_usage |= CDK_KEY_USG_CERT_SIGN; - if (usage & 0x02) /* cert + sign data */ - key_usage |= CDK_KEY_USG_DATA_SIGN; - if (usage & 0x04) /* encrypt comm. + storage */ - key_usage |= CDK_KEY_USG_COMM_ENCR; - if (usage & 0x08) /* encrypt comm. + storage */ - key_usage |= CDK_KEY_USG_STORAGE_ENCR; - if (usage & 0x10) /* encrypt comm. + storage */ - key_usage |= CDK_KEY_USG_SPLIT_KEY; - if (usage & 0x20) - key_usage |= CDK_KEY_USG_AUTH; - if (usage & 0x80) /* encrypt comm. + storage */ - key_usage |= CDK_KEY_USG_SHARED_KEY; - - return key_usage; + unsigned key_usage = 0; + + if (usage & 0x01) /* cert + sign data */ + key_usage |= CDK_KEY_USG_CERT_SIGN; + if (usage & 0x02) /* cert + sign data */ + key_usage |= CDK_KEY_USG_DATA_SIGN; + if (usage & 0x04) /* encrypt comm. + storage */ + key_usage |= CDK_KEY_USG_COMM_ENCR; + if (usage & 0x08) /* encrypt comm. + storage */ + key_usage |= CDK_KEY_USG_STORAGE_ENCR; + if (usage & 0x10) /* encrypt comm. + storage */ + key_usage |= CDK_KEY_USG_SPLIT_KEY; + if (usage & 0x20) + key_usage |= CDK_KEY_USG_AUTH; + if (usage & 0x80) /* encrypt comm. + storage */ + key_usage |= CDK_KEY_USG_SHARED_KEY; + + return key_usage; } static cdk_error_t -keydb_merge_selfsig (cdk_kbnode_t key, u32 *keyid) +keydb_merge_selfsig (cdk_kbnode_t key, u32 * keyid) { cdk_kbnode_t node, kbnode, unode; cdk_subpkt_t s = NULL; @@ -1445,31 +1447,31 @@ keydb_merge_selfsig (cdk_kbnode_t key, u32 *keyid) if (s && s->size == 4) key_expire = _cdk_buftou32 (s->d); s = cdk_subpkt_find (sig->hashed, CDK_SIGSUBPKT_PREFS_SYM); - if (s) + if (s) { symalg = s->d; nsymalg = s->size; n += s->size + 1; - } + } s = cdk_subpkt_find (sig->hashed, CDK_SIGSUBPKT_PREFS_HASH); - if (s) + if (s) { hashalg = s->d; nhashalg = s->size; n += s->size + 1; - } + } s = cdk_subpkt_find (sig->hashed, CDK_SIGSUBPKT_PREFS_ZIP); if (s) { compalg = s->d; ncompalg = s->size; n += s->size + 1; - } + } if (uid->prefs != NULL) cdk_free (uid->prefs); if (!n || !hashalg || !compalg || !symalg) uid->prefs = NULL; - else + else { uid->prefs = cdk_calloc (1, sizeof (*uid->prefs) * (n + 1)); if (!uid->prefs) @@ -1479,24 +1481,24 @@ keydb_merge_selfsig (cdk_kbnode_t key, u32 *keyid) { uid->prefs[n].type = CDK_PREFTYPE_SYM; uid->prefs[n].value = *symalg++; - } + } for (; nhashalg; nhashalg--, n++) { uid->prefs[n].type = CDK_PREFTYPE_HASH; uid->prefs[n].value = *hashalg++; - } + } for (; ncompalg; ncompalg--, n++) { uid->prefs[n].type = CDK_PREFTYPE_ZIP; uid->prefs[n].value = *compalg++; - } + } - uid->prefs[n].type = CDK_PREFTYPE_NONE; /* end of list marker */ + uid->prefs[n].type = CDK_PREFTYPE_NONE; /* end of list marker */ uid->prefs[n].value = 0; uid->prefs_size = n; } } - + /* Now we add the extracted information to the primary key. */ kbnode = cdk_kbnode_find (key, CDK_PKT_PUBLIC_KEY); if (kbnode) @@ -1512,12 +1514,12 @@ keydb_merge_selfsig (cdk_kbnode_t key, u32 *keyid) if (key_expire) { pk->expiredate = pk->timestamp + key_expire; - pk->has_expired = pk->expiredate> (u32)time (NULL)?0 :1; + pk->has_expired = pk->expiredate > (u32) time (NULL) ? 0 : 1; } - + pk->is_invalid = 0; } - + return 0; } @@ -1528,8 +1530,8 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) cdk_kbnode_t node, kb; cdk_pkt_signature_t sig; cdk_pkt_pubkey_t pk; - cdk_subpkt_t s=NULL; - u32 expiredate = 0, curtime = (u32)time (NULL); + cdk_subpkt_t s = NULL; + u32 expiredate = 0, curtime = (u32) time (NULL); u32 keyid[2]; if (!knode) @@ -1550,13 +1552,13 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) node->pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY) node->pkt->pkt.public_key->is_revoked = 0; } - + kb = cdk_kbnode_find (knode, CDK_PKT_PUBLIC_KEY); if (!kb) return CDK_Wrong_Format; cdk_pk_get_keyid (kb->pkt->pkt.public_key, keyid); - - for (node = knode; node; node = node->next) + + for (node = knode; node; node = node->next) { if (node->pkt->pkttype == CDK_PKT_SIGNATURE) { @@ -1578,7 +1580,7 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) else if (sig->sig_class == 0x28) { kb = cdk_kbnode_find_prev (knode, node, CDK_PKT_PUBLIC_SUBKEY); - if (kb) + if (kb) { kb->pkt->pkt.public_key->is_revoked = 1; if (check) @@ -1590,10 +1592,10 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) /* Revocation certifcates for user ID's */ else if (sig->sig_class == 0x30) { - if( sig->keyid[0] != keyid[0] || sig->keyid[1] != keyid[1] ) - continue; /* revokes an earlier signature, no userID. */ + if (sig->keyid[0] != keyid[0] || sig->keyid[1] != keyid[1]) + continue; /* revokes an earlier signature, no userID. */ kb = cdk_kbnode_find_prev (knode, node, CDK_PKT_USER_ID); - if (kb) + if (kb) { kb->pkt->pkt.user_id->is_revoked = 1; if (check) @@ -1606,17 +1608,17 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) else if (sig->sig_class == 0x1F) { kb = cdk_kbnode_find_prev (knode, node, CDK_PKT_PUBLIC_KEY); - if (kb) + if (kb) { pk = kb->pkt->pkt.public_key; pk->is_invalid = 0; s = cdk_subpkt_find (node->pkt->pkt.signature->hashed, CDK_SIGSUBPKT_KEY_EXPIRE); - if (s) + if (s) { - expiredate = _cdk_buftou32( s->d ); + expiredate = _cdk_buftou32 (s->d); pk->expiredate = pk->timestamp + expiredate; - pk->has_expired = pk->expiredate > curtime? 0 : 1; + pk->has_expired = pk->expiredate > curtime ? 0 : 1; } if (check) _cdk_pk_check_sig (hd, kb, node, NULL, NULL); @@ -1625,27 +1627,27 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) return CDK_Error_No_Key; } /* Direct certificates for subkeys */ - else if( sig->sig_class == 0x18 ) + else if (sig->sig_class == 0x18) { kb = cdk_kbnode_find_prev (knode, node, CDK_PKT_PUBLIC_SUBKEY); - if (kb) + if (kb) { pk = kb->pkt->pkt.public_key; pk->is_invalid = 0; s = cdk_subpkt_find (node->pkt->pkt.signature->hashed, CDK_SIGSUBPKT_KEY_EXPIRE); - if (s) + if (s) { expiredate = _cdk_buftou32 (s->d); pk->expiredate = pk->timestamp + expiredate; - pk->has_expired = pk->expiredate > curtime? 0 : 1; + pk->has_expired = pk->expiredate > curtime ? 0 : 1; } if (check) _cdk_pk_check_sig (hd, kb, node, NULL, NULL); } - else - return CDK_Error_No_Key; - } + else + return CDK_Error_No_Key; + } } } node = cdk_kbnode_find (knode, CDK_PKT_PUBLIC_KEY); @@ -1664,7 +1666,7 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) } } if (node && (node->pkt->pkt.public_key->is_revoked || - node->pkt->pkt.public_key->has_expired) ) + node->pkt->pkt.public_key->has_expired)) { /* If the primary key has been revoked, mark all subkeys as invalid because without a primary key they are not useable */ @@ -1674,22 +1676,24 @@ keydb_parse_allsigs (cdk_kbnode_t knode, cdk_keydb_hd_t hd, int check) node->pkt->pkt.public_key->is_invalid = 1; } } - + return 0; } -void add_key_usage( cdk_kbnode_t knode, u32 keyid[2], unsigned int usage) +void +add_key_usage (cdk_kbnode_t knode, u32 keyid[2], unsigned int usage) { - cdk_kbnode_t p, ctx; - cdk_packet_t pkt; + cdk_kbnode_t p, ctx; + cdk_packet_t pkt; ctx = NULL; while ((p = cdk_kbnode_walk (knode, &ctx, 0))) { pkt = cdk_kbnode_get_packet (p); - if ((pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY || pkt->pkttype == CDK_PKT_PUBLIC_KEY) && \ - pkt->pkt.public_key->keyid[0] == keyid[0] && \ - pkt->pkt.public_key->keyid[1] == keyid[1]) + if ((pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY + || pkt->pkttype == CDK_PKT_PUBLIC_KEY) + && pkt->pkt.public_key->keyid[0] == keyid[0] + && pkt->pkt.public_key->keyid[1] == keyid[1]) { pkt->pkt.public_key->pubkey_usage = usage; return; @@ -1699,7 +1703,7 @@ void add_key_usage( cdk_kbnode_t knode, u32 keyid[2], unsigned int usage) } cdk_error_t -cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) +cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t * r_knode) { cdk_packet_t pkt; cdk_kbnode_t knode, node; @@ -1707,7 +1711,7 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) cdk_error_t rc; u32 keyid[2], main_keyid[2]; off_t old_off; - int key_seen, got_key; + int key_seen, got_key; if (!inp || !r_knode) return CDK_Inv_Value; @@ -1715,10 +1719,10 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) /* Reset all values. */ keyid[0] = keyid[1] = 0; main_keyid[0] = main_keyid[1] = 0; - revkeys = NULL; + revkeys = NULL; knode = NULL; key_seen = got_key = 0; - + *r_knode = NULL; rc = CDK_EOF; while (!cdk_stream_eof (inp)) @@ -1732,17 +1736,17 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) if (rc == CDK_EOF) break; else - { /* Release all packets we reached so far. */ + { /* Release all packets we reached so far. */ _cdk_log_debug ("keydb_get_keyblock: error %d\n", rc); cdk_kbnode_release (knode); return rc; } } - if (pkt->pkttype == CDK_PKT_PUBLIC_KEY || + if (pkt->pkttype == CDK_PKT_PUBLIC_KEY || pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY || - pkt->pkttype == CDK_PKT_SECRET_KEY || - pkt->pkttype == CDK_PKT_SECRET_SUBKEY) + pkt->pkttype == CDK_PKT_SECRET_KEY || + pkt->pkttype == CDK_PKT_SECRET_SUBKEY) { if (key_seen && (pkt->pkttype == CDK_PKT_PUBLIC_KEY || pkt->pkttype == CDK_PKT_SECRET_KEY)) @@ -1761,18 +1765,18 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) } else if (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY || pkt->pkttype == CDK_PKT_SECRET_SUBKEY) - { - if (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY) - { - pkt->pkt.public_key->main_keyid[0] = main_keyid[0]; - pkt->pkt.public_key->main_keyid[1] = main_keyid[1]; - } - else - { - pkt->pkt.secret_key->main_keyid[0] = main_keyid[0]; - pkt->pkt.secret_key->main_keyid[1] = main_keyid[1]; - } - } + { + if (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY) + { + pkt->pkt.public_key->main_keyid[0] = main_keyid[0]; + pkt->pkt.public_key->main_keyid[1] = main_keyid[1]; + } + else + { + pkt->pkt.secret_key->main_keyid[0] = main_keyid[0]; + pkt->pkt.secret_key->main_keyid[1] = main_keyid[1]; + } + } /* We save this for the signature */ _cdk_pkt_get_keyid (pkt, keyid); got_key = 1; @@ -1789,11 +1793,13 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) pkt->pkt.signature->revkeys) revkeys = pkt->pkt.signature->revkeys; - s = cdk_subpkt_find (pkt->pkt.signature->hashed, CDK_SIGSUBPKT_KEY_FLAGS); + s = + cdk_subpkt_find (pkt->pkt.signature->hashed, + CDK_SIGSUBPKT_KEY_FLAGS); if (s) { - unsigned int key_usage = key_usage_to_cdk_usage( s->d[0]); - add_key_usage( knode, pkt->pkt.signature->key, key_usage); + unsigned int key_usage = key_usage_to_cdk_usage (s->d[0]); + add_key_usage (knode, pkt->pkt.signature->key, key_usage); } } node = cdk_kbnode_new (pkt); @@ -1807,17 +1813,17 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) { keydb_merge_selfsig (knode, main_keyid); rc = keydb_parse_allsigs (knode, NULL, 0); - if (revkeys) + if (revkeys) { node = cdk_kbnode_find (knode, CDK_PKT_PUBLIC_KEY); if (node) node->pkt->pkt.public_key->revkeys = revkeys; - } + } } else cdk_kbnode_release (knode); - *r_knode = got_key? knode : NULL; - + *r_knode = got_key ? knode : NULL; + /* It is possible that we are in an EOF condition after we successfully read a keyblock. For example if the requested key is the last in the file. */ @@ -1830,36 +1836,44 @@ cdk_keydb_get_keyblock (cdk_stream_t inp, cdk_kbnode_t *r_knode) /* Return the type of the given data. In case it cannot be classified, a substring search will be performed. */ static int -classify_data (const byte *buf, size_t len) +classify_data (const byte * buf, size_t len) { int type; unsigned int i; - + if (buf[0] == '0' && (buf[1] == 'x' || buf[1] == 'X')) - { /* Skip hex prefix. */ + { /* Skip hex prefix. */ buf += 2; len -= 2; } - + /* The length of the data does not match either a keyid or a fingerprint. */ if (len != 8 && len != 16 && len != 40) return CDK_DBSEARCH_SUBSTR; - - for (i = 0; i < len; i++) + + for (i = 0; i < len; i++) { if (!isxdigit (buf[i])) return CDK_DBSEARCH_SUBSTR; } if (i != len) return CDK_DBSEARCH_SUBSTR; - switch (len) + switch (len) { - case 8: type = CDK_DBSEARCH_SHORT_KEYID; break; - case 16: type = CDK_DBSEARCH_KEYID; break; - case 40: type = CDK_DBSEARCH_FPR; break; - default: type = CDK_DBSEARCH_SUBSTR; break; + case 8: + type = CDK_DBSEARCH_SHORT_KEYID; + break; + case 16: + type = CDK_DBSEARCH_KEYID; + break; + case 40: + type = CDK_DBSEARCH_FPR; + break; + default: + type = CDK_DBSEARCH_SUBSTR; + break; } - + return type; } @@ -1889,23 +1903,23 @@ cdk_keydb_export (cdk_keydb_hd_t hd, cdk_stream_t out, cdk_strlist_t remusr) if (rc) return rc; rc = cdk_keydb_search (st, hd, &knode); - cdk_keydb_search_release( st); - + cdk_keydb_search_release (st); + if (rc) return rc; node = cdk_kbnode_find (knode, CDK_PKT_PUBLIC_KEY); if (!node) return CDK_Error_No_Key; - + /* If the key is a version 3 key, use the old packet format for the output. */ if (node->pkt->pkt.public_key->version == 3) old_ctb = 1; else old_ctb = 0; - - for (node = knode; node; node = node->next) + + for (node = knode; node; node = node->next) { /* No specified format; skip them */ if (node->pkt->pkttype == CDK_PKT_RING_TRUST) @@ -1926,7 +1940,7 @@ cdk_keydb_export (cdk_keydb_hd_t hd, cdk_stream_t out, cdk_strlist_t remusr) { cdk_kbnode_release (knode); return rc; - } + } } cdk_kbnode_release (knode); knode = NULL; @@ -1939,13 +1953,13 @@ static cdk_packet_t find_key_packet (cdk_kbnode_t knode, int *r_is_sk) { cdk_packet_t pkt; - + pkt = cdk_kbnode_find_packet (knode, CDK_PKT_PUBLIC_KEY); - if (!pkt) + if (!pkt) { pkt = cdk_kbnode_find_packet (knode, CDK_PKT_SECRET_KEY); if (r_is_sk) - *r_is_sk = pkt? 1 : 0; + *r_is_sk = pkt ? 1 : 0; } return pkt; } @@ -1965,11 +1979,11 @@ is_key_node (cdk_kbnode_t node) case CDK_PKT_USER_ID: case CDK_PKT_ATTRIBUTE: return 1; - + default: return 0; } - + return 0; } @@ -1979,26 +1993,26 @@ cdk_keydb_import (cdk_keydb_hd_t hd, cdk_kbnode_t knode) { cdk_kbnode_t node, chk; cdk_packet_t pkt; - cdk_stream_t out; + cdk_stream_t out; cdk_error_t rc; u32 keyid[2]; - + if (!hd || !knode) return CDK_Inv_Value; - + pkt = find_key_packet (knode, NULL); if (!pkt) return CDK_Inv_Packet; - + _cdk_pkt_get_keyid (pkt, keyid); chk = NULL; cdk_keydb_get_bykeyid (hd, keyid, &chk); if (chk) - { /* FIXME: search for new signatures */ + { /* FIXME: search for new signatures */ cdk_kbnode_release (chk); return 0; } - + /* We append data to the stream so we need to close the stream here to re-open it later. */ if (hd->fp) @@ -2006,29 +2020,29 @@ cdk_keydb_import (cdk_keydb_hd_t hd, cdk_kbnode_t knode) cdk_stream_close (hd->fp); hd->fp = NULL; } - + rc = _cdk_stream_append (hd->name, &out); if (rc) return rc; - + for (node = knode; node; node = node->next) { if (node->pkt->pkttype == CDK_PKT_RING_TRUST) - continue; /* No uniformed syntax for this packet */ + continue; /* No uniformed syntax for this packet */ if (node->pkt->pkttype == CDK_PKT_SIGNATURE && !node->pkt->pkt.signature->flags.exportable) { _cdk_log_debug ("key db import: skip local signature\n"); continue; } - + if (!is_key_node (node)) { _cdk_log_debug ("key db import: skip invalid node of type %d\n", node->pkt->pkttype); continue; } - + rc = cdk_pkt_write (out, node->pkt); if (rc) { @@ -2036,60 +2050,60 @@ cdk_keydb_import (cdk_keydb_hd_t hd, cdk_kbnode_t knode) return rc; } } - + cdk_stream_close (out); hd->stats.new_keys++; - + return 0; } cdk_error_t -_cdk_keydb_check_userid (cdk_keydb_hd_t hd, u32 *keyid, const char *id) +_cdk_keydb_check_userid (cdk_keydb_hd_t hd, u32 * keyid, const char *id) { - cdk_kbnode_t knode = NULL, unode = NULL; + cdk_kbnode_t knode = NULL, unode = NULL; cdk_error_t rc; int check; cdk_keydb_search_t st; if (!hd) return CDK_Inv_Value; - + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_KEYID, keyid); if (rc) return rc; rc = cdk_keydb_search (st, hd, &knode); - cdk_keydb_search_release( st); - + cdk_keydb_search_release (st); + if (rc) return rc; - rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_EXACT, (char *)id); - if (!rc) + rc = cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_EXACT, (char *) id); + if (!rc) { rc = cdk_keydb_search (st, hd, &unode); - cdk_keydb_search_release( st); + cdk_keydb_search_release (st); } if (rc) { cdk_kbnode_release (knode); return rc; } - + check = 0; cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_KEYID, keyid); if (unode && find_by_keyid (unode, st)) check++; - cdk_keydb_search_release( st); + cdk_keydb_search_release (st); cdk_kbnode_release (unode); - - cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_EXACT, (char *)id); + + cdk_keydb_search_start (&st, hd, CDK_DBSEARCH_EXACT, (char *) id); if (knode && find_by_pattern (knode, st)) check++; - cdk_keydb_search_release( st); + cdk_keydb_search_release (st); cdk_kbnode_release (knode); - - return check==2 ? 0 : CDK_Inv_Value; + + return check == 2 ? 0 : CDK_Inv_Value; } @@ -2102,23 +2116,23 @@ _cdk_keydb_check_userid (cdk_keydb_hd_t hd, u32 *keyid, const char *id) * in the key database. **/ cdk_error_t -cdk_keydb_check_sk (cdk_keydb_hd_t hd, u32 *keyid) +cdk_keydb_check_sk (cdk_keydb_hd_t hd, u32 * keyid) { cdk_stream_t db; - cdk_packet_t pkt; + cdk_packet_t pkt; cdk_error_t rc; u32 kid[2]; - + if (!hd || !keyid) return CDK_Inv_Value; if (!hd->secret) return CDK_Inv_Mode; - + rc = _cdk_keydb_open (hd, &db); - if (rc) + if (rc) return rc; cdk_pkt_new (&pkt); - while (!cdk_pkt_read (db, pkt)) + while (!cdk_pkt_read (db, pkt)) { if (pkt->pkttype != CDK_PKT_SECRET_KEY && pkt->pkttype != CDK_PKT_SECRET_SUBKEY) @@ -2127,11 +2141,11 @@ cdk_keydb_check_sk (cdk_keydb_hd_t hd, u32 *keyid) continue; } cdk_sk_get_keyid (pkt->pkt.secret_key, kid); - if (KEYID_CMP (kid, keyid)) + if (KEYID_CMP (kid, keyid)) { cdk_pkt_release (pkt); return 0; - } + } cdk_pkt_free (pkt); } cdk_pkt_release (pkt); @@ -2153,12 +2167,12 @@ cdk_keydb_check_sk (cdk_keydb_hd_t hd, u32 *keyid) **/ cdk_error_t cdk_listkey_start (cdk_listkey_t * r_ctx, cdk_keydb_hd_t db, - const char * patt, cdk_strlist_t fpatt) + const char *patt, cdk_strlist_t fpatt) { cdk_listkey_t ctx; cdk_stream_t inp; cdk_error_t rc; - + if (!r_ctx || !db) return CDK_Inv_Value; if ((patt && fpatt) || (!patt && !fpatt)) @@ -2183,7 +2197,7 @@ cdk_listkey_start (cdk_listkey_t * r_ctx, cdk_keydb_hd_t db, for (l = fpatt; l; l = l->next) cdk_strlist_add (&ctx->u.fpatt, l->d); } - ctx->type = patt? 1 : 0; + ctx->type = patt ? 1 : 0; ctx->init = 1; *r_ctx = ctx; return 0; @@ -2201,7 +2215,7 @@ cdk_listkey_close (cdk_listkey_t ctx) { if (!ctx) return; - + if (ctx->type) cdk_free (ctx->u.patt); else @@ -2218,13 +2232,13 @@ cdk_listkey_close (cdk_listkey_t ctx) * Retrieve the next key from the pattern of the key list context. **/ cdk_error_t -cdk_listkey_next (cdk_listkey_t ctx, cdk_kbnode_t *ret_key) +cdk_listkey_next (cdk_listkey_t ctx, cdk_kbnode_t * ret_key) { if (!ctx || !ret_key) return CDK_Inv_Value; if (!ctx->init) return CDK_Inv_Mode; - + if (ctx->type && ctx->u.patt[0] == '*') return cdk_keydb_get_keyblock (ctx->inp, ret_key); else if (ctx->type) @@ -2232,7 +2246,7 @@ cdk_listkey_next (cdk_listkey_t ctx, cdk_kbnode_t *ret_key) cdk_kbnode_t node; struct cdk_keydb_search_s ks; cdk_error_t rc; - + for (;;) { rc = cdk_keydb_get_keyblock (ctx->inp, &node); @@ -2248,9 +2262,9 @@ cdk_listkey_next (cdk_listkey_t ctx, cdk_kbnode_t *ret_key) } cdk_kbnode_release (node); node = NULL; - } + } } - else + else { if (!ctx->t) ctx->t = ctx->u.fpatt; diff --git a/lib/opencdk/literal.c b/lib/opencdk/literal.c index 7a0a43453b..5e16bd1ef4 100644 --- a/lib/opencdk/literal.c +++ b/lib/opencdk/literal.c @@ -34,11 +34,11 @@ /* Duplicate the string @s but strip of possible relative folder names of it. */ -static char* +static char * dup_trim_filename (const char *s) { char *p = NULL; - + p = strrchr (s, '/'); if (!p) p = strrchr (s, '\\'); @@ -47,9 +47,9 @@ dup_trim_filename (const char *s) return cdk_strdup (p + 1); } - + static cdk_error_t -literal_decode (void *opaque, FILE *in, FILE *out) +literal_decode (void *opaque, FILE * in, FILE * out) { literal_filter_t *pfx = opaque; cdk_stream_t si, so; @@ -61,31 +61,31 @@ literal_decode (void *opaque, FILE *in, FILE *out) cdk_error_t rc; _cdk_log_debug ("literal filter: decode\n"); - + if (!pfx || !in || !out) return CDK_Inv_Value; - + rc = _cdk_stream_fpopen (in, STREAMCTL_READ, &si); if (rc) return rc; - + cdk_pkt_new (&pkt); rc = cdk_pkt_read (si, pkt); if (rc || pkt->pkttype != CDK_PKT_LITERAL) { cdk_pkt_release (pkt); cdk_stream_close (si); - return !rc? CDK_Inv_Packet: rc; + return !rc ? CDK_Inv_Packet : rc; } - + rc = _cdk_stream_fpopen (out, STREAMCTL_WRITE, &so); if (rc) { cdk_pkt_release (pkt); cdk_stream_close (si); return rc; - } - + } + pt = pkt->pkt.literal; pfx->mode = pt->mode; @@ -109,24 +109,25 @@ literal_decode (void *opaque, FILE *in, FILE *out) cdk_pkt_release (pkt); cdk_stream_close (si); cdk_stream_close (so); - _cdk_log_debug ("literal filter: no file name and no PGP extension\n"); + _cdk_log_debug + ("literal filter: no file name and no PGP extension\n"); return CDK_Inv_Mode; } _cdk_log_debug ("literal filter: derrive file name from original\n"); pfx->filename = dup_trim_filename (pfx->orig_filename); - pfx->filename[strlen (pfx->filename)-4] = '\0'; + pfx->filename[strlen (pfx->filename) - 4] = '\0'; } - + while (!feof (in)) - { + { _cdk_log_debug ("literal_decode: part on %d size %lu\n", pfx->blkmode.on, pfx->blkmode.size); if (pfx->blkmode.on) bufsize = pfx->blkmode.size; else - bufsize = pt->len < DIM (buf)? pt->len : DIM (buf); + bufsize = pt->len < DIM (buf) ? pt->len : DIM (buf); nread = cdk_stream_read (pt->buf, buf, bufsize); - if (nread == EOF) + if (nread == EOF) { rc = CDK_File_Error; break; @@ -136,15 +137,15 @@ literal_decode (void *opaque, FILE *in, FILE *out) cdk_stream_write (so, buf, nread); pt->len -= nread; if (pfx->blkmode.on) - { + { pfx->blkmode.size = _cdk_pkt_read_len (in, &pfx->blkmode.on); - if ((ssize_t)pfx->blkmode.size == EOF) + if ((ssize_t) pfx->blkmode.size == EOF) return CDK_Inv_Packet; - } + } if (pt->len <= 0 && !pfx->blkmode.on) break; } - + cdk_stream_close (si); cdk_stream_close (so); cdk_pkt_release (pkt); @@ -157,18 +158,22 @@ intmode_to_char (int mode) { switch (mode) { - case CDK_LITFMT_BINARY: return 'b'; - case CDK_LITFMT_TEXT: return 't'; - case CDK_LITFMT_UNICODE:return 'u'; - default: return 'b'; + case CDK_LITFMT_BINARY: + return 'b'; + case CDK_LITFMT_TEXT: + return 't'; + case CDK_LITFMT_UNICODE: + return 'u'; + default: + return 'b'; } - + return 'b'; } - - + + static cdk_error_t -literal_encode (void *opaque, FILE *in, FILE *out) +literal_encode (void *opaque, FILE * in, FILE * out) { literal_filter_t *pfx = opaque; cdk_pkt_literal_t pt; @@ -176,17 +181,17 @@ literal_encode (void *opaque, FILE *in, FILE *out) cdk_packet_t pkt; size_t filelen; cdk_error_t rc; - + _cdk_log_debug ("literal filter: encode\n"); - + if (!pfx || !in || !out) - return CDK_Inv_Value; - if (!pfx->filename) + return CDK_Inv_Value; + if (!pfx->filename) { pfx->filename = cdk_strdup ("_CONSOLE"); if (!pfx->filename) return CDK_Out_Of_Core; - } + } rc = _cdk_stream_fpopen (in, STREAMCTL_READ, &si); if (rc) @@ -200,11 +205,11 @@ literal_encode (void *opaque, FILE *in, FILE *out) cdk_pkt_release (pkt); cdk_stream_close (si); return CDK_Out_Of_Core; - } + } memcpy (pt->name, pfx->filename, filelen); pt->namelen = filelen; pt->name[pt->namelen] = '\0'; - pt->timestamp = (u32)time (NULL); + pt->timestamp = (u32) time (NULL); pt->mode = intmode_to_char (pfx->mode); pt->len = cdk_stream_get_length (si); pt->buf = si; @@ -212,7 +217,7 @@ literal_encode (void *opaque, FILE *in, FILE *out) pkt->pkttype = CDK_PKT_LITERAL; pkt->pkt.literal = pt; rc = _cdk_pkt_write_fp (out, pkt); - + cdk_pkt_release (pkt); cdk_stream_close (si); return rc; @@ -220,10 +225,10 @@ literal_encode (void *opaque, FILE *in, FILE *out) int -_cdk_filter_literal (void * opaque, int ctl, FILE * in, FILE * out) +_cdk_filter_literal (void *opaque, int ctl, FILE * in, FILE * out) { if (ctl == STREAMCTL_READ) - return literal_decode( opaque, in, out ); + return literal_decode (opaque, in, out); else if (ctl == STREAMCTL_WRITE) return literal_encode (opaque, in, out); else if (ctl == STREAMCTL_FREE) @@ -244,54 +249,54 @@ _cdk_filter_literal (void * opaque, int ctl, FILE * in, FILE * out) static int -text_encode (void *opaque, FILE *in, FILE *out) +text_encode (void *opaque, FILE * in, FILE * out) { const char *s; char buf[2048]; - + if (!in || !out) return CDK_Inv_Value; - + /* FIXME: This code does not work for very long lines. */ - while (!feof (in)) + while (!feof (in)) { - s = fgets (buf, DIM (buf)-1, in); + s = fgets (buf, DIM (buf) - 1, in); if (!s) break; _cdk_trim_string (buf, 1); fwrite (buf, 1, strlen (buf), out); } - + return 0; } - + static int -text_decode (void * opaque, FILE * in, FILE * out) +text_decode (void *opaque, FILE * in, FILE * out) { text_filter_t *tfx = opaque; const char *s; char buf[2048]; - + if (!tfx || !in || !out) return CDK_Inv_Value; - - while (!feof (in)) + + while (!feof (in)) { - s = fgets (buf, DIM (buf)-1, in); + s = fgets (buf, DIM (buf) - 1, in); if (!s) break; _cdk_trim_string (buf, 0); fwrite (buf, 1, strlen (buf), out); fwrite (tfx->lf, 1, strlen (tfx->lf), out); } - + return 0; } int -_cdk_filter_text (void *opaque, int ctl, FILE *in, FILE *out) +_cdk_filter_text (void *opaque, int ctl, FILE * in, FILE * out) { if (ctl == STREAMCTL_READ) return text_encode (opaque, in, out); @@ -299,8 +304,8 @@ _cdk_filter_text (void *opaque, int ctl, FILE *in, FILE *out) return text_decode (opaque, in, out); else if (ctl == STREAMCTL_FREE) { - text_filter_t * tfx = opaque; - if (tfx) + text_filter_t *tfx = opaque; + if (tfx) { _cdk_log_debug ("free text filter\n"); tfx->lf = NULL; diff --git a/lib/opencdk/main.c b/lib/opencdk/main.c index cb89a471e9..202ab5a4a4 100644 --- a/lib/opencdk/main.c +++ b/lib/opencdk/main.c @@ -49,50 +49,81 @@ * * Return an error text for the given id. **/ -const char* +const char * cdk_strerror (int ec) { static char buf[20]; - - switch (ec) + + switch (ec) { - case CDK_EOF: return "End Of File"; - case CDK_Success: return "No error"; - case CDK_General_Error: return "General error"; - case CDK_File_Error: return strerror (errno); - case CDK_Bad_Sig: return "Bad signature"; - case CDK_Inv_Packet: return "Invalid packet"; - case CDK_Inv_Algo: return "Invalid algorithm"; - case CDK_Not_Implemented: return "This is not implemented yet"; - case CDK_Armor_Error: return "ASCII armor error"; - case CDK_Armor_CRC_Error: return "ASCII armored damaged (CRC error)"; - case CDK_MPI_Error: return "Invalid or missformed MPI"; - case CDK_Inv_Value: return "Invalid parameter or value"; - case CDK_Error_No_Key: return "No key available or not found"; - case CDK_Chksum_Error: return "Check for key does not match"; - case CDK_Time_Conflict: return "Time conflict"; - case CDK_Zlib_Error: return "ZLIB error"; - case CDK_Weak_Key: return "Weak key was detected"; - case CDK_Out_Of_Core: return "Out of core!!"; - case CDK_Wrong_Seckey: return "Wrong secret key"; - case CDK_Wrong_Format: return "Data has wrong format"; - case CDK_Bad_MDC: return "Manipulated MDC detected"; - case CDK_Inv_Mode: return "Invalid mode"; - case CDK_Error_No_Keyring: return "No keyring available"; - case CDK_Inv_Packet_Ver: return "Invalid version for packet"; - case CDK_Too_Short: return "Buffer or object is too short"; - case CDK_Unusable_Key: return "Unusable public key"; - case CDK_No_Data: return "No data"; - case CDK_No_Passphrase: return "No passphrase supplied"; - case CDK_Network_Error: return "A network error occurred"; - default: sprintf (buf, "ec=%d", ec); return buf; + case CDK_EOF: + return "End Of File"; + case CDK_Success: + return "No error"; + case CDK_General_Error: + return "General error"; + case CDK_File_Error: + return strerror (errno); + case CDK_Bad_Sig: + return "Bad signature"; + case CDK_Inv_Packet: + return "Invalid packet"; + case CDK_Inv_Algo: + return "Invalid algorithm"; + case CDK_Not_Implemented: + return "This is not implemented yet"; + case CDK_Armor_Error: + return "ASCII armor error"; + case CDK_Armor_CRC_Error: + return "ASCII armored damaged (CRC error)"; + case CDK_MPI_Error: + return "Invalid or missformed MPI"; + case CDK_Inv_Value: + return "Invalid parameter or value"; + case CDK_Error_No_Key: + return "No key available or not found"; + case CDK_Chksum_Error: + return "Check for key does not match"; + case CDK_Time_Conflict: + return "Time conflict"; + case CDK_Zlib_Error: + return "ZLIB error"; + case CDK_Weak_Key: + return "Weak key was detected"; + case CDK_Out_Of_Core: + return "Out of core!!"; + case CDK_Wrong_Seckey: + return "Wrong secret key"; + case CDK_Wrong_Format: + return "Data has wrong format"; + case CDK_Bad_MDC: + return "Manipulated MDC detected"; + case CDK_Inv_Mode: + return "Invalid mode"; + case CDK_Error_No_Keyring: + return "No keyring available"; + case CDK_Inv_Packet_Ver: + return "Invalid version for packet"; + case CDK_Too_Short: + return "Buffer or object is too short"; + case CDK_Unusable_Key: + return "Unusable public key"; + case CDK_No_Data: + return "No data"; + case CDK_No_Passphrase: + return "No passphrase supplied"; + case CDK_Network_Error: + return "A network error occurred"; + default: + sprintf (buf, "ec=%d", ec); + return buf; } return NULL; } /* Use the passphrase callback in the handle HD or return NULL if there is no valid callback. */ -char* +char * _cdk_passphrase_get (cdk_ctx_t hd, const char *prompt) { if (!hd || !hd->passphrase_cb) @@ -108,7 +139,7 @@ handle_set_digest (cdk_ctx_t hd, int digest) return; if (_gnutls_hash_get_algo_len (digest) <= 0) digest = DEFAULT_DIGEST_ALGO; - hd->digest_algo = digest; + hd->digest_algo = digest; } @@ -120,8 +151,7 @@ handle_set_s2k (cdk_ctx_t hd, int mode, int digest) if (_gnutls_hash_get_algo_len (digest) <= 0) digest = DEFAULT_DIGEST_ALGO; if (mode != CDK_S2K_SIMPLE && - mode != CDK_S2K_SALTED && - mode != CDK_S2K_ITERSALTED) + mode != CDK_S2K_SALTED && mode != CDK_S2K_ITERSALTED) mode = CDK_S2K_ITERSALTED; hd->_s2k.mode = mode; hd->_s2k.digest_algo = digest; @@ -138,7 +168,7 @@ handle_set_compress (cdk_ctx_t hd, int algo, int level) hd->compress.algo = algo; if (!algo) hd->opt.compress = 0; - else + else { if (level > 0 && level < 10) hd->compress.level = level; @@ -161,38 +191,38 @@ cdk_handle_control (cdk_ctx_t hd, int action, int cmd, ...) { va_list arg_ptr; int set = action == CDK_CTLF_SET, val = 0; - + if (!hd) return -1; - + if (action != CDK_CTLF_SET && action != CDK_CTLF_GET) return -1; va_start (arg_ptr, cmd); - switch( cmd ) + switch (cmd) { case CDK_CTL_ARMOR: if (set) - hd->opt.armor = va_arg( arg_ptr, int ); + hd->opt.armor = va_arg (arg_ptr, int); else val = hd->opt.armor; break; case CDK_CTL_DIGEST: if (set) - handle_set_digest( hd, va_arg( arg_ptr, int ) ); + handle_set_digest (hd, va_arg (arg_ptr, int)); else val = hd->digest_algo; break; - + case CDK_CTL_OVERWRITE: if (set) hd->opt.overwrite = va_arg (arg_ptr, int); else val = hd->opt.overwrite; break; - + case CDK_CTL_COMPRESS: - if (set) + if (set) { int algo = va_arg (arg_ptr, int); int level = va_arg (arg_ptr, int); @@ -201,40 +231,41 @@ cdk_handle_control (cdk_ctx_t hd, int action, int cmd, ...) else val = hd->compress.algo; break; - + case CDK_CTL_S2K: - if( set ) { - int mode = va_arg( arg_ptr, int ); - int digest = va_arg( arg_ptr, int ); - handle_set_s2k( hd, mode, digest); - } + if (set) + { + int mode = va_arg (arg_ptr, int); + int digest = va_arg (arg_ptr, int); + handle_set_s2k (hd, mode, digest); + } else val = hd->_s2k.mode; break; - + case CDK_CTL_FORCE_DIGEST: if (set) hd->opt.force_digest = va_arg (arg_ptr, int); else val = hd->opt.force_digest; break; - + case CDK_CTL_BLOCKMODE_ON: - if( set ) - hd->opt.blockmode = va_arg( arg_ptr, int ); + if (set) + hd->opt.blockmode = va_arg (arg_ptr, int); else val = hd->opt.blockmode; break; - + default: val = -1; - break; + break; } va_end (arg_ptr); return val; } - + /** * cdk_handle_new: @@ -243,31 +274,31 @@ cdk_handle_control (cdk_ctx_t hd, int action, int cmd, ...) * create a new session handle. **/ cdk_error_t -cdk_handle_new (cdk_ctx_t *r_ctx) +cdk_handle_new (cdk_ctx_t * r_ctx) { cdk_ctx_t c; - + if (!r_ctx) return CDK_Inv_Value; - + c = cdk_calloc (1, sizeof *c); if (!c) return CDK_Out_Of_Core; - + /* For S2K use the iterated and salted mode and use the default digest and cipher algorithms. Because the MDC feature will be used, the default cipher should use a blocksize of 128 bits. */ c->_s2k.mode = CDK_S2K_ITERSALTED; c->_s2k.digest_algo = DEFAULT_DIGEST_ALGO; - + c->opt.mdc = 1; c->opt.compress = 1; c->opt.armor = 0; c->opt.textmode = 0; - + c->digest_algo = DEFAULT_DIGEST_ALGO; - + c->compress.algo = CDK_COMPRESS_ZIP; c->compress.level = 6; @@ -289,11 +320,11 @@ cdk_handle_set_keyring (cdk_ctx_t hd, int type, const char *kringname) { cdk_keydb_hd_t db; cdk_error_t err; - + err = cdk_keydb_new_from_file (&db, type, kringname); if (err) return err; - + if (!type) hd->db.pub = db; else @@ -302,7 +333,7 @@ cdk_handle_set_keyring (cdk_ctx_t hd, int type, const char *kringname) return 0; } - + /** * cdk_handle_set_keydb: * @hd: session handle @@ -353,14 +384,15 @@ cdk_handle_get_keydb (cdk_ctx_t hd, int type) * * set the passphrase callback. **/ -void cdk_handle_set_passphrase_cb (cdk_ctx_t hd, - char *(*cb) (void *opa, const char *prompt), - void * cb_value) +void +cdk_handle_set_passphrase_cb (cdk_ctx_t hd, + char *(*cb) (void *opa, const char *prompt), + void *cb_value) { - if (!hd) - return; - hd->passphrase_cb = cb; - hd->passphrase_cb_value = cb_value; + if (!hd) + return; + hd->passphrase_cb = cb; + hd->passphrase_cb_value = cb_value; } @@ -371,7 +403,7 @@ void cdk_handle_set_passphrase_cb (cdk_ctx_t hd, * Return the verify result for the current session. * Do not free the pointer. **/ -cdk_verify_result_t +cdk_verify_result_t cdk_handle_verify_get_result (cdk_ctx_t hd) { return hd->result.verify; @@ -400,6 +432,6 @@ cdk_handle_free (cdk_ctx_t hd) if (hd->db.sec) cdk_keydb_free (hd->db.sec); hd->db.pub = hd->db.sec = NULL; - } + } cdk_free (hd); } diff --git a/lib/opencdk/misc.c b/lib/opencdk/misc.c index be8e074f9b..bc407b2052 100644 --- a/lib/opencdk/misc.c +++ b/lib/opencdk/misc.c @@ -35,29 +35,29 @@ u32 -_cdk_buftou32 (const byte *buf) +_cdk_buftou32 (const byte * buf) { u32 u; - + if (!buf) return 0; - u = buf[0] << 24; + u = buf[0] << 24; u |= buf[1] << 16; - u |= buf[2] << 8; + u |= buf[2] << 8; u |= buf[3]; return u; } void -_cdk_u32tobuf (u32 u, byte *buf) +_cdk_u32tobuf (u32 u, byte * buf) { if (!buf) return; buf[0] = u >> 24; buf[1] = u >> 16; - buf[2] = u >> 8; - buf[3] = u ; + buf[2] = u >> 8; + buf[3] = u; } /** @@ -70,8 +70,8 @@ void cdk_strlist_free (cdk_strlist_t sl) { cdk_strlist_t sl2; - - for(; sl; sl = sl2) + + for (; sl; sl = sl2) { sl2 = sl->next; cdk_free (sl); @@ -87,13 +87,13 @@ cdk_strlist_free (cdk_strlist_t sl) * Add the given list to the string list. **/ cdk_strlist_t -cdk_strlist_add (cdk_strlist_t *list, const char *string) +cdk_strlist_add (cdk_strlist_t * list, const char *string) { cdk_strlist_t sl; - + if (!string) return NULL; - + sl = cdk_calloc (1, sizeof *sl + strlen (string) + 1); if (!sl) return NULL; @@ -126,27 +126,27 @@ cdk_strlist_next (cdk_strlist_t root, const char **r_str) } -const char* +const char * _cdk_memistr (const char *buf, size_t buflen, const char *sub) { const byte *t, *s; size_t n; - - for (t = (byte*)buf, n = buflen, s = (byte*)sub ; n ; t++, n--) + + for (t = (byte *) buf, n = buflen, s = (byte *) sub; n; t++, n--) { - if (toupper (*t) == toupper (*s)) + if (toupper (*t) == toupper (*s)) { for (buf = t++, buflen = n--, s++; - n && toupper (*t) == toupper ((byte)*s); t++, s++, n--) + n && toupper (*t) == toupper ((byte) * s); t++, s++, n--) ; if (!*s) return buf; - t = (byte*)buf; + t = (byte *) buf; n = buflen; - s = (byte*)sub; - } + s = (byte *) sub; + } } - + return NULL; } @@ -155,8 +155,10 @@ _cdk_map_gnutls_error (int err) { switch (err) { - case 0: return CDK_Success; - case GNUTLS_E_INVALID_REQUEST: return CDK_Inv_Value; + case 0: + return CDK_Success; + case GNUTLS_E_INVALID_REQUEST: + return CDK_Inv_Value; default: return CDK_General_Error; } @@ -168,11 +170,10 @@ void _cdk_trim_string (char *s, int canon) { while (s && *s && - (s[strlen (s)-1] == '\t' || - s[strlen (s)-1] == '\r' || - s[strlen (s)-1] == '\n' || - s[strlen (s)-1] == ' ')) - s[strlen (s) -1] = '\0'; + (s[strlen (s) - 1] == '\t' || + s[strlen (s) - 1] == '\r' || + s[strlen (s) - 1] == '\n' || s[strlen (s) - 1] == ' ')) + s[strlen (s) - 1] = '\0'; if (canon) strcat (s, "\r\n"); } @@ -182,7 +183,7 @@ int _cdk_check_args (int overwrite, const char *in, const char *out) { struct stat stbuf; - + if (!in || !out) return CDK_Inv_Value; if (strlen (in) == strlen (out) && strcmp (in, out) == 0) @@ -205,19 +206,19 @@ _cdk_tmpfile (void) char buf[512], rnd[24]; FILE *fp; int fd, i; - - _gnutls_rnd( GNUTLS_RND_NONCE, rnd, DIM(rnd)); - for (i=0; i < DIM (rnd)-1; i++) + + _gnutls_rnd (GNUTLS_RND_NONCE, rnd, DIM (rnd)); + for (i = 0; i < DIM (rnd) - 1; i++) { - char c = letters[(unsigned char)rnd[i] % 26]; + char c = letters[(unsigned char) rnd[i] % 26]; rnd[i] = c; } - rnd[DIM (rnd)-1]=0; + rnd[DIM (rnd) - 1] = 0; if (!GetTempPath (464, buf)) return NULL; strcat (buf, "_cdk_"); strcat (buf, rnd); - + /* We need to make sure the file will be deleted when it is closed. */ fd = _open (buf, _O_CREAT | _O_EXCL | _O_TEMPORARY | _O_RDWR | _O_BINARY, _S_IREAD | _S_IWRITE); @@ -230,66 +231,72 @@ _cdk_tmpfile (void) return NULL; } #else -FILE* +FILE * _cdk_tmpfile (void) { return tmpfile (); } #endif -int _gnutls_hash_algo_to_pgp(int algo) +int +_gnutls_hash_algo_to_pgp (int algo) { - switch(algo) { - case GNUTLS_DIG_MD5: - return 0x01; - case GNUTLS_DIG_MD2: - return 0x05; - case GNUTLS_DIG_SHA1: - return 0x02; - case GNUTLS_DIG_RMD160: - return 0x03; - case GNUTLS_DIG_SHA256: - return 0x08; - case GNUTLS_DIG_SHA384: - return 0x09; - case GNUTLS_DIG_SHA512: - return 0x0A; - case GNUTLS_DIG_SHA224: - return 0x0B; - default: - gnutls_assert(); - return 0x00; + switch (algo) + { + case GNUTLS_DIG_MD5: + return 0x01; + case GNUTLS_DIG_MD2: + return 0x05; + case GNUTLS_DIG_SHA1: + return 0x02; + case GNUTLS_DIG_RMD160: + return 0x03; + case GNUTLS_DIG_SHA256: + return 0x08; + case GNUTLS_DIG_SHA384: + return 0x09; + case GNUTLS_DIG_SHA512: + return 0x0A; + case GNUTLS_DIG_SHA224: + return 0x0B; + default: + gnutls_assert (); + return 0x00; } } -int _pgp_hash_algo_to_gnutls(int algo) +int +_pgp_hash_algo_to_gnutls (int algo) { - switch(algo) { - case 0x01: - return GNUTLS_DIG_MD5; - case 0x02: - return GNUTLS_DIG_SHA1; - case 0x03: - return GNUTLS_DIG_RMD160; - case 0x05: - return GNUTLS_DIG_MD2; - case 0x08: - return GNUTLS_DIG_SHA256; - case 0x09: - return GNUTLS_DIG_SHA384; - case 0x0A: - return GNUTLS_DIG_SHA512; - case 0x0B: - return GNUTLS_DIG_SHA224; - default: - gnutls_assert(); - return GNUTLS_DIG_NULL; + switch (algo) + { + case 0x01: + return GNUTLS_DIG_MD5; + case 0x02: + return GNUTLS_DIG_SHA1; + case 0x03: + return GNUTLS_DIG_RMD160; + case 0x05: + return GNUTLS_DIG_MD2; + case 0x08: + return GNUTLS_DIG_SHA256; + case 0x09: + return GNUTLS_DIG_SHA384; + case 0x0A: + return GNUTLS_DIG_SHA512; + case 0x0B: + return GNUTLS_DIG_SHA224; + default: + gnutls_assert (); + return GNUTLS_DIG_NULL; } } -int _pgp_cipher_to_gnutls(int cipher) +int +_pgp_cipher_to_gnutls (int cipher) { - switch (cipher) { + switch (cipher) + { case 1: return GNUTLS_CIPHER_IDEA_PGP_CFB; case 2: @@ -308,37 +315,39 @@ int _pgp_cipher_to_gnutls(int cipher) return GNUTLS_CIPHER_AES256_PGP_CFB; case 10: return GNUTLS_CIPHER_TWOFISH_PGP_CFB; - + default: - gnutls_assert(); + gnutls_assert (); return GNUTLS_CIPHER_NULL; - } + } } -int _gnutls_cipher_to_pgp(int cipher) +int +_gnutls_cipher_to_pgp (int cipher) { - switch (cipher) { - + switch (cipher) + { + case GNUTLS_CIPHER_IDEA_PGP_CFB: - return 1; + return 1; case GNUTLS_CIPHER_3DES_PGP_CFB: - return 2; + return 2; case GNUTLS_CIPHER_CAST5_PGP_CFB: - return 3; + return 3; case GNUTLS_CIPHER_BLOWFISH_PGP_CFB: - return 4; + return 4; case GNUTLS_CIPHER_SAFER_SK128_PGP_CFB: - return 5; + return 5; case GNUTLS_CIPHER_AES128_PGP_CFB: - return 7; + return 7; case GNUTLS_CIPHER_AES192_PGP_CFB: - return 8; + return 8; case GNUTLS_CIPHER_AES256_PGP_CFB: - return 9; + return 9; case GNUTLS_CIPHER_TWOFISH_PGP_CFB: - return 10; + return 10; default: - gnutls_assert(); + gnutls_assert (); return 0; - } + } } diff --git a/lib/opencdk/new-packet.c b/lib/opencdk/new-packet.c index 497ac9f8df..39b4cef31d 100644 --- a/lib/opencdk/new-packet.c +++ b/lib/opencdk/new-packet.c @@ -35,9 +35,9 @@ /* Release an array of MPI values. */ void -_cdk_free_mpibuf (size_t n, bigint_t *array) +_cdk_free_mpibuf (size_t n, bigint_t * array) { - while (n--) + while (n--) { _gnutls_mpi_release (&array[n]); } @@ -51,10 +51,10 @@ _cdk_free_mpibuf (size_t n, bigint_t *array) * Allocate a new packet. **/ cdk_error_t -cdk_pkt_new (cdk_packet_t *r_pkt) +cdk_pkt_new (cdk_packet_t * r_pkt) { cdk_packet_t pkt; - + if (!r_pkt) return CDK_Inv_Value; pkt = cdk_calloc (1, sizeof *pkt); @@ -69,10 +69,10 @@ static void free_pubkey_enc (cdk_pkt_pubkey_enc_t enc) { size_t nenc; - + if (!enc) return; - + nenc = cdk_pk_get_nenc (enc->pubkey_algo); _cdk_free_mpibuf (nenc, enc->mpi); cdk_free (enc); @@ -95,11 +95,11 @@ _cdk_free_userid (cdk_pkt_userid_t uid) { if (!uid) return; - + cdk_free (uid->prefs); uid->prefs = NULL; cdk_free (uid->attrib_img); - uid->attrib_img = NULL; + uid->attrib_img = NULL; cdk_free (uid); } @@ -109,10 +109,10 @@ _cdk_free_signature (cdk_pkt_signature_t sig) { cdk_desig_revoker_t r; size_t nsig; - + if (!sig) return; - + nsig = cdk_pk_get_nsig (sig->pubkey_algo); _cdk_free_mpibuf (nsig, sig->mpi); @@ -134,10 +134,10 @@ void cdk_pk_release (cdk_pubkey_t pk) { size_t npkey; - + if (!pk) return; - + npkey = cdk_pk_get_npkey (pk->pubkey_algo); _cdk_free_userid (pk->uid); pk->uid = NULL; @@ -152,10 +152,10 @@ void cdk_sk_release (cdk_seckey_t sk) { size_t nskey; - + if (!sk) return; - + nskey = cdk_pk_get_nskey (sk->pubkey_algo); _cdk_free_mpibuf (nskey, sk->mpi); cdk_free (sk->encdata); @@ -180,22 +180,22 @@ _cdk_pkt_detach_free (cdk_packet_t pkt, int *r_pkttype, void **ctx) case CDK_PKT_PUBLIC_SUBKEY: *ctx = pkt->pkt.public_key; break; - + case CDK_PKT_SECRET_KEY: case CDK_PKT_SECRET_SUBKEY: *ctx = pkt->pkt.secret_key; break; - + default: *r_pkttype = 0; return; } - + /* The caller might expect a specific packet type and is not interested to store it for later use. */ if (r_pkttype) *r_pkttype = pkt->pkttype; - + cdk_free (pkt); } @@ -205,24 +205,43 @@ cdk_pkt_free (cdk_packet_t pkt) { if (!pkt) return; - - switch (pkt->pkttype) + + switch (pkt->pkttype) { - case CDK_PKT_ATTRIBUTE : - case CDK_PKT_USER_ID : _cdk_free_userid (pkt->pkt.user_id); break; - case CDK_PKT_PUBLIC_KEY : - case CDK_PKT_PUBLIC_SUBKEY: cdk_pk_release (pkt->pkt.public_key); break; - case CDK_PKT_SECRET_KEY : - case CDK_PKT_SECRET_SUBKEY: cdk_sk_release (pkt->pkt.secret_key); break; - case CDK_PKT_SIGNATURE : _cdk_free_signature (pkt->pkt.signature);break; - case CDK_PKT_PUBKEY_ENC : free_pubkey_enc (pkt->pkt.pubkey_enc); break; - case CDK_PKT_MDC : cdk_free (pkt->pkt.mdc); break; - case CDK_PKT_ONEPASS_SIG : cdk_free (pkt->pkt.onepass_sig); break; - case CDK_PKT_LITERAL : free_literal (pkt->pkt.literal); break; - case CDK_PKT_COMPRESSED : cdk_free (pkt->pkt.compressed); break; - default : break; + case CDK_PKT_ATTRIBUTE: + case CDK_PKT_USER_ID: + _cdk_free_userid (pkt->pkt.user_id); + break; + case CDK_PKT_PUBLIC_KEY: + case CDK_PKT_PUBLIC_SUBKEY: + cdk_pk_release (pkt->pkt.public_key); + break; + case CDK_PKT_SECRET_KEY: + case CDK_PKT_SECRET_SUBKEY: + cdk_sk_release (pkt->pkt.secret_key); + break; + case CDK_PKT_SIGNATURE: + _cdk_free_signature (pkt->pkt.signature); + break; + case CDK_PKT_PUBKEY_ENC: + free_pubkey_enc (pkt->pkt.pubkey_enc); + break; + case CDK_PKT_MDC: + cdk_free (pkt->pkt.mdc); + break; + case CDK_PKT_ONEPASS_SIG: + cdk_free (pkt->pkt.onepass_sig); + break; + case CDK_PKT_LITERAL: + free_literal (pkt->pkt.literal); + break; + case CDK_PKT_COMPRESSED: + cdk_free (pkt->pkt.compressed); + break; + default: + break; } - + /* Reset the packet type to avoid, when cdk_pkt_release() will be used, that the second cdk_pkt_free() call will double free the data. */ pkt->pkttype = 0; @@ -254,33 +273,33 @@ cdk_pkt_release (cdk_packet_t pkt) * Allocate a new packet structure with the given packet type. **/ cdk_error_t -cdk_pkt_alloc (cdk_packet_t *r_pkt, cdk_packet_type_t pkttype) +cdk_pkt_alloc (cdk_packet_t * r_pkt, cdk_packet_type_t pkttype) { cdk_packet_t pkt; int rc; if (!r_pkt) return CDK_Inv_Value; - + rc = cdk_pkt_new (&pkt); if (rc) return rc; - switch (pkttype) + switch (pkttype) { case CDK_PKT_USER_ID: pkt->pkt.user_id = cdk_calloc (1, sizeof pkt->pkt.user_id); if (!pkt->pkt.user_id) return CDK_Out_Of_Core; break; - + case CDK_PKT_PUBLIC_KEY: case CDK_PKT_PUBLIC_SUBKEY: pkt->pkt.public_key = cdk_calloc (1, sizeof *pkt->pkt.public_key); if (!pkt->pkt.public_key) return CDK_Out_Of_Core; break; - + case CDK_PKT_SECRET_KEY: case CDK_PKT_SECRET_SUBKEY: pkt->pkt.secret_key = cdk_calloc (1, sizeof *pkt->pkt.secret_key); @@ -289,34 +308,34 @@ cdk_pkt_alloc (cdk_packet_t *r_pkt, cdk_packet_type_t pkttype) if (!pkt->pkt.secret_key || !pkt->pkt.secret_key->pk) return CDK_Out_Of_Core; break; - + case CDK_PKT_SIGNATURE: pkt->pkt.signature = cdk_calloc (1, sizeof *pkt->pkt.signature); if (!pkt->pkt.signature) return CDK_Out_Of_Core; break; - + case CDK_PKT_PUBKEY_ENC: pkt->pkt.pubkey_enc = cdk_calloc (1, sizeof *pkt->pkt.pubkey_enc); if (!pkt->pkt.pubkey_enc) return CDK_Out_Of_Core; break; - + case CDK_PKT_MDC: pkt->pkt.mdc = cdk_calloc (1, sizeof *pkt->pkt.mdc); if (!pkt->pkt.mdc) return CDK_Out_Of_Core; break; - + case CDK_PKT_ONEPASS_SIG: pkt->pkt.onepass_sig = cdk_calloc (1, sizeof *pkt->pkt.onepass_sig); if (!pkt->pkt.onepass_sig) return CDK_Out_Of_Core; break; - + case CDK_PKT_LITERAL: /* FIXME: We would need the size of the file name to allocate extra - bytes, otherwise the result would be useless. */ + bytes, otherwise the result would be useless. */ pkt->pkt.literal = cdk_calloc (1, sizeof *pkt->pkt.literal); if (!pkt->pkt.literal) return CDK_Out_Of_Core; @@ -333,34 +352,34 @@ _cdk_copy_prefs (const cdk_prefitem_t prefs) { size_t n = 0; struct cdk_prefitem_s *new_prefs; - + if (!prefs) return NULL; - + for (n = 0; prefs[n].type; n++) ; new_prefs = cdk_calloc (1, sizeof *new_prefs * (n + 1)); if (!new_prefs) return NULL; - for (n = 0; prefs[n].type; n++) - { + for (n = 0; prefs[n].type; n++) + { new_prefs[n].type = prefs[n].type; new_prefs[n].value = prefs[n].value; } new_prefs[n].type = CDK_PREFTYPE_NONE; - new_prefs[n].value = 0; + new_prefs[n].value = 0; return new_prefs; } cdk_error_t -_cdk_copy_userid (cdk_pkt_userid_t* dst, cdk_pkt_userid_t src) +_cdk_copy_userid (cdk_pkt_userid_t * dst, cdk_pkt_userid_t src) { cdk_pkt_userid_t u; - + if (!dst || !src) return CDK_Inv_Value; - + *dst = NULL; u = cdk_calloc (1, sizeof *u + strlen (src->name) + 1); if (!u) @@ -371,20 +390,20 @@ _cdk_copy_userid (cdk_pkt_userid_t* dst, cdk_pkt_userid_t src) if (src->selfsig) _cdk_copy_signature (&u->selfsig, src->selfsig); *dst = u; - + return 0; } cdk_error_t -_cdk_copy_pubkey (cdk_pkt_pubkey_t* dst, cdk_pkt_pubkey_t src) +_cdk_copy_pubkey (cdk_pkt_pubkey_t * dst, cdk_pkt_pubkey_t src) { cdk_pkt_pubkey_t k; int i; - + if (!dst || !src) return CDK_Inv_Value; - + *dst = NULL; k = cdk_calloc (1, sizeof *k); if (!k) @@ -397,42 +416,42 @@ _cdk_copy_pubkey (cdk_pkt_pubkey_t* dst, cdk_pkt_pubkey_t src) for (i = 0; i < cdk_pk_get_npkey (src->pubkey_algo); i++) k->mpi[i] = _gnutls_mpi_copy (src->mpi[i]); *dst = k; - + return 0; } cdk_error_t -_cdk_copy_seckey (cdk_pkt_seckey_t* dst, cdk_pkt_seckey_t src) +_cdk_copy_seckey (cdk_pkt_seckey_t * dst, cdk_pkt_seckey_t src) { cdk_pkt_seckey_t k; int i; - + if (!dst || !src) return CDK_Inv_Value; - + *dst = NULL; k = cdk_calloc (1, sizeof *k); if (!k) return CDK_Out_Of_Core; memcpy (k, src, sizeof *k); _cdk_copy_pubkey (&k->pk, src->pk); - - if (src->encdata) + + if (src->encdata) { k->encdata = cdk_calloc (1, src->enclen + 1); if (!k->encdata) return CDK_Out_Of_Core; memcpy (k->encdata, src->encdata, src->enclen); } - + _cdk_s2k_copy (&k->protect.s2k, src->protect.s2k); - for (i = 0; i < cdk_pk_get_nskey (src->pubkey_algo); i++) + for (i = 0; i < cdk_pk_get_nskey (src->pubkey_algo); i++) { k->mpi[i] = _gnutls_mpi_copy (src->mpi[i]); } - - *dst = k; + + *dst = k; return 0; } @@ -442,17 +461,17 @@ _cdk_copy_pk_to_sk (cdk_pkt_pubkey_t pk, cdk_pkt_seckey_t sk) { if (!pk || !sk) return CDK_Inv_Value; - + sk->version = pk->version; sk->expiredate = pk->expiredate; - sk->pubkey_algo = _pgp_pub_algo_to_cdk(pk->pubkey_algo); + sk->pubkey_algo = _pgp_pub_algo_to_cdk (pk->pubkey_algo); sk->has_expired = pk->has_expired; sk->is_revoked = pk->is_revoked; sk->main_keyid[0] = pk->main_keyid[0]; sk->main_keyid[1] = pk->main_keyid[1]; sk->keyid[0] = pk->keyid[0]; sk->keyid[1] = pk->keyid[1]; - + return 0; } @@ -461,7 +480,7 @@ cdk_error_t _cdk_copy_signature (cdk_pkt_signature_t * dst, cdk_pkt_signature_t src) { cdk_pkt_signature_t s; - + if (!dst || !src) return CDK_Inv_Value; @@ -474,7 +493,7 @@ _cdk_copy_signature (cdk_pkt_signature_t * dst, cdk_pkt_signature_t src) _cdk_subpkt_copy (&s->unhashed, src->unhashed); /* FIXME: Copy MPI parts */ *dst = s; - + return 0; } @@ -483,7 +502,7 @@ cdk_error_t _cdk_pubkey_compare (cdk_pkt_pubkey_t a, cdk_pkt_pubkey_t b) { int na, nb, i; - + if (a->timestamp != b->timestamp || a->pubkey_algo != b->pubkey_algo) return -1; if (a->version < 4 && a->expiredate != b->expiredate) @@ -492,13 +511,13 @@ _cdk_pubkey_compare (cdk_pkt_pubkey_t a, cdk_pkt_pubkey_t b) nb = cdk_pk_get_npkey (b->pubkey_algo); if (na != nb) return -1; - - for (i = 0; i < na; i++) + + for (i = 0; i < na; i++) { if (_gnutls_mpi_cmp (a->mpi[i], b->mpi[i])) return -1; } - + return 0; } @@ -513,7 +532,7 @@ void cdk_subpkt_free (cdk_subpkt_t ctx) { cdk_subpkt_t s; - + while (ctx) { s = ctx->next; @@ -549,14 +568,14 @@ cdk_subpkt_type_count (cdk_subpkt_t ctx, size_t type) { cdk_subpkt_t s; size_t count; - + count = 0; for (s = ctx; s; s = s->next) { if (s->type == type) count++; } - + return count; } @@ -574,14 +593,14 @@ cdk_subpkt_find_nth (cdk_subpkt_t ctx, size_t type, size_t idx) { cdk_subpkt_t s; size_t pos; - + pos = 0; for (s = ctx; s; s = s->next) { if (s->type == type && pos++ == idx) return s; } - + return NULL; } @@ -596,7 +615,7 @@ cdk_subpkt_t cdk_subpkt_new (size_t size) { cdk_subpkt_t s; - + if (!size) return NULL; s = cdk_calloc (1, sizeof *s + size + 1); @@ -615,8 +634,8 @@ cdk_subpkt_new (size_t size) * Extract the data from the given sub packet. The type is returned * in @r_type and the size in @r_nbytes. **/ -const byte* -cdk_subpkt_get_data (cdk_subpkt_t ctx, size_t *r_type, size_t *r_nbytes) +const byte * +cdk_subpkt_get_data (cdk_subpkt_t ctx, size_t * r_type, size_t * r_nbytes) { if (!ctx || !r_nbytes) return NULL; @@ -648,59 +667,59 @@ cdk_subpkt_add (cdk_subpkt_t root, cdk_subpkt_t node) } -byte* -_cdk_subpkt_get_array (cdk_subpkt_t s, int count, size_t *r_nbytes) +byte * +_cdk_subpkt_get_array (cdk_subpkt_t s, int count, size_t * r_nbytes) { cdk_subpkt_t list; byte *buf; size_t n, nbytes; - - if (!s) + + if (!s) { if (r_nbytes) *r_nbytes = 0; return NULL; } - + for (n = 0, list = s; list; list = list->next) { - n++; /* type */ + n++; /* type */ n += list->size; if (list->size < 192) n++; else if (list->size < 8384) n += 2; - else + else n += 5; } - buf = cdk_calloc (1, n+1); + buf = cdk_calloc (1, n + 1); if (!buf) return NULL; n = 0; for (list = s; list; list = list->next) { - nbytes = 1 + list->size; /* type */ + nbytes = 1 + list->size; /* type */ if (nbytes < 192) buf[n++] = nbytes; else if (nbytes < 8384) { buf[n++] = nbytes / 256 + 192; buf[n++] = nbytes % 256; - } + } else { buf[n++] = 0xFF; buf[n++] = nbytes >> 24; buf[n++] = nbytes >> 16; - buf[n++] = nbytes >> 8; + buf[n++] = nbytes >> 8; buf[n++] = nbytes; - } + } buf[n++] = list->type; memcpy (buf + n, list->d, list->size); n += list->size; } - + if (count) { cdk_free (buf); @@ -713,23 +732,23 @@ _cdk_subpkt_get_array (cdk_subpkt_t s, int count, size_t *r_nbytes) cdk_error_t -_cdk_subpkt_copy (cdk_subpkt_t *r_dst, cdk_subpkt_t src) +_cdk_subpkt_copy (cdk_subpkt_t * r_dst, cdk_subpkt_t src) { cdk_subpkt_t root, p, node; - + if (!src || !r_dst) return CDK_Inv_Value; - + root = NULL; - for (p = src; p; p = p->next) + for (p = src; p; p = p->next) { node = cdk_subpkt_new (p->size); - if (node) + if (node) { memcpy (node->d, p->d, p->size); node->type = p->type; node->size = p->size; - } + } if (!root) root = node; else @@ -750,11 +769,11 @@ _cdk_subpkt_copy (cdk_subpkt_t *r_dst, cdk_subpkt_t src) * Set the packet data of the given root and set the type of it. **/ void -cdk_subpkt_init (cdk_subpkt_t node, size_t type, +cdk_subpkt_init (cdk_subpkt_t node, size_t type, const void *buf, size_t buflen) { if (!node) - return; + return; node->type = type; node->size = buflen; memcpy (node->d, buf, buflen); @@ -762,31 +781,31 @@ cdk_subpkt_init (cdk_subpkt_t node, size_t type, /* FIXME: We need to think of a public interface for it. */ -const byte* +const byte * cdk_key_desig_revoker_walk (cdk_desig_revoker_t root, - cdk_desig_revoker_t * ctx, - int *r_class, int *r_algid) + cdk_desig_revoker_t * ctx, + int *r_class, int *r_algid) { cdk_desig_revoker_t n; - - if (! *ctx) + + if (!*ctx) { *ctx = root; n = root; } - else + else { n = (*ctx)->next; *ctx = n; } - + if (n && r_class && r_algid) { *r_class = n->r_class; *r_algid = n->algid; } - - return n? n->fpr : NULL; + + return n ? n->fpr : NULL; } @@ -802,7 +821,7 @@ cdk_subpkt_t cdk_subpkt_find_next (cdk_subpkt_t root, size_t type) { cdk_subpkt_t node; - + for (node = root->next; node; node = node->next) { if (!type) @@ -810,6 +829,6 @@ cdk_subpkt_find_next (cdk_subpkt_t root, size_t type) else if (node->type == type) return node; } - + return NULL; } diff --git a/lib/opencdk/pubkey.c b/lib/opencdk/pubkey.c index 0384e00563..7ac32a9d64 100644 --- a/lib/opencdk/pubkey.c +++ b/lib/opencdk/pubkey.c @@ -35,24 +35,24 @@ * them into a way for _gnutls_pk_verify to use. */ static cdk_error_t -sig_to_datum (gnutls_datum_t *r_sig, cdk_pkt_signature_t sig) +sig_to_datum (gnutls_datum_t * r_sig, cdk_pkt_signature_t sig) { int err; cdk_error_t rc; - + if (!r_sig || !sig) - return CDK_Inv_Value; - + return CDK_Inv_Value; + rc = 0; - if (is_RSA (sig->pubkey_algo)) + if (is_RSA (sig->pubkey_algo)) { - err = _gnutls_mpi_dprint( sig->mpi[0], r_sig); + err = _gnutls_mpi_dprint (sig->mpi[0], r_sig); if (err < 0) rc = map_gnutls_error (err); } else if (is_DSA (sig->pubkey_algo)) { - err = _gnutls_encode_ber_rs( r_sig, sig->mpi[0], sig->mpi[1]); + err = _gnutls_encode_ber_rs (r_sig, sig->mpi[0], sig->mpi[1]); if (err < 0) rc = map_gnutls_error (err); } @@ -70,7 +70,7 @@ sig_to_datum (gnutls_datum_t *r_sig, cdk_pkt_signature_t sig) * Verify the signature in @sig and compare it with the message digest in @md. **/ cdk_error_t -cdk_pk_verify (cdk_pubkey_t pk, cdk_pkt_signature_t sig, const byte *md) +cdk_pk_verify (cdk_pubkey_t pk, cdk_pkt_signature_t sig, const byte * md) { gnutls_datum s_sig; byte *encmd = NULL; @@ -80,51 +80,56 @@ cdk_pk_verify (cdk_pubkey_t pk, cdk_pkt_signature_t sig, const byte *md) gnutls_datum data; gnutls_pk_params_st params; - if (!pk || !sig || !md) { - gnutls_assert(); - return CDK_Inv_Value; - } - - if (is_DSA (pk->pubkey_algo)) algo = GNUTLS_PK_DSA; - else if (is_RSA( pk->pubkey_algo)) algo = GNUTLS_PK_RSA; - else + if (!pk || !sig || !md) + { + gnutls_assert (); + return CDK_Inv_Value; + } + + if (is_DSA (pk->pubkey_algo)) + algo = GNUTLS_PK_DSA; + else if (is_RSA (pk->pubkey_algo)) + algo = GNUTLS_PK_RSA; + else { - gnutls_assert(); + gnutls_assert (); return CDK_Inv_Value; } - + rc = sig_to_datum (&s_sig, sig); - if (rc) { - gnutls_assert(); - goto leave; - } - + if (rc) + { + gnutls_assert (); + goto leave; + } + rc = _cdk_digest_encode_pkcs1 (&encmd, &enclen, pk->pubkey_algo, md, sig->digest_algo, cdk_pk_get_nbits (pk)); - if (rc) { - gnutls_assert(); - goto leave; - } - + if (rc) + { + gnutls_assert (); + goto leave; + } + data.data = encmd; data.size = enclen; params.params = pk->mpi; - params.params_nr = cdk_pk_get_npkey( pk->pubkey_algo); + params.params_nr = cdk_pk_get_npkey (pk->pubkey_algo); params.flags = 0; - ret = _gnutls_pk_verify( algo, &data, &s_sig, ¶ms); - - if (ret < 0) + ret = _gnutls_pk_verify (algo, &data, &s_sig, ¶ms); + + if (ret < 0) { - gnutls_assert(); - rc = map_gnutls_error( ret); + gnutls_assert (); + rc = map_gnutls_error (ret); goto leave; } - + rc = 0; - - leave: - _gnutls_free_datum( &s_sig); + +leave: + _gnutls_free_datum (&s_sig); cdk_free (encmd); return rc; } @@ -158,13 +163,17 @@ cdk_pk_get_nbits (cdk_pubkey_t pk) int cdk_pk_get_npkey (int algo) { - if (is_RSA(algo)) return RSA_PUBLIC_PARAMS; - else if (is_DSA(algo)) return DSA_PUBLIC_PARAMS; - else if (is_ELG(algo)) return 3; - else { - gnutls_assert(); + if (is_RSA (algo)) + return RSA_PUBLIC_PARAMS; + else if (is_DSA (algo)) + return DSA_PUBLIC_PARAMS; + else if (is_ELG (algo)) + return 3; + else + { + gnutls_assert (); return 0; - } + } } @@ -178,17 +187,21 @@ cdk_pk_get_npkey (int algo) int cdk_pk_get_nskey (int algo) { -int ret; - - if (is_RSA(algo)) ret = RSA_PRIVATE_PARAMS; - else if (is_DSA(algo)) ret = DSA_PRIVATE_PARAMS; - else if (is_ELG(algo)) ret = 4; - else { - gnutls_assert(); + int ret; + + if (is_RSA (algo)) + ret = RSA_PRIVATE_PARAMS; + else if (is_DSA (algo)) + ret = DSA_PRIVATE_PARAMS; + else if (is_ELG (algo)) + ret = 4; + else + { + gnutls_assert (); return 0; - } - - ret -= cdk_pk_get_npkey(algo); + } + + ret -= cdk_pk_get_npkey (algo); return ret; } @@ -202,9 +215,12 @@ int ret; int cdk_pk_get_nsig (int algo) { - if (is_RSA(algo)) return 1; - else if (is_DSA(algo)) return 2; - else return 0; + if (is_RSA (algo)) + return 1; + else if (is_DSA (algo)) + return 2; + else + return 0; } @@ -217,9 +233,12 @@ cdk_pk_get_nsig (int algo) int cdk_pk_get_nenc (int algo) { - if (is_RSA(algo)) return 1; - else if (is_ELG(algo)) return 2; - else return 0; + if (is_RSA (algo)) + return 1; + else if (is_ELG (algo)) + return 2; + else + return 0; } @@ -231,46 +250,59 @@ _cdk_pk_algo_usage (int algo) /* The ElGamal sign+encrypt algorithm is not supported any longer. */ switch (algo) { - case CDK_PK_RSA : usage = CDK_KEY_USG_SIGN | CDK_KEY_USG_ENCR; break; - case CDK_PK_RSA_E: usage = CDK_KEY_USG_ENCR; break; - case CDK_PK_RSA_S: usage = CDK_KEY_USG_SIGN; break; - case CDK_PK_ELG_E: usage = CDK_KEY_USG_ENCR; break; - case CDK_PK_DSA : usage = CDK_KEY_USG_SIGN; break; - default: usage = 0; + case CDK_PK_RSA: + usage = CDK_KEY_USG_SIGN | CDK_KEY_USG_ENCR; + break; + case CDK_PK_RSA_E: + usage = CDK_KEY_USG_ENCR; + break; + case CDK_PK_RSA_S: + usage = CDK_KEY_USG_SIGN; + break; + case CDK_PK_ELG_E: + usage = CDK_KEY_USG_ENCR; + break; + case CDK_PK_DSA: + usage = CDK_KEY_USG_SIGN; + break; + default: + usage = 0; } - return usage; + return usage; } /* You can use a NULL buf to get the output size only */ static cdk_error_t -mpi_to_buffer (bigint_t a, byte *buf, size_t buflen, - size_t *r_nwritten, size_t *r_nbits) +mpi_to_buffer (bigint_t a, byte * buf, size_t buflen, + size_t * r_nwritten, size_t * r_nbits) { size_t nbits; int err; - - if (!a || !r_nwritten) { - gnutls_assert(); - return CDK_Inv_Value; - } - + + if (!a || !r_nwritten) + { + gnutls_assert (); + return CDK_Inv_Value; + } + nbits = _gnutls_mpi_get_nbits (a); if (r_nbits) *r_nbits = nbits; if (r_nwritten) - *r_nwritten = (nbits+7)/8+2; + *r_nwritten = (nbits + 7) / 8 + 2; - if ((nbits+7)/8+2 > buflen) + if ((nbits + 7) / 8 + 2 > buflen) return CDK_Too_Short; *r_nwritten = buflen; err = _gnutls_mpi_print (a, buf, r_nwritten); - if (err < 0) { - gnutls_assert(); - return map_gnutls_error(err); - } + if (err < 0) + { + gnutls_assert (); + return map_gnutls_error (err); + } return 0; } @@ -288,12 +320,13 @@ mpi_to_buffer (bigint_t a, byte *buf, size_t buflen, **/ cdk_error_t cdk_pk_get_mpi (cdk_pubkey_t pk, size_t idx, - byte *buf, size_t buflen, size_t *r_nwritten, size_t *r_nbits) + byte * buf, size_t buflen, size_t * r_nwritten, + size_t * r_nbits) { if (!pk || !r_nwritten) return CDK_Inv_Value; - if ((ssize_t)idx > cdk_pk_get_npkey (pk->pubkey_algo)) + if ((ssize_t) idx > cdk_pk_get_npkey (pk->pubkey_algo)) return CDK_Inv_Value; return mpi_to_buffer (pk->mpi[idx], buf, buflen, r_nwritten, r_nbits); } @@ -313,12 +346,13 @@ cdk_pk_get_mpi (cdk_pubkey_t pk, size_t idx, **/ cdk_error_t cdk_sk_get_mpi (cdk_pkt_seckey_t sk, size_t idx, - byte *buf, size_t buflen, size_t *r_nwritten, size_t *r_nbits) + byte * buf, size_t buflen, size_t * r_nwritten, + size_t * r_nbits) { if (!sk || !r_nwritten) return CDK_Inv_Value; - if ((ssize_t)idx > cdk_pk_get_nskey (sk->pubkey_algo)) + if ((ssize_t) idx > cdk_pk_get_nskey (sk->pubkey_algo)) return CDK_Inv_Value; return mpi_to_buffer (sk->mpi[idx], buf, buflen, r_nwritten, r_nbits); } @@ -327,17 +361,17 @@ cdk_sk_get_mpi (cdk_pkt_seckey_t sk, size_t idx, static u16 checksum_mpi (bigint_t m) { - byte buf[MAX_MPI_BYTES+2]; + byte buf[MAX_MPI_BYTES + 2]; size_t nread; unsigned int i; u16 chksum = 0; if (!m) return 0; - nread = DIM(buf); + nread = DIM (buf); if (_gnutls_mpi_print_pgp (m, buf, &nread) < 0) return 0; - for (i=0; i < nread; i++) + for (i = 0; i < nread; i++) chksum += buf[i]; return chksum; } @@ -350,7 +384,7 @@ checksum_mpi (bigint_t m) * Create a new public key from a secret key. **/ cdk_error_t -cdk_pk_from_secret_key (cdk_pkt_seckey_t sk, cdk_pubkey_t *ret_pk) +cdk_pk_from_secret_key (cdk_pkt_seckey_t sk, cdk_pubkey_t * ret_pk) { if (!sk) return CDK_Inv_Value; @@ -362,7 +396,7 @@ int _cdk_sk_get_csum (cdk_pkt_seckey_t sk) { u16 csum = 0, i; - + if (!sk) return 0; for (i = 0; i < cdk_pk_get_nskey (sk->pubkey_algo); i++) @@ -383,7 +417,7 @@ _cdk_sk_get_csum (cdk_pkt_seckey_t sk) * possible to avoid overflows. **/ cdk_error_t -cdk_pk_get_fingerprint (cdk_pubkey_t pk, byte *fpr) +cdk_pk_get_fingerprint (cdk_pubkey_t pk, byte * fpr) { digest_hd_st hd; int md_algo; @@ -392,9 +426,9 @@ cdk_pk_get_fingerprint (cdk_pubkey_t pk, byte *fpr) if (!pk || !fpr) return CDK_Inv_Value; - + if (pk->version < 4 && is_RSA (pk->pubkey_algo)) - md_algo = GNUTLS_DIG_MD5; /* special */ + md_algo = GNUTLS_DIG_MD5; /* special */ else md_algo = GNUTLS_DIG_SHA1; dlen = _gnutls_hash_get_algo_len (md_algo); @@ -402,7 +436,7 @@ cdk_pk_get_fingerprint (cdk_pubkey_t pk, byte *fpr) if (err < 0) return map_gnutls_error (err); _cdk_hash_pubkey (pk, &hd, 1); - _gnutls_hash_deinit( &hd, fpr); + _gnutls_hash_deinit (&hd, fpr); if (dlen == 16) memset (fpr + 16, 0, 4); return 0; @@ -420,34 +454,34 @@ cdk_pk_get_fingerprint (cdk_pubkey_t pk, byte *fpr) * return it in the given byte array. **/ cdk_error_t -cdk_pk_to_fingerprint (cdk_pubkey_t pk, - byte *fprbuf, size_t fprbuflen, size_t *r_nout) +cdk_pk_to_fingerprint (cdk_pubkey_t pk, + byte * fprbuf, size_t fprbuflen, size_t * r_nout) { size_t key_fprlen; cdk_error_t err; - + if (!pk) return CDK_Inv_Value; - + if (pk->version < 4) key_fprlen = 16; else key_fprlen = 20; - + /* Only return the required buffer size for the fingerprint. */ if (!fprbuf && !fprbuflen && r_nout) - { + { *r_nout = key_fprlen; return 0; } - + if (!fprbuf || key_fprlen > fprbuflen) return CDK_Too_Short; err = cdk_pk_get_fingerprint (pk, fprbuf); if (r_nout) *r_nout = key_fprlen; - + return err; } @@ -461,9 +495,9 @@ cdk_pk_to_fingerprint (cdk_pubkey_t pk, * For version 3 keys, this is not working. **/ u32 -cdk_pk_fingerprint_get_keyid (const byte *fpr, size_t fprlen, u32 *keyid) +cdk_pk_fingerprint_get_keyid (const byte * fpr, size_t fprlen, u32 * keyid) { - u32 lowbits = 0; + u32 lowbits = 0; /* In this case we say the key is a V3 RSA key and we can't use the fingerprint to get the keyid. */ @@ -493,22 +527,24 @@ cdk_pk_fingerprint_get_keyid (const byte *fpr, size_t fprlen, u32 *keyid) * Calculate the key ID of the given public key. **/ u32 -cdk_pk_get_keyid (cdk_pubkey_t pk, u32 *keyid) +cdk_pk_get_keyid (cdk_pubkey_t pk, u32 * keyid) { u32 lowbits = 0; byte buf[24]; - - if (pk && (!pk->keyid[0] || !pk->keyid[1])) + + if (pk && (!pk->keyid[0] || !pk->keyid[1])) { - if (pk->version < 4 && is_RSA (pk->pubkey_algo)) + if (pk->version < 4 && is_RSA (pk->pubkey_algo)) { byte p[MAX_MPI_BYTES]; size_t n; - + n = MAX_MPI_BYTES; _gnutls_mpi_print (pk->mpi[0], p, &n); - pk->keyid[0] = p[n-8] << 24 | p[n-7] << 16 | p[n-6] << 8 | p[n-5]; - pk->keyid[1] = p[n-4] << 24 | p[n-3] << 16 | p[n-2] << 8 | p[n-1]; + pk->keyid[0] = + p[n - 8] << 24 | p[n - 7] << 16 | p[n - 6] << 8 | p[n - 5]; + pk->keyid[1] = + p[n - 4] << 24 | p[n - 3] << 16 | p[n - 2] << 8 | p[n - 1]; } else if (pk->version == 4) { @@ -523,7 +559,7 @@ cdk_pk_get_keyid (cdk_pubkey_t pk, u32 *keyid) keyid[0] = pk->keyid[0]; keyid[1] = pk->keyid[1]; } - + return lowbits; } @@ -536,17 +572,17 @@ cdk_pk_get_keyid (cdk_pubkey_t pk, u32 *keyid) * Calculate the key ID of the secret key, actually the public key. **/ u32 -cdk_sk_get_keyid (cdk_pkt_seckey_t sk, u32 *keyid) +cdk_sk_get_keyid (cdk_pkt_seckey_t sk, u32 * keyid) { u32 lowbits = 0; - + if (sk && sk->pk) { lowbits = cdk_pk_get_keyid (sk->pk, keyid); sk->keyid[0] = sk->pk->keyid[0]; sk->keyid[1] = sk->pk->keyid[1]; } - + return lowbits; } @@ -559,10 +595,10 @@ cdk_sk_get_keyid (cdk_pkt_seckey_t sk, u32 *keyid) * Retrieve the key ID from the given signature. **/ u32 -cdk_sig_get_keyid (cdk_pkt_signature_t sig, u32 *keyid) +cdk_sig_get_keyid (cdk_pkt_signature_t sig, u32 * keyid) { u32 lowbits = sig ? sig->keyid[1] : 0; - + if (keyid && sig) { keyid[0] = sig->keyid[0]; @@ -575,55 +611,55 @@ cdk_sig_get_keyid (cdk_pkt_signature_t sig, u32 *keyid) /* Return the key ID from the given packet. If this is not possible, 0 is returned */ u32 -_cdk_pkt_get_keyid (cdk_packet_t pkt, u32 *keyid) +_cdk_pkt_get_keyid (cdk_packet_t pkt, u32 * keyid) { u32 lowbits; - + if (!pkt) return 0; - + switch (pkt->pkttype) { case CDK_PKT_PUBLIC_KEY: case CDK_PKT_PUBLIC_SUBKEY: lowbits = cdk_pk_get_keyid (pkt->pkt.public_key, keyid); break; - + case CDK_PKT_SECRET_KEY: case CDK_PKT_SECRET_SUBKEY: lowbits = cdk_sk_get_keyid (pkt->pkt.secret_key, keyid); break; - + case CDK_PKT_SIGNATURE: lowbits = cdk_sig_get_keyid (pkt->pkt.signature, keyid); break; - + default: lowbits = 0; break; } - + return lowbits; } /* Get the fingerprint of the packet if possible. */ int -_cdk_pkt_get_fingerprint (cdk_packet_t pkt, byte *fpr) +_cdk_pkt_get_fingerprint (cdk_packet_t pkt, byte * fpr) { if (!pkt || !fpr) return CDK_Inv_Value; - + switch (pkt->pkttype) { case CDK_PKT_PUBLIC_KEY: case CDK_PKT_PUBLIC_SUBKEY: return cdk_pk_get_fingerprint (pkt->pkt.public_key, fpr); - + case CDK_PKT_SECRET_KEY: case CDK_PKT_SECRET_SUBKEY: return cdk_pk_get_fingerprint (pkt->pkt.secret_key->pk, fpr); - + default: return CDK_Inv_Mode; } diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c index 4e47c63c1e..9e40903f0b 100644 --- a/lib/opencdk/read-packet.c +++ b/lib/opencdk/read-packet.c @@ -39,10 +39,10 @@ #define MDC_PKT_VER 1 static int -stream_read (cdk_stream_t s, void *buf, size_t buflen, size_t *r_nread) +stream_read (cdk_stream_t s, void *buf, size_t buflen, size_t * r_nread) { *r_nread = cdk_stream_read (s, buf, buflen); - return *r_nread > 0? 0: _cdk_stream_get_errno (s); + return *r_nread > 0 ? 0 : _cdk_stream_get_errno (s); } @@ -52,12 +52,12 @@ read_32 (cdk_stream_t s) { byte buf[4]; size_t nread; - + assert (s != NULL); stream_read (s, buf, 4, &nread); if (nread != 4) - return (u32)-1; + return (u32) - 1; return buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3]; } @@ -68,12 +68,12 @@ read_16 (cdk_stream_t s) { byte buf[2]; size_t nread; - + assert (s != NULL); - + stream_read (s, buf, 2, &nread); if (nread != 2) - return (u16)-1; + return (u16) - 1; return buf[0] << 8 | buf[1]; } @@ -86,38 +86,39 @@ read_s2k (cdk_stream_t inp, cdk_s2k_t s2k) static cdk_error_t -read_mpi (cdk_stream_t inp, bigint_t *ret_m, int secure) +read_mpi (cdk_stream_t inp, bigint_t * ret_m, int secure) { bigint_t m; int err; - byte buf[MAX_MPI_BYTES+2]; + byte buf[MAX_MPI_BYTES + 2]; size_t nread, nbits; cdk_error_t rc; - + if (!inp || !ret_m) return CDK_Inv_Value; - + *ret_m = NULL; nbits = read_16 (inp); - nread = (nbits+7)/8; - + nread = (nbits + 7) / 8; + if (nbits > MAX_MPI_BITS || nbits == 0) { _cdk_log_debug ("read_mpi: too large %d bits\n", nbits); - return CDK_MPI_Error; /* Sanity check */ - } - - rc = stream_read (inp, buf+2, nread, &nread); - if (!rc && nread != ((nbits+7)/8)) + return CDK_MPI_Error; /* Sanity check */ + } + + rc = stream_read (inp, buf + 2, nread, &nread); + if (!rc && nread != ((nbits + 7) / 8)) { - _cdk_log_debug ("read_mpi: too short %d < %d\n", nread, (nbits+7)/8); + _cdk_log_debug ("read_mpi: too short %d < %d\n", nread, + (nbits + 7) / 8); return CDK_MPI_Error; - } - + } + buf[0] = nbits >> 8; buf[1] = nbits >> 0; - nread+=2; - err = _gnutls_mpi_scan_pgp( &m, buf, nread); + nread += 2; + err = _gnutls_mpi_scan_pgp (&m, buf, nread); if (err < 0) return map_gnutls_error (err); @@ -130,31 +131,31 @@ read_mpi (cdk_stream_t inp, bigint_t *ret_m, int secure) object INP and return it. Reset RET_PARTIAL if this is the last packet in block mode. */ size_t -_cdk_pkt_read_len (FILE *inp, size_t *ret_partial) +_cdk_pkt_read_len (FILE * inp, size_t * ret_partial) { int c1, c2; size_t pktlen; - + c1 = fgetc (inp); if (c1 == EOF) - return (size_t)EOF; + return (size_t) EOF; if (c1 < 224 || c1 == 255) - *ret_partial = 0; /* End of partial data */ + *ret_partial = 0; /* End of partial data */ if (c1 < 192) pktlen = c1; else if (c1 >= 192 && c1 <= 223) { c2 = fgetc (inp); if (c2 == EOF) - return (size_t)EOF; + return (size_t) EOF; pktlen = ((c1 - 192) << 8) + c2 + 192; } else if (c1 == 255) { - pktlen = fgetc (inp) << 24; + pktlen = fgetc (inp) << 24; pktlen |= fgetc (inp) << 16; - pktlen |= fgetc (inp) << 8; - pktlen |= fgetc (inp) << 0; + pktlen |= fgetc (inp) << 8; + pktlen |= fgetc (inp) << 0; } else pktlen = 1 << (c1 & 0x1f); @@ -169,10 +170,10 @@ read_pubkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_enc_t pke) if (!inp || !pke) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_pubkey_enc: %d octets\n", pktlen); - + if (pktlen < 12) return CDK_Inv_Packet; pke->version = cdk_stream_getc (inp); @@ -181,18 +182,18 @@ read_pubkey_enc (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_enc_t pke) pke->keyid[0] = read_32 (inp); pke->keyid[1] = read_32 (inp); if (!pke->keyid[0] && !pke->keyid[1]) - pke->throw_keyid = 1; /* RFC2440 "speculative" keyID */ - pke->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); + pke->throw_keyid = 1; /* RFC2440 "speculative" keyID */ + pke->pubkey_algo = _pgp_pub_algo_to_cdk (cdk_stream_getc (inp)); nenc = cdk_pk_get_nenc (pke->pubkey_algo); if (!nenc) return CDK_Inv_Algo; - for (i = 0; i < nenc; i++) + for (i = 0; i < nenc; i++) { cdk_error_t rc = read_mpi (inp, &pke->mpi[i], 0); if (rc) return rc; } - + return 0; } @@ -206,15 +207,15 @@ read_mdc (cdk_stream_t inp, cdk_pkt_mdc_t mdc) if (!inp || !mdc) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_mdc:\n"); - + rc = stream_read (inp, mdc->hash, DIM (mdc->hash), &n); if (rc) - return rc; - - return n != DIM (mdc->hash)? CDK_Inv_Packet : 0; + return rc; + + return n != DIM (mdc->hash) ? CDK_Inv_Packet : 0; } @@ -223,21 +224,21 @@ read_compressed (cdk_stream_t inp, size_t pktlen, cdk_pkt_compressed_t c) { if (!inp || !c) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_compressed: %d octets\n", pktlen); - + c->algorithm = cdk_stream_getc (inp); if (c->algorithm > 3) return CDK_Inv_Packet; - + /* don't know the size, so we read until EOF */ if (!pktlen) { c->len = 0; c->buf = inp; } - + /* FIXME: Support partial bodies. */ return 0; } @@ -247,17 +248,17 @@ static cdk_error_t read_public_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_t pk) { size_t i, ndays, npkey; - + if (!inp || !pk) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_public_key: %d octets\n", pktlen); - - pk->is_invalid = 1; /* default to detect missing self signatures */ + + pk->is_invalid = 1; /* default to detect missing self signatures */ pk->is_revoked = 0; pk->has_expired = 0; - + pk->version = cdk_stream_getc (inp); if (pk->version < 2 || pk->version > 4) return CDK_Inv_Packet_Ver; @@ -265,25 +266,25 @@ read_public_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_pubkey_t pk) if (pk->version < 4) { ndays = read_16 (inp); - if (ndays) + if (ndays) pk->expiredate = pk->timestamp + ndays * 86400L; } - - pk->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); + + pk->pubkey_algo = _pgp_pub_algo_to_cdk (cdk_stream_getc (inp)); npkey = cdk_pk_get_npkey (pk->pubkey_algo); if (!npkey) { - gnutls_assert(); + gnutls_assert (); _cdk_log_debug ("invalid public key algorithm %d\n", pk->pubkey_algo); return CDK_Inv_Algo; - } + } for (i = 0; i < npkey; i++) { cdk_error_t rc = read_mpi (inp, &pk->mpi[i], 0); if (rc) return rc; } - + /* This value is just for the first run and will be replaced with the actual key flags from the self signature. */ pk->pubkey_usage = 0; @@ -322,12 +323,12 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) if (sk->s2k_usage == 254 || sk->s2k_usage == 255) { sk->protect.sha1chk = (sk->s2k_usage == 254); - sk->protect.algo = _pgp_cipher_to_gnutls(cdk_stream_getc (inp)); + sk->protect.algo = _pgp_cipher_to_gnutls (cdk_stream_getc (inp)); sk->protect.s2k = cdk_calloc (1, sizeof *sk->protect.s2k); if (!sk->protect.s2k) return CDK_Out_Of_Core; rc = read_s2k (inp, sk->protect.s2k); - if (rc) + if (rc) return rc; sk->protect.ivlen = _gnutls_cipher_get_block_size (sk->protect.algo); if (sk->protect.ivlen <= 0) @@ -339,15 +340,16 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) return CDK_Inv_Packet; } else - sk->protect.algo = _pgp_cipher_to_gnutls(sk->s2k_usage); + sk->protect.algo = _pgp_cipher_to_gnutls (sk->s2k_usage); if (sk->protect.algo == GNUTLS_CIPHER_NULL) { sk->csum = 0; nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) { - gnutls_assert(); - return CDK_Inv_Algo; - } + if (!nskey) + { + gnutls_assert (); + return CDK_Inv_Algo; + } for (i = 0; i < nskey; i++) { rc = read_mpi (inp, &sk->mpi[i], 1); @@ -358,14 +360,15 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) sk->is_protected = 0; } else if (sk->pk->version < 4) - { + { /* The length of each multiprecision integer is stored in plaintext. */ nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) { - gnutls_assert(); - return CDK_Inv_Algo; - } - for (i = 0; i < nskey; i++) + if (!nskey) + { + gnutls_assert (); + return CDK_Inv_Algo; + } + for (i = 0; i < nskey; i++) { rc = read_mpi (inp, &sk->mpi[i], 1); if (rc) @@ -373,32 +376,33 @@ read_secret_key (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) } sk->csum = read_16 (inp); sk->is_protected = 1; - } + } else { /* We need to read the rest of the packet because we do not - have any information how long the encrypted mpi's are */ + have any information how long the encrypted mpi's are */ p2 = cdk_stream_tell (inp); p2 -= p1; sk->enclen = pktlen - p2; if (sk->enclen < 2) - return CDK_Inv_Packet; /* at least 16 bits for the checksum! */ + return CDK_Inv_Packet; /* at least 16 bits for the checksum! */ sk->encdata = cdk_calloc (1, sk->enclen + 1); if (!sk->encdata) return CDK_Out_Of_Core; if (stream_read (inp, sk->encdata, sk->enclen, &nread)) return CDK_Inv_Packet; nskey = cdk_pk_get_nskey (sk->pk->pubkey_algo); - if (!nskey) { - gnutls_assert(); - return CDK_Inv_Algo; - } + if (!nskey) + { + gnutls_assert (); + return CDK_Inv_Algo; + } /* We mark each MPI entry with NULL to indicate a protected key. */ for (i = 0; i < nskey; i++) sk->mpi[i] = NULL; sk->is_protected = 1; } - + sk->is_primary = 1; _cdk_copy_pk_to_sk (sk->pk, sk); return 0; @@ -412,7 +416,7 @@ read_secret_subkey (cdk_stream_t inp, size_t pktlen, cdk_pkt_seckey_t sk) if (!inp || !sk || !sk->pk) return CDK_Inv_Value; - + rc = read_secret_key (inp, pktlen, sk); sk->is_primary = 0; return rc; @@ -426,30 +430,32 @@ read_attribute (cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t attr) byte *buf; size_t len, nread; cdk_error_t rc; - + if (!inp || !attr || !pktlen) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_attribute: %d octets\n", pktlen); - + strcpy (attr->name, "[attribute]"); attr->len = strlen (attr->name); buf = cdk_calloc (1, pktlen); if (!buf) return CDK_Out_Of_Core; rc = stream_read (inp, buf, pktlen, &nread); - if (rc) + if (rc) { cdk_free (buf); return CDK_Inv_Packet; } p = buf; - len = *p++; pktlen--; + len = *p++; + pktlen--; if (len == 255) { len = _cdk_buftou32 (p); - p += 4; pktlen -= 4; + p += 4; + pktlen -= 4; } else if (len >= 192) { @@ -457,26 +463,28 @@ read_attribute (cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t attr) { cdk_free (buf); return CDK_Inv_Packet; - } + } len = ((len - 192) << 8) + *p + 192; - p++; pktlen--; + p++; + pktlen--; } - - if (*p != 1) /* Currently only 1, meaning an image, is defined. */ + + if (*p != 1) /* Currently only 1, meaning an image, is defined. */ { cdk_free (buf); return CDK_Inv_Packet; } - p++; len--; - - if (pktlen - (len+1) > 0) + p++; + len--; + + if (pktlen - (len + 1) > 0) return CDK_Inv_Packet; attr->attrib_img = cdk_calloc (1, len); if (!attr->attrib_img) { cdk_free (buf); return CDK_Out_Of_Core; - } + } attr->attrib_len = len; memcpy (attr->attrib_img, p, len); cdk_free (buf); @@ -489,15 +497,15 @@ read_user_id (cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t user_id) { size_t nread; cdk_error_t rc; - + if (!inp || !user_id) return CDK_Inv_Value; if (!pktlen) return CDK_Inv_Packet; - + if (DEBUG_PKT) - _cdk_log_debug ("read_user_id: %lu octets\n", pktlen); - + _cdk_log_debug ("read_user_id: %lu octets\n", pktlen); + user_id->len = pktlen; rc = stream_read (inp, user_id->name, pktlen, &nread); if (rc) @@ -510,19 +518,19 @@ read_user_id (cdk_stream_t inp, size_t pktlen, cdk_pkt_userid_t user_id) static cdk_error_t -read_subpkt( cdk_stream_t inp, cdk_subpkt_t * r_ctx, size_t * r_nbytes ) +read_subpkt (cdk_stream_t inp, cdk_subpkt_t * r_ctx, size_t * r_nbytes) { byte c, c1; size_t size, nread, n; cdk_subpkt_t node; cdk_error_t rc; - + if (!inp || !r_nbytes) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_subpkt:\n"); - + n = 0; *r_nbytes = 0; c = cdk_stream_getc (inp); @@ -544,10 +552,10 @@ read_subpkt( cdk_stream_t inp, cdk_subpkt_t * r_ctx, size_t * r_nbytes ) size = c; else return CDK_Inv_Packet; - + node = cdk_subpkt_new (size); if (!node) - return CDK_Out_Of_Core; + return CDK_Out_Of_Core; node->size = size; node->type = cdk_stream_getc (inp); if (DEBUG_PKT) @@ -559,7 +567,7 @@ read_subpkt( cdk_stream_t inp, cdk_subpkt_t * r_ctx, size_t * r_nbytes ) if (rc) return rc; *r_nbytes = n; - if (! *r_ctx) + if (!*r_ctx) *r_ctx = node; else cdk_subpkt_add (*r_ctx, node); @@ -572,20 +580,20 @@ read_onepass_sig (cdk_stream_t inp, size_t pktlen, cdk_pkt_onepass_sig_t sig) { if (!inp || !sig) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_onepass_sig: %d octets\n", pktlen); - + if (pktlen != 13) return CDK_Inv_Packet; sig->version = cdk_stream_getc (inp); if (sig->version != 3) return CDK_Inv_Packet_Ver; sig->sig_class = cdk_stream_getc (inp); - sig->digest_algo = _pgp_hash_algo_to_gnutls(cdk_stream_getc (inp)); - sig->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); + sig->digest_algo = _pgp_hash_algo_to_gnutls (cdk_stream_getc (inp)); + sig->pubkey_algo = _pgp_pub_algo_to_cdk (cdk_stream_getc (inp)); sig->keyid[0] = read_32 (inp); - sig->keyid[1] = read_32 (inp); + sig->keyid[1] = read_32 (inp); sig->last = cdk_stream_getc (inp); return 0; } @@ -595,32 +603,30 @@ static cdk_error_t parse_sig_subpackets (cdk_pkt_signature_t sig) { cdk_subpkt_t node; - + /* Setup the standard packet entries, so we can use V4 signatures similar to V3. */ for (node = sig->unhashed; node; node = node->next) { if (node->type == CDK_SIGSUBPKT_ISSUER && node->size >= 8) { - sig->keyid[0] = _cdk_buftou32 (node->d ); + sig->keyid[0] = _cdk_buftou32 (node->d); sig->keyid[1] = _cdk_buftou32 (node->d + 4); } - else if (node->type == CDK_SIGSUBPKT_EXPORTABLE && - node->d[0] == 0) + else if (node->type == CDK_SIGSUBPKT_EXPORTABLE && node->d[0] == 0) { /* Sometimes this packet might be placed in the unhashed area */ sig->flags.exportable = 0; } } - for (node = sig->hashed; node; node = node->next) + for (node = sig->hashed; node; node = node->next) { if (node->type == CDK_SIGSUBPKT_SIG_CREATED && node->size >= 4) sig->timestamp = _cdk_buftou32 (node->d); else if (node->type == CDK_SIGSUBPKT_SIG_EXPIRE && node->size >= 4) { sig->expiredate = _cdk_buftou32 (node->d); - if (sig->expiredate > 0 && - sig->expiredate < (u32)time (NULL)) + if (sig->expiredate > 0 && sig->expiredate < (u32) time (NULL)) sig->flags.expired = 1; } else if (node->type == CDK_SIGSUBPKT_POLICY) @@ -628,17 +634,17 @@ parse_sig_subpackets (cdk_pkt_signature_t sig) else if (node->type == CDK_SIGSUBPKT_NOTATION) sig->flags.notation = 1; else if (node->type == CDK_SIGSUBPKT_REVOCABLE && node->d[0] == 0) - sig->flags.revocable = 0; - else if (node->type == CDK_SIGSUBPKT_EXPORTABLE && node->d[0]== 0) + sig->flags.revocable = 0; + else if (node->type == CDK_SIGSUBPKT_EXPORTABLE && node->d[0] == 0) sig->flags.exportable = 0; } if (sig->sig_class == 0x1F) { cdk_desig_revoker_t r, rnode; - + for (node = sig->hashed; node; node = node->next) { - if (node->type == CDK_SIGSUBPKT_REV_KEY) + if (node->type == CDK_SIGSUBPKT_REV_KEY) { if (node->size < 22) continue; @@ -647,10 +653,10 @@ parse_sig_subpackets (cdk_pkt_signature_t sig) return CDK_Out_Of_Core; rnode->r_class = node->d[0]; rnode->algid = node->d[1]; - memcpy (rnode->fpr, node->d+2, KEY_FPR_LEN); + memcpy (rnode->fpr, node->d + 2, KEY_FPR_LEN); if (!sig->revkeys) - sig->revkeys = rnode; - else + sig->revkeys = rnode; + else { for (r = sig->revkeys; r->next; r = r->next) ; @@ -659,7 +665,7 @@ parse_sig_subpackets (cdk_pkt_signature_t sig) } } } - + return 0; } @@ -673,20 +679,20 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) if (!inp || !sig) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_signature: %d octets\n", pktlen); - + if (pktlen < 16) return CDK_Inv_Packet; sig->version = cdk_stream_getc (inp); if (sig->version < 2 || sig->version > 4) return CDK_Inv_Packet_Ver; - + sig->flags.exportable = 1; sig->flags.revocable = 1; - - if (sig->version < 4) + + if (sig->version < 4) { if (cdk_stream_getc (inp) != 5) return CDK_Inv_Packet; @@ -694,8 +700,8 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) sig->timestamp = read_32 (inp); sig->keyid[0] = read_32 (inp); sig->keyid[1] = read_32 (inp); - sig->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); - sig->digest_algo = _pgp_hash_algo_to_gnutls(cdk_stream_getc (inp)); + sig->pubkey_algo = _pgp_pub_algo_to_cdk (cdk_stream_getc (inp)); + sig->digest_algo = _pgp_hash_algo_to_gnutls (cdk_stream_getc (inp)); sig->digest_start[0] = cdk_stream_getc (inp); sig->digest_start[1] = cdk_stream_getc (inp); nsig = cdk_pk_get_nsig (sig->pubkey_algo); @@ -708,21 +714,21 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) return rc; } } - else + else { sig->sig_class = cdk_stream_getc (inp); - sig->pubkey_algo = _pgp_pub_algo_to_cdk(cdk_stream_getc (inp)); - sig->digest_algo = _pgp_hash_algo_to_gnutls(cdk_stream_getc (inp)); + sig->pubkey_algo = _pgp_pub_algo_to_cdk (cdk_stream_getc (inp)); + sig->digest_algo = _pgp_hash_algo_to_gnutls (cdk_stream_getc (inp)); sig->hashed_size = read_16 (inp); size = sig->hashed_size; sig->hashed = NULL; - while (size > 0) + while (size > 0) { rc = read_subpkt (inp, &sig->hashed, &nbytes); if (rc) return rc; size -= nbytes; - } + } sig->unhashed_size = read_16 (inp); size = sig->unhashed_size; sig->unhashed = NULL; @@ -733,11 +739,11 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) return rc; size -= nbytes; } - + rc = parse_sig_subpackets (sig); if (rc) return rc; - + sig->digest_start[0] = cdk_stream_getc (inp); sig->digest_start[1] = cdk_stream_getc (inp); nsig = cdk_pk_get_nsig (sig->pubkey_algo); @@ -750,41 +756,41 @@ read_signature (cdk_stream_t inp, size_t pktlen, cdk_pkt_signature_t sig) return rc; } } - + return 0; } static cdk_error_t -read_literal (cdk_stream_t inp, size_t pktlen, - cdk_pkt_literal_t *ret_pt, int is_partial) +read_literal (cdk_stream_t inp, size_t pktlen, + cdk_pkt_literal_t * ret_pt, int is_partial) { cdk_pkt_literal_t pt = *ret_pt; - size_t nread ; + size_t nread; cdk_error_t rc; if (!inp || !pt) return CDK_Inv_Value; - + if (DEBUG_PKT) _cdk_log_debug ("read_literal: %d octets\n", pktlen); - + pt->mode = cdk_stream_getc (inp); if (pt->mode != 0x62 && pt->mode != 0x74 && pt->mode != 0x75) return CDK_Inv_Packet; if (cdk_stream_eof (inp)) return CDK_Inv_Packet; - + pt->namelen = cdk_stream_getc (inp); if (pt->namelen > 0) { - *ret_pt = pt = cdk_realloc (pt, sizeof * pt + pt->namelen + 1); + *ret_pt = pt = cdk_realloc (pt, sizeof *pt + pt->namelen + 1); if (!pt) return CDK_Out_Of_Core; rc = stream_read (inp, pt->name, pt->namelen, &nread); if (rc) return rc; - if ((int)nread != pt->namelen) + if ((int) nread != pt->namelen) return CDK_Inv_Packet; pt->name[pt->namelen] = '\0'; } @@ -800,10 +806,10 @@ read_literal (cdk_stream_t inp, size_t pktlen, /* Read an old packet CTB and return the length of the body. */ static void -read_old_length (cdk_stream_t inp, int ctb, size_t *r_len, size_t *r_size) +read_old_length (cdk_stream_t inp, int ctb, size_t * r_len, size_t * r_size) { int llen = ctb & 0x03; - + if (llen == 0) { *r_len = cdk_stream_getc (inp); @@ -819,8 +825,8 @@ read_old_length (cdk_stream_t inp, int ctb, size_t *r_len, size_t *r_size) *r_len = read_32 (inp); (*r_size) += 4; } - else - { + else + { *r_len = 0; *r_size = 0; } @@ -830,10 +836,10 @@ read_old_length (cdk_stream_t inp, int ctb, size_t *r_len, size_t *r_size) /* Read a new CTB and decode the body length. */ static void read_new_length (cdk_stream_t inp, - size_t *r_len, size_t *r_size, size_t *r_partial) + size_t * r_len, size_t * r_size, size_t * r_partial) { int c, c1; - + c = cdk_stream_getc (inp); (*r_size)++; if (c < 192) @@ -844,16 +850,16 @@ read_new_length (cdk_stream_t inp, (*r_size)++; *r_len = ((c - 192) << 8) + c1 + 192; } - else if (c == 255) + else if (c == 255) { *r_len = read_32 (inp); - (*r_size) += 4; + (*r_size) += 4; } - else + else { *r_len = 1 << (c & 0x1f); *r_partial = 1; - } + } } @@ -863,10 +869,10 @@ skip_packet (cdk_stream_t inp, size_t pktlen) { byte buf[BUFSIZE]; size_t nread, buflen = DIM (buf); - + while (pktlen > 0) { - stream_read (inp, buf, pktlen > buflen? buflen : pktlen, &nread); + stream_read (inp, buf, pktlen > buflen ? buflen : pktlen, &nread); pktlen -= nread; } @@ -888,42 +894,42 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) int pkttype; size_t pktlen = 0, pktsize = 0, is_partial = 0; cdk_error_t rc; - + if (!inp || !pkt) return CDK_Inv_Value; - + ctb = cdk_stream_getc (inp); if (cdk_stream_eof (inp) || ctb == EOF) return CDK_EOF; else if (!ctb) return CDK_Inv_Packet; - + pktsize++; - if (!(ctb & 0x80)) + if (!(ctb & 0x80)) { _cdk_log_info ("cdk_pkt_read: no openpgp data found. " - "(ctb=%02X; fpos=%02X)\n",ctb, cdk_stream_tell (inp)); + "(ctb=%02X; fpos=%02X)\n", ctb, cdk_stream_tell (inp)); return CDK_Inv_Packet; - } - - if (ctb & 0x40) /* RFC2440 packet format. */ + } + + if (ctb & 0x40) /* RFC2440 packet format. */ { pkttype = ctb & 0x3f; is_newctb = 1; } - else /* the old RFC1991 packet format. */ + else /* the old RFC1991 packet format. */ { pkttype = ctb & 0x3f; pkttype >>= 2; is_newctb = 0; } - + if (pkttype > 63) { _cdk_log_info ("cdk_pkt_read: unknown type %d\n", pkttype); return CDK_Inv_Packet; } - + if (is_newctb) read_new_length (inp, &pktlen, &pktsize, &is_partial); else @@ -932,8 +938,8 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) pkt->pkttype = pkttype; pkt->pktlen = pktlen; pkt->pktsize = pktsize + pktlen; - pkt->old_ctb = is_newctb? 0 : 1; - + pkt->old_ctb = is_newctb ? 0 : 1; + rc = 0; switch (pkt->pkttype) { @@ -945,7 +951,7 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) rc = read_attribute (inp, pktlen, pkt->pkt.user_id); pkt->pkttype = CDK_PKT_ATTRIBUTE; break; - + case CDK_PKT_USER_ID: pkt->pkt.user_id = cdk_calloc (1, sizeof *pkt->pkt.user_id + pkt->pktlen); @@ -953,90 +959,90 @@ cdk_pkt_read (cdk_stream_t inp, cdk_packet_t pkt) return CDK_Out_Of_Core; rc = read_user_id (inp, pktlen, pkt->pkt.user_id); break; - + case CDK_PKT_PUBLIC_KEY: pkt->pkt.public_key = cdk_calloc (1, sizeof *pkt->pkt.public_key); if (!pkt->pkt.public_key) return CDK_Out_Of_Core; rc = read_public_key (inp, pktlen, pkt->pkt.public_key); break; - + case CDK_PKT_PUBLIC_SUBKEY: pkt->pkt.public_key = cdk_calloc (1, sizeof *pkt->pkt.public_key); if (!pkt->pkt.public_key) return CDK_Out_Of_Core; - rc = read_public_subkey (inp, pktlen, pkt->pkt.public_key); + rc = read_public_subkey (inp, pktlen, pkt->pkt.public_key); break; - + case CDK_PKT_SECRET_KEY: pkt->pkt.secret_key = cdk_calloc (1, sizeof *pkt->pkt.secret_key); if (!pkt->pkt.secret_key) return CDK_Out_Of_Core; - pkt->pkt.secret_key->pk =cdk_calloc (1, - sizeof *pkt->pkt.secret_key->pk); + pkt->pkt.secret_key->pk = cdk_calloc (1, + sizeof *pkt->pkt.secret_key->pk); if (!pkt->pkt.secret_key->pk) return CDK_Out_Of_Core; rc = read_secret_key (inp, pktlen, pkt->pkt.secret_key); break; - + case CDK_PKT_SECRET_SUBKEY: pkt->pkt.secret_key = cdk_calloc (1, sizeof *pkt->pkt.secret_key); if (!pkt->pkt.secret_key) return CDK_Out_Of_Core; - pkt->pkt.secret_key->pk = cdk_calloc (1, + pkt->pkt.secret_key->pk = cdk_calloc (1, sizeof *pkt->pkt.secret_key->pk); if (!pkt->pkt.secret_key->pk) return CDK_Out_Of_Core; rc = read_secret_subkey (inp, pktlen, pkt->pkt.secret_key); break; - + case CDK_PKT_LITERAL: pkt->pkt.literal = cdk_calloc (1, sizeof *pkt->pkt.literal); if (!pkt->pkt.literal) return CDK_Out_Of_Core; rc = read_literal (inp, pktlen, &pkt->pkt.literal, is_partial); break; - + case CDK_PKT_ONEPASS_SIG: pkt->pkt.onepass_sig = cdk_calloc (1, sizeof *pkt->pkt.onepass_sig); if (!pkt->pkt.onepass_sig) return CDK_Out_Of_Core; rc = read_onepass_sig (inp, pktlen, pkt->pkt.onepass_sig); break; - + case CDK_PKT_SIGNATURE: pkt->pkt.signature = cdk_calloc (1, sizeof *pkt->pkt.signature); if (!pkt->pkt.signature) return CDK_Out_Of_Core; rc = read_signature (inp, pktlen, pkt->pkt.signature); break; - + case CDK_PKT_PUBKEY_ENC: pkt->pkt.pubkey_enc = cdk_calloc (1, sizeof *pkt->pkt.pubkey_enc); if (!pkt->pkt.pubkey_enc) return CDK_Out_Of_Core; rc = read_pubkey_enc (inp, pktlen, pkt->pkt.pubkey_enc); break; - + case CDK_PKT_COMPRESSED: pkt->pkt.compressed = cdk_calloc (1, sizeof *pkt->pkt.compressed); if (!pkt->pkt.compressed) return CDK_Out_Of_Core; rc = read_compressed (inp, pktlen, pkt->pkt.compressed); break; - + case CDK_PKT_MDC: pkt->pkt.mdc = cdk_calloc (1, sizeof *pkt->pkt.mdc); if (!pkt->pkt.mdc) return CDK_Out_Of_Core; rc = read_mdc (inp, pkt->pkt.mdc); break; - + default: /* Skip all packets we don't understand */ skip_packet (inp, pktlen); break; } - + return rc; } diff --git a/lib/opencdk/seskey.c b/lib/opencdk/seskey.c index f7d3af111d..91003ff2ce 100644 --- a/lib/opencdk/seskey.c +++ b/lib/opencdk/seskey.c @@ -40,8 +40,8 @@ * PAD consists of FF bytes. */ static cdk_error_t -do_encode_md(byte ** r_frame, size_t * r_flen, const byte * md, int algo, - size_t len, unsigned nbits, const byte * asn, size_t asnlen) +do_encode_md (byte ** r_frame, size_t * r_flen, const byte * md, int algo, + size_t len, unsigned nbits, const byte * asn, size_t asnlen) { byte *frame = NULL; size_t nframe = (nbits + 7) / 8; @@ -54,27 +54,29 @@ do_encode_md(byte ** r_frame, size_t * r_flen, const byte * md, int algo, if (len + asnlen + 4 > nframe) return CDK_General_Error; - frame = cdk_calloc(1, nframe); + frame = cdk_calloc (1, nframe); if (!frame) return CDK_Out_Of_Core; frame[n++] = 0; frame[n++] = 1; i = nframe - len - asnlen - 3; - if (i < 0) { - cdk_free(frame); - return CDK_Inv_Value; - } - memset(frame + n, 0xFF, i); + if (i < 0) + { + cdk_free (frame); + return CDK_Inv_Value; + } + memset (frame + n, 0xFF, i); n += i; frame[n++] = 0; - memcpy(frame + n, asn, asnlen); + memcpy (frame + n, asn, asnlen); n += asnlen; - memcpy(frame + n, md, len); + memcpy (frame + n, md, len); n += len; - if (n != nframe) { - cdk_free(frame); - return CDK_Inv_Value; - } + if (n != nframe) + { + cdk_free (frame); + return CDK_Inv_Value; + } *r_frame = frame; *r_flen = n; return 0; @@ -121,70 +123,75 @@ static const byte rmd160_asn[15] = /* Object ID is 1.3.36.3.2.1 */ 0x02, 0x01, 0x05, 0x00, 0x04, 0x14 }; -static int _gnutls_get_digest_oid(gnutls_digest_algorithm_t algo, const byte** data) +static int +_gnutls_get_digest_oid (gnutls_digest_algorithm_t algo, const byte ** data) { - switch (algo) { - case GNUTLS_DIG_MD5: - *data = md5_asn; - return sizeof(md5_asn); - case GNUTLS_DIG_SHA1: - *data = sha1_asn; - return sizeof(sha1_asn); - case GNUTLS_DIG_RMD160: - *data = rmd160_asn; - return sizeof(rmd160_asn); - case GNUTLS_DIG_SHA256: - *data = sha256_asn; - return sizeof(sha256_asn); - case GNUTLS_DIG_SHA384: - *data = sha384_asn; - return sizeof(sha384_asn); - case GNUTLS_DIG_SHA512: - *data = sha512_asn; - return sizeof(sha512_asn); - case GNUTLS_DIG_SHA224: - *data = sha224_asn; - return sizeof(sha224_asn); - default: - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; + switch (algo) + { + case GNUTLS_DIG_MD5: + *data = md5_asn; + return sizeof (md5_asn); + case GNUTLS_DIG_SHA1: + *data = sha1_asn; + return sizeof (sha1_asn); + case GNUTLS_DIG_RMD160: + *data = rmd160_asn; + return sizeof (rmd160_asn); + case GNUTLS_DIG_SHA256: + *data = sha256_asn; + return sizeof (sha256_asn); + case GNUTLS_DIG_SHA384: + *data = sha384_asn; + return sizeof (sha384_asn); + case GNUTLS_DIG_SHA512: + *data = sha512_asn; + return sizeof (sha512_asn); + case GNUTLS_DIG_SHA224: + *data = sha224_asn; + return sizeof (sha224_asn); + default: + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; } } /* Encode the given digest into a pkcs#1 compatible format. */ cdk_error_t -_cdk_digest_encode_pkcs1(byte ** r_md, size_t * r_mdlen, int pk_algo, - const byte * md, int digest_algo, unsigned nbits) +_cdk_digest_encode_pkcs1 (byte ** r_md, size_t * r_mdlen, int pk_algo, + const byte * md, int digest_algo, unsigned nbits) { size_t dlen; if (!md || !r_md || !r_mdlen) return CDK_Inv_Value; - dlen = _gnutls_hash_get_algo_len(digest_algo); + dlen = _gnutls_hash_get_algo_len (digest_algo); if (dlen <= 0) return CDK_Inv_Algo; - if (is_DSA(pk_algo)) { /* DSS does not use a special encoding. */ - *r_md = cdk_malloc(dlen + 1); - if (!*r_md) - return CDK_Out_Of_Core; - *r_mdlen = dlen; - memcpy(*r_md, md, dlen); - return 0; - } else { - const byte *asn; - int asnlen; - cdk_error_t rc; - - asnlen = _gnutls_get_digest_oid( digest_algo, &asn); - if (asnlen < 0) - return asnlen; - - rc = do_encode_md(r_md, r_mdlen, md, digest_algo, dlen, - nbits, asn, asnlen); - return rc; - } + if (is_DSA (pk_algo)) + { /* DSS does not use a special encoding. */ + *r_md = cdk_malloc (dlen + 1); + if (!*r_md) + return CDK_Out_Of_Core; + *r_mdlen = dlen; + memcpy (*r_md, md, dlen); + return 0; + } + else + { + const byte *asn; + int asnlen; + cdk_error_t rc; + + asnlen = _gnutls_get_digest_oid (digest_algo, &asn); + if (asnlen < 0) + return asnlen; + + rc = do_encode_md (r_md, r_mdlen, md, digest_algo, dlen, + nbits, asn, asnlen); + return rc; + } return 0; } @@ -200,8 +207,8 @@ _cdk_digest_encode_pkcs1(byte ** r_md, size_t * r_mdlen, int pk_algo, * The @salt parameter must be always 8 octets. **/ cdk_error_t -cdk_s2k_new(cdk_s2k_t * ret_s2k, int mode, int digest_algo, - const byte * salt) +cdk_s2k_new (cdk_s2k_t * ret_s2k, int mode, int digest_algo, + const byte * salt) { cdk_s2k_t s2k; @@ -211,16 +218,16 @@ cdk_s2k_new(cdk_s2k_t * ret_s2k, int mode, int digest_algo, if (mode != 0x00 && mode != 0x01 && mode != 0x03) return CDK_Inv_Mode; - if (_gnutls_hash_get_algo_len(digest_algo) <= 0) + if (_gnutls_hash_get_algo_len (digest_algo) <= 0) return CDK_Inv_Algo; - s2k = cdk_calloc(1, sizeof *s2k); + s2k = cdk_calloc (1, sizeof *s2k); if (!s2k) return CDK_Out_Of_Core; s2k->mode = mode; s2k->hash_algo = digest_algo; if (salt) - memcpy(s2k->salt, salt, 8); + memcpy (s2k->salt, salt, 8); *ret_s2k = s2k; return 0; } @@ -232,19 +239,21 @@ cdk_s2k_new(cdk_s2k_t * ret_s2k, int mode, int digest_algo, * * Release the given S2K object. **/ -void cdk_s2k_free(cdk_s2k_t s2k) +void +cdk_s2k_free (cdk_s2k_t s2k) { - cdk_free(s2k); + cdk_free (s2k); } /* Make a copy of the source s2k into R_DST. */ -cdk_error_t _cdk_s2k_copy(cdk_s2k_t * r_dst, cdk_s2k_t src) +cdk_error_t +_cdk_s2k_copy (cdk_s2k_t * r_dst, cdk_s2k_t src) { cdk_s2k_t dst; cdk_error_t err; - err = cdk_s2k_new(&dst, src->mode, src->hash_algo, src->salt); + err = cdk_s2k_new (&dst, src->mode, src->hash_algo, src->salt); if (err) return err; dst->count = src->count; diff --git a/lib/opencdk/sig-check.c b/lib/opencdk/sig-check.c index cbf6be2219..b162445052 100644 --- a/lib/opencdk/sig-check.c +++ b/lib/opencdk/sig-check.c @@ -37,27 +37,27 @@ /* Hash all multi precision integers of the key PK with the given message digest context MD. */ static int -hash_mpibuf (cdk_pubkey_t pk, digest_hd_st* md, int usefpr) +hash_mpibuf (cdk_pubkey_t pk, digest_hd_st * md, int usefpr) { - byte buf[MAX_MPI_BYTES]; /* FIXME: do not use hardcoded length. */ + byte buf[MAX_MPI_BYTES]; /* FIXME: do not use hardcoded length. */ size_t nbytes; size_t i, npkey; int err; - + /* We have to differ between two modes for v3 keys. To form the fingerprint, we hash the MPI values without the length prefix. But if we calculate the hash for verifying/signing we use all data. */ npkey = cdk_pk_get_npkey (pk->pubkey_algo); - for (i = 0; i < npkey; i++) + for (i = 0; i < npkey; i++) { nbytes = MAX_MPI_BYTES; - err = _gnutls_mpi_print_pgp( pk->mpi[i], buf, &nbytes); + err = _gnutls_mpi_print_pgp (pk->mpi[i], buf, &nbytes); if (err < 0) return map_gnutls_error (err); if (!usefpr || pk->version == 4) - _gnutls_hash( md, buf, nbytes); - else /* without the prefix. */ - _gnutls_hash( md, buf+2, nbytes - 2); + _gnutls_hash (md, buf, nbytes); + else /* without the prefix. */ + _gnutls_hash (md, buf + 2, nbytes - 2); } return 0; } @@ -67,24 +67,24 @@ hash_mpibuf (cdk_pubkey_t pk, digest_hd_st* md, int usefpr) MD. The @usefpr param is only valid for version 3 keys because of the different way to calculate the fingerprint. */ cdk_error_t -_cdk_hash_pubkey (cdk_pubkey_t pk, digest_hd_st* md, int usefpr) +_cdk_hash_pubkey (cdk_pubkey_t pk, digest_hd_st * md, int usefpr) { byte buf[12]; size_t i, n, npkey; - + if (!pk || !md) return CDK_Inv_Value; - - if (usefpr && pk->version < 4 && is_RSA (pk->pubkey_algo)) + + if (usefpr && pk->version < 4 && is_RSA (pk->pubkey_algo)) return hash_mpibuf (pk, md, 1); - + /* The version 4 public key packet does not have the 2 octets for the expiration date. */ - n = pk->version < 4? 8 : 6; + n = pk->version < 4 ? 8 : 6; npkey = cdk_pk_get_npkey (pk->pubkey_algo); - for (i = 0; i < npkey; i++) - n = n + (_gnutls_mpi_get_nbits (pk->mpi[i])+7)/8 + 2; - + for (i = 0; i < npkey; i++) + n = n + (_gnutls_mpi_get_nbits (pk->mpi[i]) + 7) / 8 + 2; + i = 0; buf[i++] = 0x99; buf[i++] = n >> 8; @@ -92,21 +92,21 @@ _cdk_hash_pubkey (cdk_pubkey_t pk, digest_hd_st* md, int usefpr) buf[i++] = pk->version; buf[i++] = pk->timestamp >> 24; buf[i++] = pk->timestamp >> 16; - buf[i++] = pk->timestamp >> 8; - buf[i++] = pk->timestamp >> 0; - - if (pk->version < 4) - { + buf[i++] = pk->timestamp >> 8; + buf[i++] = pk->timestamp >> 0; + + if (pk->version < 4) + { u16 a = 0; - + /* Convert the expiration date into days. */ if (pk->expiredate) - a = (u16)((pk->expiredate - pk->timestamp) / 86400L); + a = (u16) ((pk->expiredate - pk->timestamp) / 86400L); buf[i++] = a >> 8; buf[i++] = a; } buf[i++] = pk->pubkey_algo; - _gnutls_hash( md, buf, i); + _gnutls_hash (md, buf, i); return hash_mpibuf (pk, md, 0); } @@ -114,28 +114,28 @@ _cdk_hash_pubkey (cdk_pubkey_t pk, digest_hd_st* md, int usefpr) /* Hash the user ID @uid with the given message digest @md. Use openpgp mode if @is_v4 is 1. */ cdk_error_t -_cdk_hash_userid (cdk_pkt_userid_t uid, int is_v4, digest_hd_st* md) +_cdk_hash_userid (cdk_pkt_userid_t uid, int is_v4, digest_hd_st * md) { const byte *data; byte buf[5]; u32 dlen; - + if (!uid || !md) return CDK_Inv_Value; if (!is_v4) { - _gnutls_hash (md, (byte*)uid->name, uid->len); + _gnutls_hash (md, (byte *) uid->name, uid->len); return 0; } - - dlen = uid->attrib_img? uid->attrib_len : uid->len; - data = uid->attrib_img? uid->attrib_img : (byte*)uid->name; - buf[0] = uid->attrib_img? 0xD1 : 0xB4; + + dlen = uid->attrib_img ? uid->attrib_len : uid->len; + data = uid->attrib_img ? uid->attrib_img : (byte *) uid->name; + buf[0] = uid->attrib_img ? 0xD1 : 0xB4; buf[1] = dlen >> 24; buf[2] = dlen >> 16; - buf[3] = dlen >> 8; - buf[4] = dlen >> 0; + buf[3] = dlen >> 8; + buf[4] = dlen >> 0; _gnutls_hash (md, buf, 5); _gnutls_hash (md, data, dlen); return 0; @@ -145,61 +145,61 @@ _cdk_hash_userid (cdk_pkt_userid_t uid, int is_v4, digest_hd_st* md) /* Hash all parts of the signature which are needed to derive the correct message digest to verify the sig. */ cdk_error_t -_cdk_hash_sig_data (cdk_pkt_signature_t sig, digest_hd_st* md) +_cdk_hash_sig_data (cdk_pkt_signature_t sig, digest_hd_st * md) { byte buf[4]; byte tmp; - + if (!sig || !md) return CDK_Inv_Value; - + if (sig->version == 4) - _gnutls_hash(md, &sig->version, 1); + _gnutls_hash (md, &sig->version, 1); - _gnutls_hash(md, &sig->sig_class, 1); - if (sig->version < 4) + _gnutls_hash (md, &sig->sig_class, 1); + if (sig->version < 4) { buf[0] = sig->timestamp >> 24; buf[1] = sig->timestamp >> 16; - buf[2] = sig->timestamp >> 8; - buf[3] = sig->timestamp >> 0; - _gnutls_hash( md, buf, 4); + buf[2] = sig->timestamp >> 8; + buf[3] = sig->timestamp >> 0; + _gnutls_hash (md, buf, 4); } else { size_t n; - tmp = _cdk_pub_algo_to_pgp(sig->pubkey_algo); - _gnutls_hash( md, &tmp, 1); - tmp = _gnutls_hash_algo_to_pgp(sig->digest_algo); - _gnutls_hash( md, &tmp, 1); + tmp = _cdk_pub_algo_to_pgp (sig->pubkey_algo); + _gnutls_hash (md, &tmp, 1); + tmp = _gnutls_hash_algo_to_pgp (sig->digest_algo); + _gnutls_hash (md, &tmp, 1); if (sig->hashed != NULL) { byte *p = _cdk_subpkt_get_array (sig->hashed, 0, &n); assert (p != NULL); buf[0] = n >> 8; buf[1] = n >> 0; - _gnutls_hash(md, buf, 2); - _gnutls_hash(md, p, n); + _gnutls_hash (md, buf, 2); + _gnutls_hash (md, p, n); cdk_free (p); sig->hashed_size = n; n = sig->hashed_size + 6; } - else + else { tmp = 0x00; _gnutls_hash (md, &tmp, 1); _gnutls_hash (md, &tmp, 1); n = 6; } - _gnutls_hash(md, &sig->version, 1); + _gnutls_hash (md, &sig->version, 1); tmp = 0xff; - _gnutls_hash(md, &tmp, 1); + _gnutls_hash (md, &tmp, 1); buf[0] = n >> 24; buf[1] = n >> 16; - buf[2] = n >> 8; - buf[3] = n >> 0; - _gnutls_hash(md, buf, 4); + buf[2] = n >> 8; + buf[3] = n >> 0; + _gnutls_hash (md, buf, 4); } return 0; } @@ -216,7 +216,7 @@ cache_sig_result (cdk_pkt_signature_t sig, int res) sig->flags.checked = 1; sig->flags.valid = 1; } - else if (res == CDK_Bad_Sig) + else if (res == CDK_Bad_Sig) { sig->flags.checked = 1; sig->flags.valid = 0; @@ -228,36 +228,35 @@ cache_sig_result (cdk_pkt_signature_t sig, int res) Use the digest handle @digest. */ cdk_error_t _cdk_sig_check (cdk_pubkey_t pk, cdk_pkt_signature_t sig, - digest_hd_st* digest, int *r_expired) + digest_hd_st * digest, int *r_expired) { cdk_error_t rc; byte md[MAX_DIGEST_LEN]; - time_t cur_time = (u32)time (NULL); + time_t cur_time = (u32) time (NULL); if (!pk || !sig || !digest) { - gnutls_assert(); + gnutls_assert (); return CDK_Inv_Value; } - + if (sig->flags.checked) - return sig->flags.valid ?0 : CDK_Bad_Sig; + return sig->flags.valid ? 0 : CDK_Bad_Sig; if (!KEY_CAN_SIGN (pk->pubkey_algo)) return CDK_Inv_Algo; if (pk->timestamp > sig->timestamp || pk->timestamp > cur_time) return CDK_Time_Conflict; - + if (r_expired && pk->expiredate && (pk->expiredate + pk->timestamp) > cur_time) *r_expired = 1; _cdk_hash_sig_data (sig, digest); - _gnutls_hash_output( digest, md); - - if (md[0] != sig->digest_start[0] || - md[1] != sig->digest_start[1]) + _gnutls_hash_output (digest, md); + + if (md[0] != sig->digest_start[0] || md[1] != sig->digest_start[1]) { - gnutls_assert(); + gnutls_assert (); return CDK_Chksum_Error; } @@ -270,8 +269,9 @@ _cdk_sig_check (cdk_pubkey_t pk, cdk_pkt_signature_t sig, /* Check the given key signature. @knode is the key node and @snode the signature node. */ cdk_error_t -_cdk_pk_check_sig (cdk_keydb_hd_t keydb, - cdk_kbnode_t knode, cdk_kbnode_t snode, int *is_selfsig, char** ret_uid) +_cdk_pk_check_sig (cdk_keydb_hd_t keydb, + cdk_kbnode_t knode, cdk_kbnode_t snode, int *is_selfsig, + char **ret_uid) { digest_hd_st md; int err; @@ -283,40 +283,40 @@ _cdk_pk_check_sig (cdk_keydb_hd_t keydb, if (!knode || !snode) { - gnutls_assert(); + gnutls_assert (); return CDK_Inv_Value; } - + if (is_selfsig) *is_selfsig = 0; if (knode->pkt->pkttype != CDK_PKT_PUBLIC_KEY || snode->pkt->pkttype != CDK_PKT_SIGNATURE) - { - gnutls_assert(); - return CDK_Inv_Value; - } + { + gnutls_assert (); + return CDK_Inv_Value; + } pk = knode->pkt->pkt.public_key; sig = snode->pkt->pkt.signature; - - err = _gnutls_hash_init(&md, sig->digest_algo); + + err = _gnutls_hash_init (&md, sig->digest_algo); if (err < 0) { - gnutls_assert(); + gnutls_assert (); return map_gnutls_error (err); } is_expired = 0; if (sig->sig_class == 0x20) - { /* key revocation */ + { /* key revocation */ cdk_kbnode_hash (knode, &md, 0, 0, 0); rc = _cdk_sig_check (pk, sig, &md, &is_expired); } else if (sig->sig_class == 0x28) - { /* subkey revocation */ + { /* subkey revocation */ node = cdk_kbnode_find_prev (knode, snode, CDK_PKT_PUBLIC_SUBKEY); - if (!node) - { /* no subkey for subkey revocation packet */ - gnutls_assert(); + if (!node) + { /* no subkey for subkey revocation packet */ + gnutls_assert (); rc = CDK_Error_No_Key; goto fail; } @@ -325,11 +325,11 @@ _cdk_pk_check_sig (cdk_keydb_hd_t keydb, rc = _cdk_sig_check (pk, sig, &md, &is_expired); } else if (sig->sig_class == 0x18 || sig->sig_class == 0x19) - { /* primary/secondary key binding */ + { /* primary/secondary key binding */ node = cdk_kbnode_find_prev (knode, snode, CDK_PKT_PUBLIC_SUBKEY); - if (!node) - { /* no subkey for subkey binding packet */ - gnutls_assert(); + if (!node) + { /* no subkey for subkey binding packet */ + gnutls_assert (); rc = CDK_Error_No_Key; goto fail; } @@ -338,27 +338,28 @@ _cdk_pk_check_sig (cdk_keydb_hd_t keydb, rc = _cdk_sig_check (pk, sig, &md, &is_expired); } else if (sig->sig_class == 0x1F) - { /* direct key signature */ + { /* direct key signature */ cdk_kbnode_hash (knode, &md, 0, 0, 0); rc = _cdk_sig_check (pk, sig, &md, &is_expired); } - else - { /* all other classes */ + else + { /* all other classes */ cdk_pkt_userid_t uid; node = cdk_kbnode_find_prev (knode, snode, CDK_PKT_USER_ID); if (!node) - { /* no user ID for key signature packet */ - gnutls_assert(); + { /* no user ID for key signature packet */ + gnutls_assert (); rc = CDK_Error_No_Key; goto fail; } uid = node->pkt->pkt.user_id; - if (ret_uid) { - *ret_uid = uid->name; - } + if (ret_uid) + { + *ret_uid = uid->name; + } cdk_kbnode_hash (knode, &md, 0, 0, 0); - cdk_kbnode_hash (node, &md, sig->version==4, 0, 0); + cdk_kbnode_hash (node, &md, sig->version == 4, 0, 0); if (pk->keyid[0] == sig->keyid[0] && pk->keyid[1] == sig->keyid[1]) { @@ -375,67 +376,80 @@ _cdk_pk_check_sig (cdk_keydb_hd_t keydb, cdk_pk_release (sig_pk); } } - fail: - _gnutls_hash_deinit( &md, NULL); +fail: + _gnutls_hash_deinit (&md, NULL); return rc; } -struct verify_uid { - const char* name; +struct verify_uid +{ + const char *name; int nsigs; - struct verify_uid* next; + struct verify_uid *next; }; -static int uid_list_add_sig( struct verify_uid **list, const char* uid, unsigned int flag) +static int +uid_list_add_sig (struct verify_uid **list, const char *uid, + unsigned int flag) { - if (*list == NULL) { - *list = cdk_calloc( 1, sizeof(struct verify_uid)); - if (*list == NULL) - return CDK_Out_Of_Core; - (*list)->name = uid; - - if (flag != 0) - (*list)->nsigs++; - } else { - struct verify_uid* p, *prev_p = NULL; + if (*list == NULL) + { + *list = cdk_calloc (1, sizeof (struct verify_uid)); + if (*list == NULL) + return CDK_Out_Of_Core; + (*list)->name = uid; + + if (flag != 0) + (*list)->nsigs++; + } + else + { + struct verify_uid *p, *prev_p = NULL; int found = 0; p = *list; - - while(p != NULL) { - if (strcmp( uid, p->name) == 0) { - found = 1; - break; - } - prev_p = p; - p = p->next; - } - - if (found == 0) { /* not found add to the last */ - prev_p->next = cdk_calloc( 1, sizeof(struct verify_uid)); - if (prev_p->next==NULL) - return CDK_Out_Of_Core; - prev_p->next->name = uid; - if (flag != 0) - prev_p->next->nsigs++; - } else { /* found... increase sigs */ - if (flag != 0) - p->nsigs++; - } + + while (p != NULL) + { + if (strcmp (uid, p->name) == 0) + { + found = 1; + break; + } + prev_p = p; + p = p->next; + } + + if (found == 0) + { /* not found add to the last */ + prev_p->next = cdk_calloc (1, sizeof (struct verify_uid)); + if (prev_p->next == NULL) + return CDK_Out_Of_Core; + prev_p->next->name = uid; + if (flag != 0) + prev_p->next->nsigs++; + } + else + { /* found... increase sigs */ + if (flag != 0) + p->nsigs++; + } } - - return CDK_Success; + + return CDK_Success; } -static void uid_list_free( struct verify_uid * list) +static void +uid_list_free (struct verify_uid *list) { -struct verify_uid* p, *p1; + struct verify_uid *p, *p1; - p = list; - while(p != NULL) { - p1 = p->next; - cdk_free (p); - p = p1; + p = list; + while (p != NULL) + { + p1 = p->next; + cdk_free (p); + p = p1; } } @@ -443,21 +457,24 @@ struct verify_uid* p, *p1; * signature. If the list is empty or no signatures are present * a zero value is returned. */ -static int uid_list_all_signed( struct verify_uid * list) +static int +uid_list_all_signed (struct verify_uid *list) { -struct verify_uid* p; + struct verify_uid *p; - if (list == NULL) - return 0; + if (list == NULL) + return 0; - p = list; - while(p != NULL) { - if (p->nsigs == 0) { - return 0; - } - p = p->next; + p = list; + while (p != NULL) + { + if (p->nsigs == 0) + { + return 0; + } + p = p->next; } - return 1; /* all signed */ + return 1; /* all signed */ } /** @@ -478,20 +495,20 @@ cdk_pk_check_sigs (cdk_kbnode_t key, cdk_keydb_hd_t keydb, int *r_status) cdk_error_t rc; u32 keyid; int key_status, is_selfsig = 0; - struct verify_uid* uid_list = NULL; - char* uid_name; + struct verify_uid *uid_list = NULL; + char *uid_name; - if (!key || !r_status) + if (!key || !r_status) { - gnutls_assert(); + gnutls_assert (); return CDK_Inv_Value; } - + *r_status = 0; node = cdk_kbnode_find (key, CDK_PKT_PUBLIC_KEY); - if (!node) + if (!node) { - gnutls_assert(); + gnutls_assert (); return CDK_Error_No_Key; } @@ -505,7 +522,7 @@ cdk_pk_check_sigs (cdk_kbnode_t key, cdk_keydb_hd_t keydb, int *r_status) rc = 0; keyid = cdk_pk_get_keyid (node->pkt->pkt.public_key, NULL); - for (node = key; node; node = node->next) + for (node = key; node; node = node->next) { if (node->pkt->pkttype != CDK_PKT_SIGNATURE) continue; @@ -518,15 +535,15 @@ cdk_pk_check_sigs (cdk_kbnode_t key, cdk_keydb_hd_t keydb, int *r_status) corrupted, thus we do not consider it a problem when one ore more signatures are bad. But at least the self signature has to be valid. */ - if (is_selfsig) + if (is_selfsig) { key_status |= CDK_KEY_INVALID; break; - } - } + } + } _cdk_log_debug ("signature %s: signer %08lX keyid %08lX\n", - rc == CDK_Bad_Sig? "BAD" : "good", sig->keyid[1], + rc == CDK_Bad_Sig ? "BAD" : "good", sig->keyid[1], keyid); if (IS_UID_SIG (sig) && uid_name != NULL) @@ -535,24 +552,26 @@ cdk_pk_check_sigs (cdk_kbnode_t key, cdk_keydb_hd_t keydb, int *r_status) * - verification was ok * - not a selfsig */ - rc = uid_list_add_sig( &uid_list, uid_name, (rc == CDK_Success && is_selfsig==0)?1:0); - if (rc != CDK_Success) - { - gnutls_assert(); - goto exit; - } + rc = + uid_list_add_sig (&uid_list, uid_name, + (rc == CDK_Success && is_selfsig == 0) ? 1 : 0); + if (rc != CDK_Success) + { + gnutls_assert (); + goto exit; + } } } - - if (uid_list_all_signed(uid_list) == 0) - key_status |= CDK_KEY_NOSIGNER; - *r_status = key_status; + + if (uid_list_all_signed (uid_list) == 0) + key_status |= CDK_KEY_NOSIGNER; + *r_status = key_status; if (rc == CDK_Error_No_Key) rc = 0; exit: - uid_list_free(uid_list); + uid_list_free (uid_list); return rc; } @@ -571,12 +590,12 @@ cdk_pk_check_self_sig (cdk_kbnode_t key, int *r_status) cdk_pkt_signature_t sig; cdk_kbnode_t node; cdk_error_t rc; - u32 keyid[2], sigid[2]; + u32 keyid[2], sigid[2]; int is_selfsig, sig_ok; - + if (!key || !r_status) return CDK_Inv_Value; - + node = cdk_kbnode_find (key, CDK_PKT_PUBLIC_KEY); if (!node) return CDK_Error_No_Key; @@ -601,10 +620,10 @@ cdk_pk_check_self_sig (cdk_kbnode_t key, int *r_status) *r_status = CDK_KEY_INVALID; return rc; } - else /* For each valid self sig we increase this counter. */ + else /* For each valid self sig we increase this counter. */ sig_ok++; } - + /* A key without a self signature is not valid. */ if (!sig_ok) { diff --git a/lib/opencdk/stream.c b/lib/opencdk/stream.c index 5bb3411033..96119173c7 100644 --- a/lib/opencdk/stream.c +++ b/lib/opencdk/stream.c @@ -45,12 +45,13 @@ static int stream_flush (cdk_stream_t s); static int stream_filter_write (cdk_stream_t s); -static int stream_cache_flush (cdk_stream_t s, FILE *fp); -struct stream_filter_s* filter_add (cdk_stream_t s, filter_fnct_t fnc, int type); +static int stream_cache_flush (cdk_stream_t s, FILE * fp); +struct stream_filter_s *filter_add (cdk_stream_t s, filter_fnct_t fnc, + int type); /* Customized tmpfile() version from misc.c */ FILE *_cdk_tmpfile (void); - + /* FIXME: The read/write/putc/getc function cannot directly return an error code. It is stored in an error variable @@ -66,7 +67,7 @@ FILE *_cdk_tmpfile (void); * opened in read-only mode. **/ cdk_error_t -cdk_stream_open (const char *file, cdk_stream_t *ret_s) +cdk_stream_open (const char *file, cdk_stream_t * ret_s) { return _cdk_stream_open_mode (file, "rb", ret_s); } @@ -74,26 +75,27 @@ cdk_stream_open (const char *file, cdk_stream_t *ret_s) /* Helper function to allow to open a stream in different modes. */ cdk_error_t -_cdk_stream_open_mode (const char *file, const char *mode, cdk_stream_t *ret_s) +_cdk_stream_open_mode (const char *file, const char *mode, + cdk_stream_t * ret_s) { cdk_stream_t s; - + if (!file || !ret_s) return CDK_Inv_Value; - + _cdk_log_debug ("open stream `%s'\n", file); *ret_s = NULL; s = cdk_calloc (1, sizeof *s); if (!s) return CDK_Out_Of_Core; s->fname = cdk_strdup (file); - if (!s->fname) + if (!s->fname) { cdk_free (s); return CDK_Out_Of_Core; } s->fp = fopen (file, mode); - if (!s->fp) + if (!s->fp) { cdk_free (s->fname); cdk_free (s); @@ -117,18 +119,18 @@ _cdk_stream_open_mode (const char *file, const char *mode, cdk_stream_t *ret_s) */ cdk_error_t cdk_stream_new_from_cbs (cdk_stream_cbs_t cbs, void *opa, - cdk_stream_t *ret_s) + cdk_stream_t * ret_s) { cdk_stream_t s; if (!cbs || !opa || !ret_s) return CDK_Inv_Value; - + *ret_s = NULL; s = cdk_calloc (1, sizeof *s); if (!s) return CDK_Out_Of_Core; - + s->cbs.read = cbs->read; s->cbs.write = cbs->write; s->cbs.seek = cbs->seek; @@ -136,11 +138,11 @@ cdk_stream_new_from_cbs (cdk_stream_cbs_t cbs, void *opa, s->cbs.open = cbs->open; s->cbs_hd = opa; *ret_s = s; - + /* If there is a user callback for open, we need to call it here because read/write expects an open stream. */ if (s->cbs.open) - return s->cbs.open (s->cbs_hd); + return s->cbs.open (s->cbs_hd); return 0; } @@ -153,32 +155,32 @@ cdk_stream_new_from_cbs (cdk_stream_cbs_t cbs, void *opa, * Create a new stream into the given file. **/ cdk_error_t -cdk_stream_new (const char *file, cdk_stream_t *ret_s) +cdk_stream_new (const char *file, cdk_stream_t * ret_s) { cdk_stream_t s; - + if (!ret_s) return CDK_Inv_Value; - - _cdk_log_debug ("new stream `%s'\n", file? file : "[temp]"); + + _cdk_log_debug ("new stream `%s'\n", file ? file : "[temp]"); *ret_s = NULL; s = cdk_calloc (1, sizeof *s); if (!s) - return CDK_Out_Of_Core; + return CDK_Out_Of_Core; s->flags.write = 1; if (!file) s->flags.temp = 1; - else + else { s->fname = cdk_strdup (file); - if (!s->fname) + if (!s->fname) { cdk_free (s); return CDK_Out_Of_Core; } } s->fp = _cdk_tmpfile (); - if (!s->fp) + if (!s->fp) { cdk_free (s->fname); cdk_free (s); @@ -199,13 +201,13 @@ cdk_stream_new (const char *file, cdk_stream_t *ret_s) * this kind of stream and everything is written directly to the stream. **/ cdk_error_t -cdk_stream_create (const char *file, cdk_stream_t *ret_s) +cdk_stream_create (const char *file, cdk_stream_t * ret_s) { cdk_stream_t s; - + if (!file || !ret_s) return CDK_Inv_Value; - + _cdk_log_debug ("create stream `%s'\n", file); *ret_s = NULL; s = cdk_calloc (1, sizeof *s); @@ -230,7 +232,7 @@ cdk_stream_create (const char *file, cdk_stream_t *ret_s) *ret_s = s; return 0; } - + /** * cdk_stream_tmp_new: @@ -239,7 +241,7 @@ cdk_stream_create (const char *file, cdk_stream_t *ret_s) * Allocates a new tempory stream which is not associated with a file. */ cdk_error_t -cdk_stream_tmp_new (cdk_stream_t *r_out) +cdk_stream_tmp_new (cdk_stream_t * r_out) { return cdk_stream_new (NULL, r_out); } @@ -255,17 +257,17 @@ cdk_stream_tmp_new (cdk_stream_t *r_out) * Creates a new tempory stream with the given contests. */ cdk_error_t -cdk_stream_tmp_from_mem (const void *buf, size_t buflen, cdk_stream_t *r_out) +cdk_stream_tmp_from_mem (const void *buf, size_t buflen, cdk_stream_t * r_out) { cdk_stream_t s; cdk_error_t rc; int nwritten; - + *r_out = NULL; rc = cdk_stream_tmp_new (&s); if (rc) return rc; - + nwritten = cdk_stream_write (s, buf, buflen); if (nwritten == EOF) { @@ -277,9 +279,9 @@ cdk_stream_tmp_from_mem (const void *buf, size_t buflen, cdk_stream_t *r_out) return 0; } - + cdk_error_t -_cdk_stream_fpopen (FILE *fp, unsigned write_mode, cdk_stream_t *ret_out) +_cdk_stream_fpopen (FILE * fp, unsigned write_mode, cdk_stream_t * ret_out) { cdk_stream_t s; @@ -287,20 +289,20 @@ _cdk_stream_fpopen (FILE *fp, unsigned write_mode, cdk_stream_t *ret_out) s = cdk_calloc (1, sizeof *s); if (!s) return CDK_Out_Of_Core; - + _cdk_log_debug ("stream ref fd=%d\n", fileno (fp)); s->fp = fp; s->fp_ref = 1; s->flags.filtrated = 1; s->flags.write = write_mode; - + *ret_out = s; return 0; } cdk_error_t -_cdk_stream_append (const char *file, cdk_stream_t *ret_s) +_cdk_stream_append (const char *file, cdk_stream_t * ret_s) { cdk_stream_t s; cdk_error_t rc; @@ -308,11 +310,11 @@ _cdk_stream_append (const char *file, cdk_stream_t *ret_s) if (!ret_s) return CDK_Inv_Value; *ret_s = NULL; - + rc = _cdk_stream_open_mode (file, "a+b", &s); if (rc) return rc; - + /* In the append mode, we need to write to the flag. */ s->flags.write = 1; *ret_s = s; @@ -349,18 +351,18 @@ cdk_error_t cdk_stream_flush (cdk_stream_t s) { cdk_error_t rc; - + if (!s) return CDK_Inv_Value; - + /* The user callback does not support flush */ if (s->cbs_hd) return 0; - + /* For read-only streams, no flush is needed. */ if (!s->flags.write) return 0; - + if (!s->flags.filtrated) { if (!cdk_stream_get_length (s)) @@ -375,7 +377,7 @@ cdk_stream_flush (cdk_stream_t s) { s->error = rc; return rc; - } + } } return 0; } @@ -404,13 +406,13 @@ cdk_stream_close (cdk_stream_t s) { struct stream_filter_s *f, *f2; cdk_error_t rc; - + if (!s) return CDK_Inv_Value; - - _cdk_log_debug ("close stream ref=%d `%s'\n", - s->fp_ref, s->fname? s->fname : "[temp]"); - + + _cdk_log_debug ("close stream ref=%d `%s'\n", + s->fp_ref, s->fname ? s->fname : "[temp]"); + /* In the user callback mode, we call the release cb if possible and just free the stream. */ if (s->cbs_hd) @@ -421,23 +423,23 @@ cdk_stream_close (cdk_stream_t s) rc = 0; cdk_free (s); return rc; - } - - + } + + rc = 0; if (!s->flags.filtrated && !s->error) rc = cdk_stream_flush (s); if (!s->fp_ref && (s->fname || s->flags.temp)) - { + { int err; - + _cdk_log_debug ("close stream fd=%d\n", fileno (s->fp)); err = fclose (s->fp); s->fp = NULL; if (err) rc = CDK_File_Error; } - + /* Iterate over the filter list and use the cleanup flag to free the allocated internal structures. */ f = s->filters; @@ -449,16 +451,16 @@ cdk_stream_close (cdk_stream_t s) cdk_free (f); f = f2; } - + if (s->fname) { cdk_free (s->fname); s->fname = NULL; } - + cdk_free (s->cache.buf); s->cache.alloced = 0; - + cdk_free (s); return rc; } @@ -473,34 +475,34 @@ cdk_stream_close (cdk_stream_t s) int cdk_stream_eof (cdk_stream_t s) { - return s? s->flags.eof : -1; + return s ? s->flags.eof : -1; } -const char* +const char * _cdk_stream_get_fname (cdk_stream_t s) { if (!s) return NULL; if (s->flags.temp) return NULL; - return s->fname? s->fname : NULL; + return s->fname ? s->fname : NULL; } /* Return the underlying FP of the stream. WARNING: This handle should not be closed. */ -FILE* +FILE * _cdk_stream_get_fp (cdk_stream_t s) { - return s? s->fp : NULL; + return s ? s->fp : NULL; } int _cdk_stream_get_errno (cdk_stream_t s) { - return s? s->error : CDK_Inv_Value; + return s ? s->error : CDK_Inv_Value; } @@ -516,38 +518,38 @@ cdk_stream_get_length (cdk_stream_t s) { struct stat statbuf; cdk_error_t rc; - + if (!s) - return (off_t)-1; - + return (off_t) - 1; + /* The user callback does not support stat. */ if (s->cbs_hd) - return 0; - + return 0; + rc = stream_flush (s); if (rc) { s->error = rc; - return (off_t)-1; + return (off_t) - 1; } - + if (fstat (fileno (s->fp), &statbuf)) { s->error = CDK_File_Error; - return (off_t)-1; + return (off_t) - 1; } - + return statbuf.st_size; } -static struct stream_filter_s* +static struct stream_filter_s * filter_add2 (cdk_stream_t s) { struct stream_filter_s *f; - + assert (s); - + f = cdk_calloc (1, sizeof *f); if (!f) return NULL; @@ -560,42 +562,55 @@ filter_add2 (cdk_stream_t s) static struct stream_filter_s * filter_search (cdk_stream_t s, filter_fnct_t fnc) { - struct stream_filter_s * f; - + struct stream_filter_s *f; + assert (s); - - for( f = s->filters; f; f = f->next ) + + for (f = s->filters; f; f = f->next) { if (f->fnct == fnc) return f; } - + return NULL; } -static inline -void set_opaque( struct stream_filter_s* f) +static inline void +set_opaque (struct stream_filter_s *f) { - switch (f->type) - { - case fARMOR : f->opaque = &f->u.afx; break; - case fCIPHER : f->opaque = &f->u.cfx; break; - case fLITERAL : f->opaque = &f->u.pfx; break; - case fCOMPRESS: f->opaque = &f->u.zfx; break; - case fHASH : f->opaque = &f->u.mfx; break; - case fTEXT : f->opaque = &f->u.tfx; break; - default : f->opaque = NULL; + switch (f->type) + { + case fARMOR: + f->opaque = &f->u.afx; + break; + case fCIPHER: + f->opaque = &f->u.cfx; + break; + case fLITERAL: + f->opaque = &f->u.pfx; + break; + case fCOMPRESS: + f->opaque = &f->u.zfx; + break; + case fHASH: + f->opaque = &f->u.mfx; + break; + case fTEXT: + f->opaque = &f->u.tfx; + break; + default: + f->opaque = NULL; } } -struct stream_filter_s* +struct stream_filter_s * filter_add (cdk_stream_t s, filter_fnct_t fnc, int type) { struct stream_filter_s *f; - + assert (s); - + s->flags.filtrated = 0; f = filter_search (s, fnc); if (f) @@ -608,7 +623,7 @@ filter_add (cdk_stream_t s, filter_fnct_t fnc, int type) f->tmp = NULL; f->type = type; - set_opaque(f); + set_opaque (f); return f; } @@ -617,7 +632,7 @@ static int stream_get_mode (cdk_stream_t s) { assert (s); - + if (s->flags.temp) return s->fmode; return s->flags.write; @@ -627,14 +642,18 @@ stream_get_mode (cdk_stream_t s) static filter_fnct_t stream_id_to_filter (int type) { - switch (type) + switch (type) { - case fARMOR : return _cdk_filter_armor; - case fLITERAL : return _cdk_filter_literal; - case fTEXT : return _cdk_filter_text; + case fARMOR: + return _cdk_filter_armor; + case fLITERAL: + return _cdk_filter_literal; + case fTEXT: + return _cdk_filter_text; /* case fCIPHER : return _cdk_filter_cipher; */ /* case fCOMPRESS: return _cdk_filter_compress; */ - default : return NULL; + default: + return NULL; } } @@ -651,10 +670,10 @@ cdk_stream_filter_disable (cdk_stream_t s, int type) { struct stream_filter_s *f; filter_fnct_t fnc; - + if (!s) return CDK_Inv_Value; - + fnc = stream_id_to_filter (type); if (!fnc) return CDK_Inv_Value; @@ -667,13 +686,13 @@ cdk_stream_filter_disable (cdk_stream_t s, int type) /* WARNING: tmp should not be closed by the caller. */ static cdk_error_t -stream_fp_replace (cdk_stream_t s, FILE **tmp) +stream_fp_replace (cdk_stream_t s, FILE ** tmp) { int rc; - + assert (s); - - _cdk_log_debug ("replace stream fd=%d with fd=%d\n", + + _cdk_log_debug ("replace stream fd=%d with fd=%d\n", fileno (s->fp), fileno (*tmp)); rc = fclose (s->fp); if (rc) @@ -690,21 +709,21 @@ stream_fp_replace (cdk_stream_t s, FILE **tmp) static cdk_error_t stream_filter_write (cdk_stream_t s) { - struct stream_filter_s * f; - cdk_error_t rc = 0; + struct stream_filter_s *f; + cdk_error_t rc = 0; + + assert (s); - assert (s); - - if( s->flags.filtrated ) - return CDK_Inv_Value; + if (s->flags.filtrated) + return CDK_Inv_Value; - for( f = s->filters; f; f = f->next ) + for (f = s->filters; f; f = f->next) { if (!f->flags.enabled) continue; /* if there is no next filter, create the final output file */ - _cdk_log_debug( "filter [write]: last filter=%d fname=%s\n", - f->next? 1 : 0, s->fname ); + _cdk_log_debug ("filter [write]: last filter=%d fname=%s\n", + f->next ? 1 : 0, s->fname); if (!f->next && s->fname) f->tmp = fopen (s->fname, "w+b"); else @@ -712,18 +731,18 @@ stream_filter_write (cdk_stream_t s) if (!f->tmp) { rc = CDK_File_Error; - break; - } + break; + } /* If there is no next filter, flush the cache. We also do this - when the next filter is the armor filter because this filter - is special and before it starts, all data should be written. */ - if( (!f->next || f->next->type == fARMOR) && s->cache.size ) + when the next filter is the armor filter because this filter + is special and before it starts, all data should be written. */ + if ((!f->next || f->next->type == fARMOR) && s->cache.size) { rc = stream_cache_flush (s, f->tmp); if (rc) break; - } - rc = f->fnct( f->opaque, f->ctl, s->fp, f->tmp ); + } + rc = f->fnct (f->opaque, f->ctl, s->fp, f->tmp); _cdk_log_debug ("filter [write]: type=%d rc=%d\n", f->type, rc); if (!rc) rc = stream_fp_replace (s, &f->tmp); @@ -734,7 +753,7 @@ stream_filter_write (cdk_stream_t s) _cdk_log_debug ("filter [close]: fd=%d\n", fileno (f->tmp)); fclose (f->tmp); break; - } + } } return rc; } @@ -752,10 +771,10 @@ stream_filter_read (cdk_stream_t s) cdk_error_t rc = 0; assert (s); - + if (s->flags.filtrated) return 0; - + for (f = s->filters; f; f = f->next) { if (!f->flags.enabled) @@ -763,39 +782,39 @@ stream_filter_read (cdk_stream_t s) if (f->flags.error) { _cdk_log_debug ("filter %s [read]: has the error flag; skipped\n", - s->fname? s->fname: "[temp]"); + s->fname ? s->fname : "[temp]"); continue; } - + f->tmp = _cdk_tmpfile (); if (!f->tmp) { rc = CDK_File_Error; break; - } + } rc = f->fnct (f->opaque, f->ctl, s->fp, f->tmp); _cdk_log_debug ("filter %s [read]: type=%d rc=%d\n", - s->fname? s->fname : "[temp]", f->type, rc); + s->fname ? s->fname : "[temp]", f->type, rc); if (rc) { f->flags.error = 1; break; - } - + } + f->flags.error = 0; /* If the filter is read-only, do not replace the FP because the contents were not altered in any way. */ - if (!f->flags.rdonly) + if (!f->flags.rdonly) { rc = stream_fp_replace (s, &f->tmp); if (rc) break; - } - else + } + else { fclose (f->tmp); f->tmp = NULL; - } + } rc = cdk_stream_seek (s, 0); if (rc) break; @@ -806,22 +825,22 @@ stream_filter_read (cdk_stream_t s) not the old because we already used it. */ f->flags.enabled = 0; } - + return rc; } -void* +void * _cdk_stream_get_opaque (cdk_stream_t s, int fid) { - struct stream_filter_s * f; - + struct stream_filter_s *f; + if (!s) return NULL; - + for (f = s->filters; f; f = f->next) { - if ((int)f->type == fid) + if ((int) f->type == fid) return f->opaque; } return NULL; @@ -844,30 +863,30 @@ cdk_stream_read (cdk_stream_t s, void *buf, size_t buflen) { int nread; int rc; - + if (!s) { s->error = CDK_Inv_Value; return EOF; - } - + } + if (s->cbs_hd) { if (s->cbs.read) return s->cbs.read (s->cbs_hd, buf, buflen); return 0; - } - + } + if (s->flags.write && !s->flags.temp) { s->error = CDK_Inv_Mode; - return EOF; /* This is a write stream */ - } - + return EOF; /* This is a write stream */ + } + if (!s->flags.no_filter && !s->cache.on && !s->flags.filtrated) { rc = stream_filter_read (s); - if (rc) + if (rc) { s->error = rc; if (feof (s->fp)) @@ -888,24 +907,24 @@ cdk_stream_read (cdk_stream_t s, void *buf, size_t buflen) { s->error = 0; s->flags.eof = 1; - } + } return nread; } - + int cdk_stream_getc (cdk_stream_t s) { unsigned char buf[2]; int nread; - + if (!s) { s->error = CDK_Inv_Value; return EOF; - } + } nread = cdk_stream_read (s, buf, 1); - if (nread == EOF) + if (nread == EOF) { s->error = CDK_File_Error; return EOF; @@ -926,7 +945,7 @@ cdk_stream_getc (cdk_stream_t s) * partial flushing. **/ int -cdk_stream_write (cdk_stream_t s, const void * buf, size_t count) +cdk_stream_write (cdk_stream_t s, const void *buf, size_t count) { int nwritten; @@ -934,24 +953,24 @@ cdk_stream_write (cdk_stream_t s, const void * buf, size_t count) { s->error = CDK_Inv_Value; return EOF; - } - + } + if (s->cbs_hd) { if (s->cbs.write) return s->cbs.write (s->cbs_hd, buf, count); return 0; - } - + } + if (!s->flags.write) { - s->error = CDK_Inv_Mode; /* this is a read stream */ + s->error = CDK_Inv_Mode; /* this is a read stream */ return EOF; - } - + } + if (!buf && !count) return stream_flush (s); - + if (s->cache.on) { /* We need to resize the buffer if the additional data wouldn't @@ -960,22 +979,23 @@ cdk_stream_write (cdk_stream_t s, const void * buf, size_t count) if (s->cache.size + count > s->cache.alloced) { byte *old = s->cache.buf; - - s->cache.buf = cdk_calloc (1, s->cache.alloced+count+STREAM_BUFSIZE); + + s->cache.buf = + cdk_calloc (1, s->cache.alloced + count + STREAM_BUFSIZE); s->cache.alloced += (count + STREAM_BUFSIZE); memcpy (s->cache.buf, old, s->cache.size); cdk_free (old); - _cdk_log_debug ("stream: enlarge cache to %d octets\n", + _cdk_log_debug ("stream: enlarge cache to %d octets\n", s->cache.alloced); - } + } memcpy (s->cache.buf + s->cache.size, buf, count); s->cache.size += count; return count; } - + nwritten = fwrite (buf, 1, count, s->fp); if (!nwritten) - nwritten = EOF; + nwritten = EOF; return nwritten; } @@ -985,15 +1005,15 @@ cdk_stream_putc (cdk_stream_t s, int c) { byte buf[2]; int nwritten; - + if (!s) { s->error = CDK_Inv_Value; return EOF; - } + } buf[0] = c; nwritten = cdk_stream_write (s, buf, 1); - if (nwritten == EOF) + if (nwritten == EOF) return EOF; return 0; } @@ -1001,8 +1021,8 @@ cdk_stream_putc (cdk_stream_t s, int c) off_t cdk_stream_tell (cdk_stream_t s) -{ - return s? ftell (s->fp): (off_t)-1; +{ + return s ? ftell (s->fp) : (off_t) - 1; } @@ -1010,24 +1030,24 @@ cdk_error_t cdk_stream_seek (cdk_stream_t s, off_t offset) { off_t len; - + if (!s) return CDK_Inv_Value; - + if (s->cbs_hd) { if (s->cbs.seek) return s->cbs.seek (s->cbs_hd, offset); return 0; - } - + } + /* Set or reset the EOF flag. */ len = cdk_stream_get_length (s); if (len == offset) s->flags.eof = 1; else s->flags.eof = 0; - + if (fseek (s->fp, offset, SEEK_SET)) return CDK_File_Error; return 0; @@ -1038,10 +1058,10 @@ static cdk_error_t stream_flush (cdk_stream_t s) { assert (s); - + /* For some constellations it cannot be assured that the return value is defined, thus we ignore it for now. */ - (void)fflush (s->fp); + (void) fflush (s->fp); return 0; } @@ -1085,14 +1105,14 @@ cdk_stream_set_armor_flag (cdk_stream_t s, int armor_type) * into a literal packet with the given mode and file name. **/ cdk_error_t -cdk_stream_set_literal_flag (cdk_stream_t s, cdk_lit_format_t mode, +cdk_stream_set_literal_flag (cdk_stream_t s, cdk_lit_format_t mode, const char *fname) { struct stream_filter_s *f; const char *orig_fname; - + _cdk_log_debug ("stream: enable literal mode.\n"); - + if (!s) return CDK_Inv_Value; @@ -1101,8 +1121,8 @@ cdk_stream_set_literal_flag (cdk_stream_t s, cdk_lit_format_t mode, if (!f) return CDK_Out_Of_Core; f->u.pfx.mode = mode; - f->u.pfx.filename = fname? cdk_strdup (fname) : NULL; - f->u.pfx.orig_filename = orig_fname? cdk_strdup (orig_fname): NULL; + f->u.pfx.filename = fname ? cdk_strdup (fname) : NULL; + f->u.pfx.orig_filename = orig_fname ? cdk_strdup (orig_fname) : NULL; f->ctl = stream_get_mode (s); if (s->blkmode > 0) { @@ -1127,7 +1147,7 @@ cdk_stream_set_literal_flag (cdk_stream_t s, cdk_lit_format_t mode, cdk_error_t cdk_stream_set_compress_flag (cdk_stream_t s, int algo, int level) { - + return CDK_Not_Implemented; #if 0 @@ -1157,7 +1177,7 @@ cdk_error_t cdk_stream_set_text_flag (cdk_stream_t s, const char *lf) { struct stream_filter_s *f; - + if (!s) return CDK_Inv_Value; f = filter_add (s, _cdk_filter_text, fTEXT); @@ -1181,9 +1201,9 @@ cdk_error_t cdk_stream_set_hash_flag (cdk_stream_t s, int digest_algo) { struct stream_filter_s *f; - + if (!s) - return CDK_Inv_Value; + return CDK_Inv_Value; if (stream_get_mode (s)) return CDK_Inv_Mode; f = filter_add (s, _cdk_filter_hash, fHASH); @@ -1212,11 +1232,12 @@ cdk_stream_enable_cache (cdk_stream_t s, int val) return CDK_Inv_Mode; s->cache.on = val; if (!s->cache.buf) - { + { s->cache.buf = cdk_calloc (1, STREAM_BUFSIZE); s->cache.alloced = STREAM_BUFSIZE; - _cdk_log_debug ("stream: allocate cache of %d octets\n", STREAM_BUFSIZE); - } + _cdk_log_debug ("stream: allocate cache of %d octets\n", + STREAM_BUFSIZE); + } return 0; } @@ -1225,9 +1246,9 @@ static int stream_cache_flush (cdk_stream_t s, FILE * fp) { int nwritten; - + assert (s); - + /* FIXME: We should find a way to use cdk_stream_write here. */ if (s->cache.size > 0) { @@ -1260,19 +1281,19 @@ cdk_stream_kick_off (cdk_stream_t inp, cdk_stream_t out) if (!inp || !out) return CDK_Inv_Value; rc = CDK_Success; - while (!cdk_stream_eof (inp)) + while (!cdk_stream_eof (inp)) { nread = cdk_stream_read (inp, buf, DIM (buf)); if (!nread || nread == EOF) break; nwritten = cdk_stream_write (out, buf, nread); if (!nwritten || nwritten == EOF) - { /* In case of errors, we leave the loop. */ + { /* In case of errors, we leave the loop. */ rc = inp->error; break; } } - + wipemem (buf, sizeof (buf)); return rc; } @@ -1291,27 +1312,27 @@ cdk_stream_kick_off (cdk_stream_t inp, cdk_stream_t out) **/ cdk_error_t cdk_stream_mmap_part (cdk_stream_t s, off_t off, size_t len, - byte **ret_buf, size_t *ret_buflen) + byte ** ret_buf, size_t * ret_buflen) { cdk_error_t rc; off_t oldpos; - unsigned int n; - + unsigned int n; + if (!ret_buf || !ret_buflen) return CDK_Inv_Value; *ret_buf = NULL; *ret_buflen = 0; - + if (!s) return CDK_Inv_Value; - + /* Memory mapping is not supported on custom I/O objects. */ if (s->cbs_hd) { _cdk_log_debug ("cdk_stream_mmap_part: not supported on callbacks\n"); return CDK_Inv_Mode; - } - + } + oldpos = cdk_stream_tell (s); rc = cdk_stream_flush (s); if (rc) @@ -1328,8 +1349,8 @@ cdk_stream_mmap_part (cdk_stream_t s, off_t off, size_t len, } if (len > MAX_MAP_SIZE) return CDK_Too_Short; - - *ret_buf = cdk_calloc (1, len+1); + + *ret_buf = cdk_calloc (1, len + 1); *ret_buflen = len; n = cdk_stream_read (s, *ret_buf, len); if (n != len) @@ -1340,10 +1361,10 @@ cdk_stream_mmap_part (cdk_stream_t s, off_t off, size_t len, cdk_error_t -cdk_stream_mmap (cdk_stream_t inp, byte **buf, size_t *buflen) +cdk_stream_mmap (cdk_stream_t inp, byte ** buf, size_t * buflen) { off_t len; - + /* We need to make sure all data is flushed before we retrieve the size. */ cdk_stream_flush (inp); len = cdk_stream_get_length (inp); @@ -1361,20 +1382,20 @@ cdk_stream_mmap (cdk_stream_t inp, byte **buf, size_t *buflen) * the file pointer is moved to the old position after the bytes were read. **/ int -cdk_stream_peek (cdk_stream_t inp, byte *buf, size_t buflen) +cdk_stream_peek (cdk_stream_t inp, byte * buf, size_t buflen) { off_t off; int nbytes; - + if (!inp || !buf) return 0; if (inp->cbs_hd) return 0; - + off = cdk_stream_tell (inp); nbytes = cdk_stream_read (inp, buf, buflen); if (nbytes == -1) - return 0; + return 0; if (cdk_stream_seek (inp, off)) return 0; return nbytes; @@ -1383,17 +1404,17 @@ cdk_stream_peek (cdk_stream_t inp, byte *buf, size_t buflen) /* Try to read a line from the given stream. */ int -_cdk_stream_gets (cdk_stream_t s, char * buf, size_t count) +_cdk_stream_gets (cdk_stream_t s, char *buf, size_t count) { int c, i; - + assert (s); - + i = 0; while (!cdk_stream_eof (s) && count > 0) { c = cdk_stream_getc (s); - if (c == EOF || c == '\r' || c == '\n' ) + if (c == EOF || c == '\r' || c == '\n') { buf[i++] = '\0'; break; @@ -1418,9 +1439,9 @@ cdk_error_t _cdk_stream_set_blockmode (cdk_stream_t s, size_t nbytes) { assert (s); - + _cdk_log_debug ("stream: activate block mode with blocksize %d\n", nbytes); - s->blkmode = nbytes; + s->blkmode = nbytes; return 0; } @@ -1429,5 +1450,5 @@ _cdk_stream_set_blockmode (cdk_stream_t s, size_t nbytes) int _cdk_stream_get_blockmode (cdk_stream_t s) { - return s? s->blkmode : 0; + return s ? s->blkmode : 0; } diff --git a/lib/opencdk/verify.c b/lib/opencdk/verify.c index de5feb0064..18d9d69a03 100644 --- a/lib/opencdk/verify.c +++ b/lib/opencdk/verify.c @@ -36,17 +36,26 @@ /* Table of all supported digest algorithms and their names. */ -struct { - const char *name; - int algo; -} digest_table[] = { - {"MD5", GNUTLS_DIG_MD5}, - {"SHA1", GNUTLS_DIG_SHA1}, - {"RIPEMD160", GNUTLS_DIG_RMD160}, - {"SHA256", GNUTLS_DIG_SHA256}, - {"SHA384", GNUTLS_DIG_SHA384}, - {"SHA512", GNUTLS_DIG_SHA512}, - {NULL, 0} +struct +{ + const char *name; + int algo; +} digest_table[] = +{ + { + "MD5", GNUTLS_DIG_MD5}, + { + "SHA1", GNUTLS_DIG_SHA1}, + { + "RIPEMD160", GNUTLS_DIG_RMD160}, + { + "SHA256", GNUTLS_DIG_SHA256}, + { + "SHA384", GNUTLS_DIG_SHA384}, + { + "SHA512", GNUTLS_DIG_SHA512}, + { + NULL, 0} }; @@ -90,18 +99,18 @@ cdk_file_verify (cdk_ctx_t hd, const char *file, const char *data_file, char buf[4096]; int n; cdk_error_t rc; - + if (!hd || !file) return CDK_Inv_Value; if (output && !hd->opt.overwrite && !stat (output, &stbuf)) return CDK_Inv_Mode; - + rc = cdk_stream_open (file, &inp); if (rc) return rc; - if (cdk_armor_filter_use (inp)) + if (cdk_armor_filter_use (inp)) { - n = cdk_stream_peek (inp, (byte*) buf, DIM (buf)-1); + n = cdk_stream_peek (inp, (byte *) buf, DIM (buf) - 1); if (!n || n == -1) return CDK_EOF; buf[n] = '\0'; @@ -112,7 +121,7 @@ cdk_file_verify (cdk_ctx_t hd, const char *file, const char *data_file, } cdk_stream_set_armor_flag (inp, 0); } - + if (data_file) { rc = cdk_stream_open (data_file, &data); @@ -121,12 +130,12 @@ cdk_file_verify (cdk_ctx_t hd, const char *file, const char *data_file, cdk_stream_close (inp); return rc; } - } + } else data = NULL; - + rc = _cdk_proc_packets (hd, inp, data, NULL, NULL, NULL); - + if (data != NULL) cdk_stream_close (data); cdk_stream_close (inp); @@ -149,7 +158,7 @@ cdk_verify_result_t _cdk_result_verify_new (void) { cdk_verify_result_t res; - + res = cdk_calloc (1, sizeof *res); if (!res) return NULL; @@ -168,103 +177,103 @@ file_verify_clearsign (cdk_ctx_t hd, const char *file, const char *output) int digest_algo = 0; int err; cdk_error_t rc; - + if (output) { rc = cdk_stream_create (output, &out); if (rc) return rc; } - + rc = cdk_stream_open (file, &inp); if (rc) { if (output) cdk_stream_close (out); - return rc; - } - + return rc; + } + s = "-----BEGIN PGP SIGNED MESSAGE-----"; - while (!cdk_stream_eof (inp)) + while (!cdk_stream_eof (inp)) { - nbytes = _cdk_stream_gets (inp, buf, DIM (buf)-1); + nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; - if (!strncmp (buf, s, strlen (s))) + if (!strncmp (buf, s, strlen (s))) { is_signed = 1; break; } } - + if (cdk_stream_eof (inp) && !is_signed) { rc = CDK_Armor_Error; goto leave; } - - while (!cdk_stream_eof (inp)) + + while (!cdk_stream_eof (inp)) { - nbytes = _cdk_stream_gets (inp, buf, DIM (buf)-1); + nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; - if (nbytes == 1) /* Empty line */ + if (nbytes == 1) /* Empty line */ break; else if (!strncmp (buf, "Hash: ", 6)) { for (i = 0; digest_table[i].name; i++) { - if (!strcmp (buf + 6, digest_table[i].name)) + if (!strcmp (buf + 6, digest_table[i].name)) { digest_algo = digest_table[i].algo; break; } } - } + } } - - if (digest_algo && _gnutls_hash_get_algo_len(digest_algo) <= 0) + + if (digest_algo && _gnutls_hash_get_algo_len (digest_algo) <= 0) { rc = CDK_Inv_Algo; goto leave; } - + if (!digest_algo) digest_algo = GNUTLS_DIG_MD5; - + err = _gnutls_hash_init (&md, digest_algo); if (err < 0) { rc = map_gnutls_error (err); goto leave; - } + } s = "-----BEGIN PGP SIGNATURE-----"; - while (!cdk_stream_eof (inp)) + while (!cdk_stream_eof (inp)) { - nbytes = _cdk_stream_gets (inp, buf, DIM (buf)-1); + nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; if (!strncmp (buf, s, strlen (s))) break; - else + else { - cdk_stream_peek (inp, (byte*)chk, DIM (chk)-1); + cdk_stream_peek (inp, (byte *) chk, DIM (chk) - 1); i = strncmp (chk, s, strlen (s)); if (strlen (buf) == 0 && i == 0) - continue; /* skip last '\n' */ - _cdk_trim_string (buf, i == 0? 0 : 1); + continue; /* skip last '\n' */ + _cdk_trim_string (buf, i == 0 ? 0 : 1); _gnutls_hash (&md, buf, strlen (buf)); - } - if (!strncmp (buf, "- ", 2)) /* FIXME: handle it recursive. */ + } + if (!strncmp (buf, "- ", 2)) /* FIXME: handle it recursive. */ memmove (buf, buf + 2, nbytes - 2); - if (out) + if (out) { if (strstr (buf, "\r\n")) - buf[strlen (buf)-2] = '\0'; + buf[strlen (buf) - 2] = '\0'; cdk_stream_write (out, buf, strlen (buf)); _cdk_stream_puts (out, _cdk_armor_get_lineend ()); - } + } } /* We create a temporary stream object to store the @@ -277,12 +286,12 @@ file_verify_clearsign (cdk_ctx_t hd, const char *file, const char *output) _cdk_stream_puts (tmp, s); while (!cdk_stream_eof (inp)) { - nbytes = _cdk_stream_gets (inp, buf, DIM (buf)-1); + nbytes = _cdk_stream_gets (inp, buf, DIM (buf) - 1); if (!nbytes || nbytes == -1) break; - if (nbytes < (int)(DIM (buf) -3)) + if (nbytes < (int) (DIM (buf) - 3)) { - buf[nbytes-1] = '\n'; + buf[nbytes - 1] = '\n'; buf[nbytes] = '\0'; } cdk_stream_write (tmp, buf, nbytes); @@ -293,11 +302,11 @@ file_verify_clearsign (cdk_ctx_t hd, const char *file, const char *output) cdk_stream_seek (tmp, 0); cdk_stream_set_armor_flag (tmp, 0); cdk_stream_read (tmp, NULL, 0); - + /* the digest handle will be closed there. */ rc = _cdk_proc_packets (hd, tmp, NULL, NULL, NULL, &md); - - leave: + +leave: _gnutls_hash_deinit (&md, NULL); cdk_stream_close (out); cdk_stream_close (tmp); diff --git a/lib/opencdk/write-packet.c b/lib/opencdk/write-packet.c index c5ba1cc08d..24e47b0574 100644 --- a/lib/opencdk/write-packet.c +++ b/lib/opencdk/write-packet.c @@ -36,16 +36,16 @@ static int stream_write (cdk_stream_t s, const void *buf, size_t buflen) { int nwritten; - + nwritten = cdk_stream_write (s, buf, buflen); if (nwritten == EOF) return _cdk_stream_get_errno (s); - return 0; + return 0; } static int -stream_read (cdk_stream_t s, void *buf, size_t buflen, size_t *r_nread) +stream_read (cdk_stream_t s, void *buf, size_t buflen, size_t * r_nread) { int nread; @@ -73,7 +73,7 @@ static int write_32 (cdk_stream_t out, u32 u) { byte buf[4]; - + buf[0] = u >> 24; buf[1] = u >> 16; buf[2] = u >> 8; @@ -86,7 +86,7 @@ static int write_16 (cdk_stream_t out, u16 u) { byte buf[2]; - + buf[0] = u >> 8; buf[1] = u; return stream_write (out, buf, 2); @@ -97,7 +97,7 @@ static size_t calc_mpisize (bigint_t mpi[MAX_CDK_PK_PARTS], size_t ncount) { size_t size, i; - + size = 0; for (i = 0; i < ncount; i++) size += (_gnutls_mpi_get_nbits (mpi[i]) + 7) / 8 + 2; @@ -108,18 +108,18 @@ calc_mpisize (bigint_t mpi[MAX_CDK_PK_PARTS], size_t ncount) static int write_mpi (cdk_stream_t out, bigint_t m) { - byte buf[MAX_MPI_BYTES+2]; + byte buf[MAX_MPI_BYTES + 2]; size_t nbits, nread; int err; - + if (!out || !m) return CDK_Inv_Value; nbits = _gnutls_mpi_get_nbits (m); if (nbits > MAX_MPI_BITS || nbits < 1) return CDK_MPI_Error; - nread = MAX_MPI_BYTES+2; - err = _gnutls_mpi_print_pgp( m, buf, &nread); + nread = MAX_MPI_BYTES + 2; + err = _gnutls_mpi_print_pgp (m, buf, &nread); if (err < 0) return map_gnutls_error (err); return stream_write (out, buf, nread); @@ -131,9 +131,9 @@ write_mpibuf (cdk_stream_t out, bigint_t mpi[MAX_CDK_PK_PARTS], size_t count) { size_t i; cdk_error_t rc; - + for (i = 0; i < count; i++) - { + { rc = write_mpi (out, mpi[i]); if (rc) return rc; @@ -146,31 +146,31 @@ static cdk_error_t pkt_encode_len (cdk_stream_t out, size_t pktlen) { cdk_error_t rc; - + assert (out); rc = 0; if (!pktlen) { /* Block mode, partial bodies, with 'DEF_BLOCKSIZE' from main.h */ - rc = stream_putc( out, (0xE0|DEF_BLOCKBITS) ); + rc = stream_putc (out, (0xE0 | DEF_BLOCKBITS)); } else if (pktlen < 192) rc = stream_putc (out, pktlen); - else if (pktlen < 8384) + else if (pktlen < 8384) { pktlen -= 192; rc = stream_putc (out, (pktlen / 256) + 192); if (!rc) rc = stream_putc (out, (pktlen % 256)); } - else + else { rc = stream_putc (out, 255); if (!rc) rc = write_32 (out, pktlen); } - + return rc; } @@ -222,7 +222,7 @@ write_head_old (cdk_stream_t out, size_t size, int type) else rc = write_32 (out, size); } - + return rc; } @@ -233,7 +233,7 @@ static cdk_error_t pkt_write_head2 (cdk_stream_t out, size_t size, int type) { cdk_error_t rc; - + rc = cdk_stream_putc (out, 0x80 | (type << 2) | 1); if (!rc) rc = cdk_stream_putc (out, size >> 8); @@ -265,7 +265,7 @@ write_pubkey_enc (cdk_stream_t out, cdk_pkt_pubkey_enc_t pke, int old_ctb) return CDK_Inv_Packet; if (!KEY_CAN_ENCRYPT (pke->pubkey_algo)) return CDK_Inv_Algo; - + if (DEBUG_PKT) _cdk_log_debug ("write_pubkey_enc:\n"); @@ -274,14 +274,14 @@ write_pubkey_enc (cdk_stream_t out, cdk_pkt_pubkey_enc_t pke, int old_ctb) rc = pkt_write_head (out, old_ctb, size, CDK_PKT_PUBKEY_ENC); if (rc) return rc; - + rc = stream_putc (out, pke->version); if (!rc) rc = write_32 (out, pke->keyid[0]); if (!rc) rc = write_32 (out, pke->keyid[1]); if (!rc) - rc = stream_putc (out, _cdk_pub_algo_to_pgp(pke->pubkey_algo)); + rc = stream_putc (out, _cdk_pub_algo_to_pgp (pke->pubkey_algo)); if (!rc) rc = write_mpibuf (out, pke->mpi, nenc); return rc; @@ -295,12 +295,12 @@ write_mdc (cdk_stream_t out, cdk_pkt_mdc_t mdc) assert (mdc); assert (out); - + if (DEBUG_PKT) _cdk_log_debug ("write_mdc:\n"); /* This packet requires a fixed header encoding */ - rc = stream_putc (out, 0xD3); /* packet ID and 1 byte length */ + rc = stream_putc (out, 0xD3); /* packet ID and 1 byte length */ if (!rc) rc = stream_putc (out, 0x14); if (!rc) @@ -313,7 +313,7 @@ static size_t calc_subpktsize (cdk_subpkt_t s) { size_t nbytes; - + /* In the count mode, no buffer is returned. */ _cdk_subpkt_get_array (s, 1, &nbytes); return nbytes; @@ -325,7 +325,7 @@ write_v3_sig (cdk_stream_t out, cdk_pkt_signature_t sig, int nsig) { size_t size; cdk_error_t rc; - + size = 19 + calc_mpisize (sig->mpi, nsig); if (is_RSA (sig->pubkey_algo)) rc = pkt_write_head2 (out, size, CDK_PKT_SIGNATURE); @@ -344,9 +344,9 @@ write_v3_sig (cdk_stream_t out, cdk_pkt_signature_t sig, int nsig) if (!rc) rc = write_32 (out, sig->keyid[1]); if (!rc) - rc = stream_putc (out, _cdk_pub_algo_to_pgp(sig->pubkey_algo)); + rc = stream_putc (out, _cdk_pub_algo_to_pgp (sig->pubkey_algo)); if (!rc) - rc = stream_putc (out, _gnutls_hash_algo_to_pgp(sig->digest_algo)); + rc = stream_putc (out, _gnutls_hash_algo_to_pgp (sig->digest_algo)); if (!rc) rc = stream_putc (out, sig->digest_start[0]); if (!rc) @@ -366,7 +366,7 @@ write_signature (cdk_stream_t out, cdk_pkt_signature_t sig, int old_ctb) assert (out); assert (sig); - + if (!KEY_CAN_SIGN (sig->pubkey_algo)) return CDK_Inv_Algo; if (sig->version < 2 || sig->version > 4) @@ -374,7 +374,7 @@ write_signature (cdk_stream_t out, cdk_pkt_signature_t sig, int old_ctb) if (DEBUG_PKT) _cdk_log_debug ("write_signature:\n"); - + nsig = cdk_pk_get_nsig (sig->pubkey_algo); if (!nsig) return CDK_Inv_Algo; @@ -382,20 +382,19 @@ write_signature (cdk_stream_t out, cdk_pkt_signature_t sig, int old_ctb) return write_v3_sig (out, sig, nsig); size = 10 + calc_subpktsize (sig->hashed) - + calc_subpktsize (sig->unhashed) - + calc_mpisize (sig->mpi, nsig); + + calc_subpktsize (sig->unhashed) + calc_mpisize (sig->mpi, nsig); rc = pkt_write_head (out, 0, size, CDK_PKT_SIGNATURE); if (!rc) rc = stream_putc (out, 4); if (!rc) rc = stream_putc (out, sig->sig_class); if (!rc) - rc = stream_putc (out, _cdk_pub_algo_to_pgp(sig->pubkey_algo)); + rc = stream_putc (out, _cdk_pub_algo_to_pgp (sig->pubkey_algo)); if (!rc) - rc = stream_putc (out, _gnutls_hash_algo_to_pgp(sig->digest_algo)); + rc = stream_putc (out, _gnutls_hash_algo_to_pgp (sig->digest_algo)); if (!rc) rc = write_16 (out, sig->hashed_size); - if (!rc) + if (!rc) { buf = _cdk_subpkt_get_array (sig->hashed, 0, &nbytes); if (!buf) @@ -425,27 +424,27 @@ write_signature (cdk_stream_t out, cdk_pkt_signature_t sig, int old_ctb) static cdk_error_t write_public_key (cdk_stream_t out, cdk_pkt_pubkey_t pk, - int is_subkey, int old_ctb) + int is_subkey, int old_ctb) { int pkttype, ndays = 0; size_t npkey = 0, size = 6; cdk_error_t rc; - + assert (out); assert (pk); - + if (pk->version < 2 || pk->version > 4) return CDK_Inv_Packet; - + if (DEBUG_PKT) _cdk_log_debug ("write_public_key: subkey=%d\n", is_subkey); - pkttype = is_subkey? CDK_PKT_PUBLIC_SUBKEY : CDK_PKT_PUBLIC_KEY; + pkttype = is_subkey ? CDK_PKT_PUBLIC_SUBKEY : CDK_PKT_PUBLIC_KEY; npkey = cdk_pk_get_npkey (pk->pubkey_algo); if (!npkey) return CDK_Inv_Algo; if (pk->version < 4) - size += 2; /* expire date */ + size += 2; /* expire date */ if (is_subkey) old_ctb = 0; size += calc_mpisize (pk->mpi, npkey); @@ -458,13 +457,13 @@ write_public_key (cdk_stream_t out, cdk_pkt_pubkey_t pk, if (!rc) rc = write_32 (out, pk->timestamp); if (!rc && pk->version < 4) - { + { if (pk->expiredate) ndays = (u16) ((pk->expiredate - pk->timestamp) / 86400L); rc = write_16 (out, ndays); } if (!rc) - rc = stream_putc (out, _cdk_pub_algo_to_pgp(pk->pubkey_algo)); + rc = stream_putc (out, _cdk_pub_algo_to_pgp (pk->pubkey_algo)); if (!rc) rc = write_mpibuf (out, pk->mpi, npkey); return rc; @@ -475,24 +474,30 @@ static int calc_s2ksize (cdk_pkt_seckey_t sk) { size_t nbytes = 0; - + if (!sk->is_protected) return 0; switch (sk->protect.s2k->mode) - { - case CDK_S2K_SIMPLE : nbytes = 2; break; - case CDK_S2K_SALTED : nbytes = 10; break; - case CDK_S2K_ITERSALTED: nbytes = 11; break; + { + case CDK_S2K_SIMPLE: + nbytes = 2; + break; + case CDK_S2K_SALTED: + nbytes = 10; + break; + case CDK_S2K_ITERSALTED: + nbytes = 11; + break; } nbytes += sk->protect.ivlen; - nbytes++; /* single cipher byte */ + nbytes++; /* single cipher byte */ return nbytes; } - + static cdk_error_t -write_secret_key( cdk_stream_t out, cdk_pkt_seckey_t sk, - int is_subkey, int old_ctb ) +write_secret_key (cdk_stream_t out, cdk_pkt_seckey_t sk, + int is_subkey, int old_ctb) { cdk_pkt_pubkey_t pk = NULL; size_t size = 6, npkey, nskey; @@ -501,47 +506,48 @@ write_secret_key( cdk_stream_t out, cdk_pkt_seckey_t sk, assert (out); assert (sk); - + if (!sk->pk) return CDK_Inv_Value; pk = sk->pk; if (pk->version < 2 || pk->version > 4) return CDK_Inv_Packet; - + if (DEBUG_PKT) _cdk_log_debug ("write_secret_key:\n"); - + npkey = cdk_pk_get_npkey (pk->pubkey_algo); nskey = cdk_pk_get_nskey (pk->pubkey_algo); - if (!npkey || !nskey) { - gnutls_assert(); - return CDK_Inv_Algo; - } + if (!npkey || !nskey) + { + gnutls_assert (); + return CDK_Inv_Algo; + } if (pk->version < 4) size += 2; /* If the key is unprotected, the 1 extra byte: 1 octet - cipher algorithm byte (0x00) - the other bytes depend on the mode: + the other bytes depend on the mode: a) simple checksum - 2 octets b) sha-1 checksum - 20 octets */ - size = !sk->is_protected? size + 1 : size + 1 + calc_s2ksize (sk); + size = !sk->is_protected ? size + 1 : size + 1 + calc_s2ksize (sk); size += calc_mpisize (pk->mpi, npkey); - if (sk->version == 3 || !sk->is_protected) + if (sk->version == 3 || !sk->is_protected) { - if (sk->version == 3) + if (sk->version == 3) { - size += 2; /* force simple checksum */ + size += 2; /* force simple checksum */ sk->protect.sha1chk = 0; } else - size += sk->protect.sha1chk? 20 : 2; + size += sk->protect.sha1chk ? 20 : 2; size += calc_mpisize (sk->mpi, nskey); } - else /* We do not know anything about the encrypted mpi's so we - treat the data as opaque. */ + else /* We do not know anything about the encrypted mpi's so we + treat the data as opaque. */ size += sk->enclen; - pkttype = is_subkey? CDK_PKT_SECRET_SUBKEY : CDK_PKT_SECRET_KEY; + pkttype = is_subkey ? CDK_PKT_SECRET_SUBKEY : CDK_PKT_SECRET_KEY; rc = pkt_write_head (out, old_ctb, size, pkttype); if (!rc) rc = stream_putc (out, pk->version); @@ -555,26 +561,26 @@ write_secret_key( cdk_stream_t out, cdk_pkt_seckey_t sk, rc = write_16 (out, ndays); } if (!rc) - rc = stream_putc (out, _cdk_pub_algo_to_pgp(pk->pubkey_algo)); - if( !rc ) + rc = stream_putc (out, _cdk_pub_algo_to_pgp (pk->pubkey_algo)); + if (!rc) rc = write_mpibuf (out, pk->mpi, npkey); if (sk->is_protected == 0) rc = stream_putc (out, 0x00); - else + else { if (is_RSA (pk->pubkey_algo) && pk->version < 4) - stream_putc (out, _gnutls_cipher_to_pgp(sk->protect.algo)); + stream_putc (out, _gnutls_cipher_to_pgp (sk->protect.algo)); else if (sk->protect.s2k) { s2k_mode = sk->protect.s2k->mode; - rc = stream_putc (out, sk->protect.sha1chk? 0xFE : 0xFF); + rc = stream_putc (out, sk->protect.sha1chk ? 0xFE : 0xFF); if (!rc) - rc = stream_putc (out, _gnutls_cipher_to_pgp(sk->protect.algo)); + rc = stream_putc (out, _gnutls_cipher_to_pgp (sk->protect.algo)); if (!rc) rc = stream_putc (out, sk->protect.s2k->mode); if (!rc) - rc = stream_putc( out, sk->protect.s2k->hash_algo); - if (!rc && (s2k_mode == 1 || s2k_mode == 3)) + rc = stream_putc (out, sk->protect.s2k->hash_algo); + if (!rc && (s2k_mode == 1 || s2k_mode == 3)) { rc = stream_write (out, sk->protect.s2k->salt, 8); if (!rc && s2k_mode == 3) @@ -590,33 +596,33 @@ write_secret_key( cdk_stream_t out, cdk_pkt_seckey_t sk, if (sk->encdata && sk->enclen) rc = stream_write (out, sk->encdata, sk->enclen); } - else + else { if (!rc) rc = write_mpibuf (out, sk->mpi, nskey); - if (!rc) + if (!rc) { if (!sk->csum) sk->csum = _cdk_sk_get_csum (sk); rc = write_16 (out, sk->csum); } } - + return rc; } static cdk_error_t -write_compressed (cdk_stream_t out, cdk_pkt_compressed_t cd ) +write_compressed (cdk_stream_t out, cdk_pkt_compressed_t cd) { cdk_error_t rc; assert (out); assert (cd); - + if (DEBUG_PKT) _cdk_log_debug ("packet: write_compressed\n"); - + /* Use an old (RFC1991) header for this packet. */ rc = pkt_write_head (out, 1, 0, CDK_PKT_COMPRESSED); if (!rc) @@ -639,7 +645,7 @@ write_literal (cdk_stream_t out, cdk_pkt_literal_t pt, int old_ctb) At least one octet must be present. */ if (!pt->len) return CDK_Inv_Packet; - + if (DEBUG_PKT) _cdk_log_debug ("write_literal:\n"); @@ -654,26 +660,26 @@ write_literal (cdk_stream_t out, cdk_pkt_literal_t pt, int old_ctb) rc = stream_putc (out, pt->namelen); if (rc) return rc; - + if (pt->namelen > 0) - rc = stream_write (out, pt->name, pt->namelen); + rc = stream_write (out, pt->name, pt->namelen); if (!rc) rc = write_32 (out, pt->timestamp); if (rc) return rc; - - while (!cdk_stream_eof (pt->buf) && !rc) + + while (!cdk_stream_eof (pt->buf) && !rc) { rc = stream_read (pt->buf, buf, DIM (buf), &size); if (!rc) rc = stream_write (out, buf, size); } - + wipemem (buf, sizeof (buf)); return rc; } - + static cdk_error_t write_onepass_sig (cdk_stream_t out, cdk_pkt_onepass_sig_t sig) { @@ -687,16 +693,16 @@ write_onepass_sig (cdk_stream_t out, cdk_pkt_onepass_sig_t sig) if (DEBUG_PKT) _cdk_log_debug ("write_onepass_sig:\n"); - + rc = pkt_write_head (out, 0, 13, CDK_PKT_ONEPASS_SIG); if (!rc) rc = stream_putc (out, sig->version); if (!rc) rc = stream_putc (out, sig->sig_class); if (!rc) - rc = stream_putc (out, _gnutls_hash_algo_to_pgp(sig->digest_algo)); + rc = stream_putc (out, _gnutls_hash_algo_to_pgp (sig->digest_algo)); if (!rc) - rc = stream_putc (out, _cdk_pub_algo_to_pgp(sig->pubkey_algo)); + rc = stream_putc (out, _cdk_pub_algo_to_pgp (sig->pubkey_algo)); if (!rc) rc = write_32 (out, sig->keyid[0]); if (!rc) @@ -708,27 +714,29 @@ write_onepass_sig (cdk_stream_t out, cdk_pkt_onepass_sig_t sig) static cdk_error_t -write_user_id (cdk_stream_t out, cdk_pkt_userid_t id, int old_ctb, int pkttype) +write_user_id (cdk_stream_t out, cdk_pkt_userid_t id, int old_ctb, + int pkttype) { cdk_error_t rc; if (!out || !id) return CDK_Inv_Value; - + if (pkttype == CDK_PKT_ATTRIBUTE) { if (!id->attrib_img) return CDK_Inv_Value; - rc = pkt_write_head (out, old_ctb, id->attrib_len+6, CDK_PKT_ATTRIBUTE); + rc = + pkt_write_head (out, old_ctb, id->attrib_len + 6, CDK_PKT_ATTRIBUTE); if (rc) return rc; /* Write subpacket part. */ stream_putc (out, 255); - write_32 (out, id->attrib_len+1); + write_32 (out, id->attrib_len + 1); stream_putc (out, 1); rc = stream_write (out, id->attrib_img, id->attrib_len); - } - else + } + else { if (!id->name) return CDK_Inv_Value; @@ -736,7 +744,7 @@ write_user_id (cdk_stream_t out, cdk_pkt_userid_t id, int old_ctb, int pkttype) if (!rc) rc = stream_write (out, id->name, id->len); } - + return rc; } @@ -756,9 +764,9 @@ cdk_pkt_write (cdk_stream_t out, cdk_packet_t pkt) if (!out || !pkt) return CDK_Inv_Value; - + _cdk_log_debug ("write packet pkttype=%d\n", pkt->pkttype); - switch (pkt->pkttype) + switch (pkt->pkttype) { case CDK_PKT_LITERAL: rc = write_literal (out, pkt->pkt.literal, pkt->old_ctb); @@ -798,7 +806,7 @@ cdk_pkt_write (cdk_stream_t out, cdk_packet_t pkt) rc = CDK_Inv_Packet; break; } - + if (DEBUG_PKT) _cdk_log_debug ("write_packet rc=%d pkttype=%d\n", rc, pkt->pkttype); return rc; @@ -828,7 +836,7 @@ _cdk_pkt_write2 (cdk_stream_t out, int pkttype, void *pktctx) case CDK_PKT_SECRET_SUBKEY: pkt->pkt.secret_key = pktctx; break; - + case CDK_PKT_USER_ID: pkt->pkt.user_id = pktctx; break; @@ -841,11 +849,11 @@ _cdk_pkt_write2 (cdk_stream_t out, int pkttype, void *pktctx) cdk_error_t -_cdk_pkt_write_fp (FILE *out, cdk_packet_t pkt) +_cdk_pkt_write_fp (FILE * out, cdk_packet_t pkt) { cdk_stream_t so; cdk_error_t rc; - + rc = _cdk_stream_fpopen (out, 1, &so); if (rc) return rc; diff --git a/lib/openpgp/compat.c b/lib/openpgp/compat.c index 51b78caf6f..b84be93310 100644 --- a/lib/openpgp/compat.c +++ b/lib/openpgp/compat.c @@ -66,7 +66,8 @@ _gnutls_openpgp_verify_key (const gnutls_certificate_credentials_t cred, return ret; } - ret = gnutls_openpgp_crt_import (key, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW); + ret = + gnutls_openpgp_crt_import (key, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) { gnutls_assert (); diff --git a/lib/openpgp/extras.c b/lib/openpgp/extras.c index 322d6fab52..745e95ba82 100644 --- a/lib/openpgp/extras.c +++ b/lib/openpgp/extras.c @@ -132,7 +132,7 @@ gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t keyring, if (data->data == NULL || data->size == 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } @@ -171,17 +171,19 @@ gnutls_openpgp_keyring_import (gnutls_openpgp_keyring_t keyring, goto error; } - size_t written=0; - do - { - err = cdk_stream_read (input, raw_data+written, raw_len-written); + size_t written = 0; + do + { + err = + cdk_stream_read (input, raw_data + written, raw_len - written); + + if (err > 0) + written += err; + } + while (written < raw_len && err != EOF && err > 0); - if (err > 0) written += err; - } - while( written < raw_len && err != EOF && err > 0); - raw_len = written; - + } else { /* RAW */ @@ -266,8 +268,7 @@ gnutls_openpgp_keyring_get_crt_count (gnutls_openpgp_keyring_t ring) **/ int gnutls_openpgp_keyring_get_crt (gnutls_openpgp_keyring_t ring, - unsigned int idx, - gnutls_openpgp_crt_t * cert) + unsigned int idx, gnutls_openpgp_crt_t * cert) { cdk_kbnode_t knode; cdk_error_t err; diff --git a/lib/openpgp/output.c b/lib/openpgp/output.c index e05c3ff94d..027f27ce06 100644 --- a/lib/openpgp/output.c +++ b/lib/openpgp/output.c @@ -76,7 +76,8 @@ hexprint (gnutls_string * str, const char *data, size_t len) } static void -print_key_usage (gnutls_string * str, gnutls_openpgp_crt_t cert, unsigned int idx) +print_key_usage (gnutls_string * str, gnutls_openpgp_crt_t cert, + unsigned int idx) { unsigned int key_usage; int err; @@ -84,7 +85,7 @@ print_key_usage (gnutls_string * str, gnutls_openpgp_crt_t cert, unsigned int id addf (str, _("\t\tKey Usage:\n")); - if (idx == (unsigned int)-1) + if (idx == (unsigned int) -1) err = gnutls_openpgp_crt_get_key_usage (cert, &key_usage); else err = gnutls_openpgp_crt_get_subkey_usage (cert, idx, &key_usage); @@ -112,22 +113,22 @@ print_key_usage (gnutls_string * str, gnutls_openpgp_crt_t cert, unsigned int id static void print_key_id (gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) { - gnutls_openpgp_keyid_t id; - int err; + gnutls_openpgp_keyid_t id; + int err; - if (idx < 0) - err = gnutls_openpgp_crt_get_key_id (cert, id); - else - err = gnutls_openpgp_crt_get_subkey_id( cert, idx, id); + if (idx < 0) + err = gnutls_openpgp_crt_get_key_id (cert, id); + else + err = gnutls_openpgp_crt_get_subkey_id (cert, idx, id); - if (err < 0) - addf (str, "error: get_key_id: %s\n", gnutls_strerror (err)); - else - { - addf (str, _("\tID (hex): ")); - hexprint (str, id, sizeof(id)); - addf (str, "\n"); - } + if (err < 0) + addf (str, "error: get_key_id: %s\n", gnutls_strerror (err)); + else + { + addf (str, _("\tID (hex): ")); + hexprint (str, id, sizeof (id)); + addf (str, "\n"); + } } /* idx == -1 indicates main key @@ -136,181 +137,185 @@ print_key_id (gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) static void print_key_fingerprint (gnutls_string * str, gnutls_openpgp_crt_t cert) { - char fpr[128]; - size_t fpr_size = sizeof (fpr); - int err; + char fpr[128]; + size_t fpr_size = sizeof (fpr); + int err; - err = gnutls_openpgp_crt_get_fingerprint (cert, fpr, &fpr_size); - if (err < 0) - addf (str, "error: get_fingerprint: %s\n", gnutls_strerror (err)); - else - { - addf (str, _("\tFingerprint (hex): ")); - hexprint (str, fpr, fpr_size); - addf (str, "\n"); - } + err = gnutls_openpgp_crt_get_fingerprint (cert, fpr, &fpr_size); + if (err < 0) + addf (str, "error: get_fingerprint: %s\n", gnutls_strerror (err)); + else + { + addf (str, _("\tFingerprint (hex): ")); + hexprint (str, fpr, fpr_size); + addf (str, "\n"); + } } static void print_key_revoked (gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) { - int err; + int err; - if (idx < 0) - err = gnutls_openpgp_crt_get_revoked_status (cert); - else - err = gnutls_openpgp_crt_get_subkey_revoked_status( cert, idx); + if (idx < 0) + err = gnutls_openpgp_crt_get_revoked_status (cert); + else + err = gnutls_openpgp_crt_get_subkey_revoked_status (cert, idx); - if (err != 0) - addf (str, _("\tRevoked: True\n")); - else - addf (str, _("\tRevoked: False\n")); + if (err != 0) + addf (str, _("\tRevoked: True\n")); + else + addf (str, _("\tRevoked: False\n")); } static void -print_key_times(gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) +print_key_times (gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) { - time_t tim; + time_t tim; - addf (str, _("\tTime stamps:\n")); + addf (str, _("\tTime stamps:\n")); - if (idx == -1) - tim = gnutls_openpgp_crt_get_creation_time (cert); + if (idx == -1) + tim = gnutls_openpgp_crt_get_creation_time (cert); + else + tim = gnutls_openpgp_crt_get_subkey_creation_time (cert, idx); + + { + char s[42]; + size_t max = sizeof (s); + struct tm t; + + if (gmtime_r (&tim, &t) == NULL) + addf (str, "error: gmtime_r (%d)\n", t); + else if (strftime (s, max, "%a %b %e %H:%M:%S UTC %Y", &t) == 0) + addf (str, "error: strftime (%d)\n", t); else - tim = gnutls_openpgp_crt_get_subkey_creation_time (cert, idx); - - { - char s[42]; - size_t max = sizeof (s); - struct tm t; - - if (gmtime_r (&tim, &t) == NULL) - addf (str, "error: gmtime_r (%d)\n", t); - else if (strftime (s, max, "%a %b %e %H:%M:%S UTC %Y", &t) == 0) - addf (str, "error: strftime (%d)\n", t); - else - addf (str, _("\t\tCreation: %s\n"), s); - } + addf (str, _("\t\tCreation: %s\n"), s); + } - if (idx == -1) - tim = gnutls_openpgp_crt_get_expiration_time (cert); + if (idx == -1) + tim = gnutls_openpgp_crt_get_expiration_time (cert); + else + tim = gnutls_openpgp_crt_get_subkey_expiration_time (cert, idx); + { + char s[42]; + size_t max = sizeof (s); + struct tm t; + + if (tim == 0) + { + addf (str, _("\t\tExpiration: Never\n"), s); + } else - tim = gnutls_openpgp_crt_get_subkey_expiration_time (cert, idx); - { - char s[42]; - size_t max = sizeof (s); - struct tm t; - - if (tim == 0) - { - addf (str, _("\t\tExpiration: Never\n"), s); - } - else - { - if (gmtime_r (&tim, &t) == NULL) - addf (str, "error: gmtime_r (%d)\n", t); - else if (strftime (s, max, "%a %b %e %H:%M:%S UTC %Y", &t) == 0) - addf (str, "error: strftime (%d)\n", t); - else - addf (str, _("\t\tExpiration: %s\n"), s); - } - } + { + if (gmtime_r (&tim, &t) == NULL) + addf (str, "error: gmtime_r (%d)\n", t); + else if (strftime (s, max, "%a %b %e %H:%M:%S UTC %Y", &t) == 0) + addf (str, "error: strftime (%d)\n", t); + else + addf (str, _("\t\tExpiration: %s\n"), s); + } + } } static void -print_key_info(gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) +print_key_info (gnutls_string * str, gnutls_openpgp_crt_t cert, int idx) { - int err; - unsigned int bits; + int err; + unsigned int bits; - if (idx == -1) - err = gnutls_openpgp_crt_get_pk_algorithm (cert, &bits); - else - err = gnutls_openpgp_crt_get_subkey_pk_algorithm (cert, idx, &bits); + if (idx == -1) + err = gnutls_openpgp_crt_get_pk_algorithm (cert, &bits); + else + err = gnutls_openpgp_crt_get_subkey_pk_algorithm (cert, idx, &bits); - if (err < 0) - addf (str, "error: get_pk_algorithm: %s\n", gnutls_strerror (err)); - else - { - const char *name = gnutls_pk_algorithm_get_name (err); - if (name == NULL) - name = _("unknown"); + if (err < 0) + addf (str, "error: get_pk_algorithm: %s\n", gnutls_strerror (err)); + else + { + const char *name = gnutls_pk_algorithm_get_name (err); + if (name == NULL) + name = _("unknown"); - addf (str, _("\tPublic Key Algorithm: %s\n"), name); - switch (err) + addf (str, _("\tPublic Key Algorithm: %s\n"), name); + switch (err) + { + case GNUTLS_PK_RSA: { - case GNUTLS_PK_RSA: - { - gnutls_datum_t m, e; - - if (idx == -1) - err = gnutls_openpgp_crt_get_pk_rsa_raw (cert, &m, &e); - else - err = gnutls_openpgp_crt_get_subkey_pk_rsa_raw (cert, idx, &m, &e); - - if (err < 0) - addf (str, "error: get_pk_rsa_raw: %s\n", - gnutls_strerror (err)); - else - { - addf (str, _("\t\tModulus (bits %d):\n"), bits); - hexdump (str, m.data, m.size, "\t\t\t"); - addf (str, _("\t\tExponent:\n")); - hexdump (str, e.data, e.size, "\t\t\t"); - - gnutls_free (m.data); - gnutls_free (e.data); - } - - } - break; - - case GNUTLS_PK_DSA: - { - gnutls_datum_t p, q, g, y; - - if (idx == -1) - err = gnutls_openpgp_crt_get_pk_dsa_raw (cert, &p, &q, &g, &y); - else - err = gnutls_openpgp_crt_get_subkey_pk_dsa_raw (cert, idx, &p, &q, &g, &y); - if (err < 0) - addf (str, "error: get_pk_dsa_raw: %s\n", - gnutls_strerror (err)); - else - { - addf (str, _("\t\tPublic key (bits %d):\n"), bits); - hexdump (str, y.data, y.size, "\t\t\t"); - addf (str, _("\t\tP:\n")); - hexdump (str, p.data, p.size, "\t\t\t"); - addf (str, _("\t\tQ:\n")); - hexdump (str, q.data, q.size, "\t\t\t"); - addf (str, _("\t\tG:\n")); - hexdump (str, g.data, g.size, "\t\t\t"); - - gnutls_free (p.data); - gnutls_free (q.data); - gnutls_free (g.data); - gnutls_free (y.data); - } - } - break; - - default: - break; + gnutls_datum_t m, e; + + if (idx == -1) + err = gnutls_openpgp_crt_get_pk_rsa_raw (cert, &m, &e); + else + err = + gnutls_openpgp_crt_get_subkey_pk_rsa_raw (cert, idx, &m, &e); + + if (err < 0) + addf (str, "error: get_pk_rsa_raw: %s\n", + gnutls_strerror (err)); + else + { + addf (str, _("\t\tModulus (bits %d):\n"), bits); + hexdump (str, m.data, m.size, "\t\t\t"); + addf (str, _("\t\tExponent:\n")); + hexdump (str, e.data, e.size, "\t\t\t"); + + gnutls_free (m.data); + gnutls_free (e.data); + } + } - } + break; + + case GNUTLS_PK_DSA: + { + gnutls_datum_t p, q, g, y; + + if (idx == -1) + err = gnutls_openpgp_crt_get_pk_dsa_raw (cert, &p, &q, &g, &y); + else + err = + gnutls_openpgp_crt_get_subkey_pk_dsa_raw (cert, idx, &p, &q, + &g, &y); + if (err < 0) + addf (str, "error: get_pk_dsa_raw: %s\n", + gnutls_strerror (err)); + else + { + addf (str, _("\t\tPublic key (bits %d):\n"), bits); + hexdump (str, y.data, y.size, "\t\t\t"); + addf (str, _("\t\tP:\n")); + hexdump (str, p.data, p.size, "\t\t\t"); + addf (str, _("\t\tQ:\n")); + hexdump (str, q.data, q.size, "\t\t\t"); + addf (str, _("\t\tG:\n")); + hexdump (str, g.data, g.size, "\t\t\t"); + + gnutls_free (p.data); + gnutls_free (q.data); + gnutls_free (g.data); + gnutls_free (y.data); + } + } + break; + + default: + break; + } + } } static void -print_cert (gnutls_string * str, gnutls_openpgp_crt_t cert, unsigned int format) +print_cert (gnutls_string * str, gnutls_openpgp_crt_t cert, + unsigned int format) { -int i, subkeys; -int err; -char dn[1024]; -size_t dn_size; + int i, subkeys; + int err; + char dn[1024]; + size_t dn_size; - print_key_revoked( str, cert, -1); + print_key_revoked (str, cert, -1); /* Version. */ { @@ -322,14 +327,15 @@ size_t dn_size; } /* ID. */ - print_key_id( str, cert, -1); + print_key_id (str, cert, -1); - print_key_fingerprint( str, cert); + print_key_fingerprint (str, cert); /* Names. */ i = 0; - do { - dn_size = sizeof(dn); + do + { + dn_size = sizeof (dn); err = gnutls_openpgp_crt_get_name (cert, i++, dn, &dn_size); if (err < 0 && err != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE && @@ -340,31 +346,34 @@ size_t dn_size; } if (err >= 0) - addf (str, _("\tName[%d]: %s\n"), i-1, dn); - else if (err == GNUTLS_E_OPENPGP_UID_REVOKED) { - addf (str, _("\tRevoked Name[%d]: %s\n"), i-1, dn); - } + addf (str, _("\tName[%d]: %s\n"), i - 1, dn); + else if (err == GNUTLS_E_OPENPGP_UID_REVOKED) + { + addf (str, _("\tRevoked Name[%d]: %s\n"), i - 1, dn); + } - } while( err >= 0); + } + while (err >= 0); - print_key_times( str, cert, -1); + print_key_times (str, cert, -1); - print_key_info( str, cert, -1); - print_key_usage( str, cert, -1); + print_key_info (str, cert, -1); + print_key_usage (str, cert, -1); - subkeys = gnutls_openpgp_crt_get_subkey_count( cert); + subkeys = gnutls_openpgp_crt_get_subkey_count (cert); if (subkeys < 0) return; - for (i=0;i<subkeys;i++) { - addf( str, _("\n\tSubkey[%d]:\n"), i); + for (i = 0; i < subkeys; i++) + { + addf (str, _("\n\tSubkey[%d]:\n"), i); - print_key_revoked( str, cert, i); - print_key_id( str, cert, i); - print_key_times( str, cert, i); - print_key_info( str, cert, i); - print_key_usage( str, cert, i); - } + print_key_revoked (str, cert, i); + print_key_id (str, cert, i); + print_key_times (str, cert, i); + print_key_info (str, cert, i); + print_key_usage (str, cert, i); + } } @@ -385,8 +394,8 @@ size_t dn_size; **/ int gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert, - gnutls_certificate_print_formats_t format, - gnutls_datum_t *out) + gnutls_certificate_print_formats_t format, + gnutls_datum_t * out) { gnutls_string str; @@ -402,4 +411,3 @@ gnutls_openpgp_crt_print (gnutls_openpgp_crt_t cert, return 0; } - diff --git a/lib/openpgp/pgp.c b/lib/openpgp/pgp.c index f0d625cb42..7047e87a43 100644 --- a/lib/openpgp/pgp.c +++ b/lib/openpgp/pgp.c @@ -47,7 +47,7 @@ gnutls_openpgp_crt_init (gnutls_openpgp_crt_t * key) *key = gnutls_calloc (1, sizeof (gnutls_openpgp_crt_int)); if (*key) - return 0; /* success */ + return 0; /* success */ return GNUTLS_E_MEMORY_ERROR; } @@ -95,7 +95,7 @@ gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key, if (data->data == NULL || data->size == 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } @@ -130,7 +130,7 @@ gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key, pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_PUBLIC_KEY); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } @@ -139,11 +139,11 @@ gnutls_openpgp_crt_import (gnutls_openpgp_crt_t key, /* internal version of export */ -int _gnutls_openpgp_export (cdk_kbnode_t node, - gnutls_openpgp_crt_fmt_t format, - void *output_data, - size_t * output_data_size, - int private) +int +_gnutls_openpgp_export (cdk_kbnode_t node, + gnutls_openpgp_crt_fmt_t format, + void *output_data, + size_t * output_data_size, int private) { size_t input_data_size = *output_data_size; size_t calc_size; @@ -161,7 +161,7 @@ int _gnutls_openpgp_export (cdk_kbnode_t node, */ if (!output_data) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_SHORT_MEMORY_BUFFER; } @@ -173,7 +173,9 @@ int _gnutls_openpgp_export (cdk_kbnode_t node, /* Calculate the size of the encoded data and check if the provided buffer is large enough. */ rc = cdk_armor_encode_buffer (in, *output_data_size, - NULL, 0, &calc_size, private?CDK_ARMOR_SECKEY:CDK_ARMOR_PUBKEY); + NULL, 0, &calc_size, + private ? CDK_ARMOR_SECKEY : + CDK_ARMOR_PUBKEY); if (rc || calc_size > input_data_size) { gnutls_free (in); @@ -184,7 +186,8 @@ int _gnutls_openpgp_export (cdk_kbnode_t node, rc = cdk_armor_encode_buffer (in, *output_data_size, output_data, input_data_size, &calc_size, - private?CDK_ARMOR_SECKEY:CDK_ARMOR_PUBKEY); + private ? CDK_ARMOR_SECKEY : + CDK_ARMOR_PUBKEY); gnutls_free (in); *output_data_size = calc_size; } @@ -212,7 +215,7 @@ gnutls_openpgp_crt_export (gnutls_openpgp_crt_t key, gnutls_openpgp_crt_fmt_t format, void *output_data, size_t * output_data_size) { - return _gnutls_openpgp_export( key->knode, format, output_data, + return _gnutls_openpgp_export (key->knode, format, output_data, output_data_size, 0); } @@ -319,12 +322,12 @@ gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key, while ((p = cdk_kbnode_walk (key->knode, &ctx, 0))) { pkt = cdk_kbnode_get_packet (p); - if (pkt->pkttype == CDK_PKT_USER_ID) - { - if (pos == idx) - break; - pos++; - } + if (pkt->pkttype == CDK_PKT_USER_ID) + { + if (pos == idx) + break; + pos++; + } } if (!pkt) @@ -342,7 +345,7 @@ gnutls_openpgp_crt_get_name (gnutls_openpgp_crt_t key, } memcpy (buf, uid->name, uid->len); - buf[uid->len] = '\0'; /* make sure it's a string */ + buf[uid->len] = '\0'; /* make sure it's a string */ *sizeof_buf = uid->len + 1; if (uid->is_revoked) @@ -375,7 +378,7 @@ gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key, if (!key) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_PK_UNKNOWN; } @@ -385,7 +388,7 @@ gnutls_openpgp_crt_get_pk_algorithm (gnutls_openpgp_crt_t key, { if (bits) *bits = cdk_pk_get_nbits (pkt->pkt.public_key); - algo = _gnutls_openpgp_get_algo(pkt->pkt.public_key->pubkey_algo); + algo = _gnutls_openpgp_get_algo (pkt->pkt.public_key->pubkey_algo); } return algo; @@ -502,8 +505,8 @@ gnutls_openpgp_crt_get_key_id (gnutls_openpgp_crt_t key, return GNUTLS_E_OPENPGP_GETKEY_FAILED; cdk_pk_get_keyid (pkt->pkt.public_key, kid); - _gnutls_write_uint32( kid[0], keyid); - _gnutls_write_uint32( kid[1], keyid+4); + _gnutls_write_uint32 (kid[0], keyid); + _gnutls_write_uint32 (kid[1], keyid + 4); return 0; } @@ -534,7 +537,8 @@ gnutls_openpgp_crt_get_revoked_status (gnutls_openpgp_crt_t key) if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; - if (pkt->pkt.public_key->is_revoked != 0) return 1; + if (pkt->pkt.public_key->is_revoked != 0) + return 1; return 0; } @@ -563,34 +567,35 @@ gnutls_openpgp_crt_check_hostname (gnutls_openpgp_crt_t key, { dnsnamesize = sizeof (dnsname); ret = gnutls_openpgp_crt_get_name (key, i, dnsname, &dnsnamesize); - + if (ret == 0) - { - if (_gnutls_hostname_compare (dnsname, hostname)) - return 1; - } + { + if (_gnutls_hostname_compare (dnsname, hostname)) + return 1; + } } /* not found a matching name */ return 0; } -unsigned int _gnutls_get_pgp_key_usage(unsigned int cdk_usage) +unsigned int +_gnutls_get_pgp_key_usage (unsigned int cdk_usage) { -unsigned int usage = 0; - - if (cdk_usage & CDK_KEY_USG_CERT_SIGN) - usage |= GNUTLS_KEY_KEY_CERT_SIGN; - if (cdk_usage & CDK_KEY_USG_DATA_SIGN) - usage |= GNUTLS_KEY_DIGITAL_SIGNATURE; - if (cdk_usage & CDK_KEY_USG_COMM_ENCR) - usage |= GNUTLS_KEY_KEY_ENCIPHERMENT; - if (cdk_usage & CDK_KEY_USG_STORAGE_ENCR) - usage |= GNUTLS_KEY_DATA_ENCIPHERMENT; - if (cdk_usage & CDK_KEY_USG_AUTH) - usage |= GNUTLS_KEY_KEY_AGREEMENT; - - return usage; + unsigned int usage = 0; + + if (cdk_usage & CDK_KEY_USG_CERT_SIGN) + usage |= GNUTLS_KEY_KEY_CERT_SIGN; + if (cdk_usage & CDK_KEY_USG_DATA_SIGN) + usage |= GNUTLS_KEY_DIGITAL_SIGNATURE; + if (cdk_usage & CDK_KEY_USG_COMM_ENCR) + usage |= GNUTLS_KEY_KEY_ENCIPHERMENT; + if (cdk_usage & CDK_KEY_USG_STORAGE_ENCR) + usage |= GNUTLS_KEY_DATA_ENCIPHERMENT; + if (cdk_usage & CDK_KEY_USG_AUTH) + usage |= GNUTLS_KEY_KEY_AGREEMENT; + + return usage; } /** @@ -620,7 +625,7 @@ gnutls_openpgp_crt_get_key_usage (gnutls_openpgp_crt_t key, if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; - *key_usage = _gnutls_get_pgp_key_usage(pkt->pkt.public_key->pubkey_usage); + *key_usage = _gnutls_get_pgp_key_usage (pkt->pkt.public_key->pubkey_usage); return 0; } @@ -662,7 +667,8 @@ gnutls_openpgp_crt_get_subkey_count (gnutls_openpgp_crt_t key) } /* returns the subkey with the given index */ -static cdk_packet_t _get_public_subkey(gnutls_openpgp_crt_t key, unsigned int indx) +static cdk_packet_t +_get_public_subkey (gnutls_openpgp_crt_t key, unsigned int indx) { cdk_kbnode_t p, ctx; cdk_packet_t pkt; @@ -673,7 +679,7 @@ static cdk_packet_t _get_public_subkey(gnutls_openpgp_crt_t key, unsigned int in gnutls_assert (); return NULL; } - + ctx = NULL; subkeys = 0; while ((p = cdk_kbnode_walk (key->knode, &ctx, 0))) @@ -691,8 +697,9 @@ static cdk_packet_t _get_public_subkey(gnutls_openpgp_crt_t key, unsigned int in * pkt->pkt.secret_key; * pkt->pkt.public_key; */ -cdk_packet_t _gnutls_openpgp_find_key( cdk_kbnode_t knode, uint32_t keyid[2], - unsigned int priv) +cdk_packet_t +_gnutls_openpgp_find_key (cdk_kbnode_t knode, uint32_t keyid[2], + unsigned int priv) { cdk_kbnode_t p, ctx; cdk_packet_t pkt; @@ -703,23 +710,28 @@ cdk_packet_t _gnutls_openpgp_find_key( cdk_kbnode_t knode, uint32_t keyid[2], { pkt = cdk_kbnode_get_packet (p); - if ( (priv == 0 && (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY || pkt->pkttype == CDK_PKT_PUBLIC_KEY)) || \ - (priv != 0 && (pkt->pkttype == CDK_PKT_SECRET_SUBKEY || pkt->pkttype == CDK_PKT_SECRET_KEY))) - { - if (priv == 0) - cdk_pk_get_keyid (pkt->pkt.public_key, local_keyid); - else - cdk_pk_get_keyid (pkt->pkt.secret_key->pk, local_keyid); + if ((priv == 0 + && (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY + || pkt->pkttype == CDK_PKT_PUBLIC_KEY)) || (priv != 0 + && (pkt->pkttype == + CDK_PKT_SECRET_SUBKEY + || pkt-> + pkttype == + CDK_PKT_SECRET_KEY))) + { + if (priv == 0) + cdk_pk_get_keyid (pkt->pkt.public_key, local_keyid); + else + cdk_pk_get_keyid (pkt->pkt.secret_key->pk, local_keyid); - if (local_keyid[0] == keyid[0] && \ - local_keyid[1] == keyid[1]) - { - return pkt; - } - } + if (local_keyid[0] == keyid[0] && local_keyid[1] == keyid[1]) + { + return pkt; + } + } } - gnutls_assert(); + gnutls_assert (); return NULL; } @@ -728,12 +740,13 @@ cdk_packet_t _gnutls_openpgp_find_key( cdk_kbnode_t knode, uint32_t keyid[2], * pkt->pkt.secret_key; * pkt->pkt.public_key; */ -int _gnutls_openpgp_find_subkey_idx( cdk_kbnode_t knode, uint32_t keyid[2], - unsigned int priv) +int +_gnutls_openpgp_find_subkey_idx (cdk_kbnode_t knode, uint32_t keyid[2], + unsigned int priv) { cdk_kbnode_t p, ctx; cdk_packet_t pkt; - int i=0; + int i = 0; uint32_t local_keyid[2]; ctx = NULL; @@ -741,24 +754,23 @@ int _gnutls_openpgp_find_subkey_idx( cdk_kbnode_t knode, uint32_t keyid[2], { pkt = cdk_kbnode_get_packet (p); - if ( (priv == 0 && (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY)) || \ - (priv != 0 && (pkt->pkttype == CDK_PKT_SECRET_SUBKEY))) - { - if (priv == 0) - cdk_pk_get_keyid (pkt->pkt.public_key, local_keyid); - else - cdk_pk_get_keyid (pkt->pkt.secret_key->pk, local_keyid); + if ((priv == 0 && (pkt->pkttype == CDK_PKT_PUBLIC_SUBKEY)) || + (priv != 0 && (pkt->pkttype == CDK_PKT_SECRET_SUBKEY))) + { + if (priv == 0) + cdk_pk_get_keyid (pkt->pkt.public_key, local_keyid); + else + cdk_pk_get_keyid (pkt->pkt.secret_key->pk, local_keyid); - if (local_keyid[0] == keyid[0] && \ - local_keyid[1] == keyid[1]) - { - return i; - } - i++; - } + if (local_keyid[0] == keyid[0] && local_keyid[1] == keyid[1]) + { + return i; + } + i++; + } } - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_SUBKEY_ERROR; } @@ -786,11 +798,12 @@ gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key, return GNUTLS_E_INVALID_REQUEST; } - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; - if (pkt->pkt.public_key->is_revoked != 0) return 1; + if (pkt->pkt.public_key->is_revoked != 0) + return 1; return 0; } @@ -814,25 +827,26 @@ gnutls_openpgp_crt_get_subkey_revoked_status (gnutls_openpgp_crt_t key, **/ gnutls_pk_algorithm_t gnutls_openpgp_crt_get_subkey_pk_algorithm (gnutls_openpgp_crt_t key, - unsigned int idx, unsigned int *bits) + unsigned int idx, + unsigned int *bits) { cdk_packet_t pkt; int algo; if (!key) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_PK_UNKNOWN; } - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); algo = 0; if (pkt) { if (bits) *bits = cdk_pk_get_nbits (pkt->pkt.public_key); - algo = _gnutls_openpgp_get_algo(pkt->pkt.public_key->pubkey_algo); + algo = _gnutls_openpgp_get_algo (pkt->pkt.public_key->pubkey_algo); } return algo; @@ -859,7 +873,7 @@ gnutls_openpgp_crt_get_subkey_creation_time (gnutls_openpgp_crt_t key, if (!key) return (time_t) - 1; - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); if (pkt) timestamp = pkt->pkt.public_key->timestamp; else @@ -891,7 +905,7 @@ gnutls_openpgp_crt_get_subkey_expiration_time (gnutls_openpgp_crt_t key, if (!key) return (time_t) - 1; - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); if (pkt) expiredate = pkt->pkt.public_key->expiredate; else @@ -924,13 +938,13 @@ gnutls_openpgp_crt_get_subkey_id (gnutls_openpgp_crt_t key, return GNUTLS_E_INVALID_REQUEST; } - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; cdk_pk_get_keyid (pkt->pkt.public_key, kid); - _gnutls_write_uint32( kid[0], keyid); - _gnutls_write_uint32( kid[1], keyid+4); + _gnutls_write_uint32 (kid[0], keyid); + _gnutls_write_uint32 (kid[1], keyid + 4); return 0; } @@ -965,7 +979,7 @@ gnutls_openpgp_crt_get_subkey_fingerprint (gnutls_openpgp_crt_t key, *fprlen = 0; - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; @@ -1004,12 +1018,12 @@ gnutls_openpgp_crt_get_subkey_idx (gnutls_openpgp_crt_t key, return GNUTLS_E_INVALID_REQUEST; } - KEYID_IMPORT( kid, keyid); - ret = _gnutls_openpgp_find_subkey_idx( key->knode, kid, 0); + KEYID_IMPORT (kid, keyid); + ret = _gnutls_openpgp_find_subkey_idx (key->knode, kid, 0); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); } return ret; @@ -1044,80 +1058,94 @@ gnutls_openpgp_crt_get_subkey_usage (gnutls_openpgp_crt_t key, return GNUTLS_E_INVALID_REQUEST; } - pkt = _get_public_subkey( key, idx); + pkt = _get_public_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_SUBKEY_ERROR; - *key_usage = _gnutls_get_pgp_key_usage(pkt->pkt.public_key->pubkey_usage); + *key_usage = _gnutls_get_pgp_key_usage (pkt->pkt.public_key->pubkey_usage); return 0; } -int _gnutls_read_pgp_mpi( cdk_packet_t pkt, unsigned int priv, size_t idx, bigint_t* m) +int +_gnutls_read_pgp_mpi (cdk_packet_t pkt, unsigned int priv, size_t idx, + bigint_t * m) { -size_t buf_size = 512; -opaque * buf = gnutls_malloc( buf_size); -int err; -unsigned int max_pub_params = 0; + size_t buf_size = 512; + opaque *buf = gnutls_malloc (buf_size); + int err; + unsigned int max_pub_params = 0; - if (priv !=0) - max_pub_params = cdk_pk_get_npkey(pkt->pkt.secret_key->pk->pubkey_algo); + if (priv != 0) + max_pub_params = cdk_pk_get_npkey (pkt->pkt.secret_key->pk->pubkey_algo); - if (buf == NULL) + if (buf == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } /* FIXME: Note that opencdk doesn't like the buf to be NULL. */ if (priv == 0) - err = cdk_pk_get_mpi (pkt->pkt.public_key, idx, buf, buf_size, &buf_size, NULL); - else + err = + cdk_pk_get_mpi (pkt->pkt.public_key, idx, buf, buf_size, &buf_size, + NULL); + else { if (idx < max_pub_params) - err = cdk_pk_get_mpi (pkt->pkt.secret_key->pk, idx, buf, buf_size, &buf_size, NULL); + err = + cdk_pk_get_mpi (pkt->pkt.secret_key->pk, idx, buf, buf_size, + &buf_size, NULL); else - { - err = cdk_sk_get_mpi (pkt->pkt.secret_key, idx-max_pub_params, buf, buf_size, &buf_size, NULL); - } + { + err = + cdk_sk_get_mpi (pkt->pkt.secret_key, idx - max_pub_params, buf, + buf_size, &buf_size, NULL); + } } - - if (err == CDK_Too_Short) + + if (err == CDK_Too_Short) { - buf = gnutls_realloc_fast( buf, buf_size); - if (buf == NULL) - { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } + buf = gnutls_realloc_fast (buf, buf_size); + if (buf == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } if (priv == 0) - err = cdk_pk_get_mpi (pkt->pkt.public_key, idx, buf, buf_size, &buf_size, NULL); + err = + cdk_pk_get_mpi (pkt->pkt.public_key, idx, buf, buf_size, &buf_size, + NULL); else - { - if (idx < max_pub_params) - err = cdk_pk_get_mpi (pkt->pkt.secret_key->pk, idx, buf, buf_size, &buf_size, NULL); - else - { - err = cdk_sk_get_mpi (pkt->pkt.secret_key, idx-max_pub_params, buf, buf_size, &buf_size, NULL); - } - } + { + if (idx < max_pub_params) + err = + cdk_pk_get_mpi (pkt->pkt.secret_key->pk, idx, buf, buf_size, + &buf_size, NULL); + else + { + err = + cdk_sk_get_mpi (pkt->pkt.secret_key, idx - max_pub_params, + buf, buf_size, &buf_size, NULL); + } + } } - if (err != CDK_Success) + if (err != CDK_Success) { - gnutls_assert(); - gnutls_free( buf); - return _gnutls_map_cdk_rc( err); + gnutls_assert (); + gnutls_free (buf); + return _gnutls_map_cdk_rc (err); } - + err = _gnutls_mpi_scan (m, buf, buf_size); - gnutls_free( buf); - + gnutls_free (buf); + if (err < 0) { - gnutls_assert(); + gnutls_assert (); return err; } @@ -1128,8 +1156,9 @@ unsigned int max_pub_params = 0; /* Extracts DSA and RSA parameters from a certificate. */ int -_gnutls_openpgp_crt_get_mpis (gnutls_openpgp_crt_t cert, uint32_t *keyid /* [2] */, - bigint_t * params, int *params_size) +_gnutls_openpgp_crt_get_mpis (gnutls_openpgp_crt_t cert, + uint32_t * keyid /* [2] */ , + bigint_t * params, int *params_size) { int result, i; int pk_algorithm, local_params; @@ -1138,54 +1167,54 @@ _gnutls_openpgp_crt_get_mpis (gnutls_openpgp_crt_t cert, uint32_t *keyid /* [2] if (keyid == NULL) pkt = cdk_kbnode_find_packet (cert->knode, CDK_PKT_PUBLIC_KEY); else - pkt = _gnutls_openpgp_find_key( cert->knode, keyid, 0); + pkt = _gnutls_openpgp_find_key (cert->knode, keyid, 0); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - pk_algorithm = _gnutls_openpgp_get_algo( pkt->pkt.public_key->pubkey_algo); + pk_algorithm = _gnutls_openpgp_get_algo (pkt->pkt.public_key->pubkey_algo); switch (pk_algorithm) { - case GNUTLS_PK_RSA: - local_params = RSA_PUBLIC_PARAMS; - break; - case GNUTLS_PK_DSA: - local_params = DSA_PUBLIC_PARAMS; - break; - default: - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + case GNUTLS_PK_RSA: + local_params = RSA_PUBLIC_PARAMS; + break; + case GNUTLS_PK_DSA: + local_params = DSA_PUBLIC_PARAMS; + break; + default: + gnutls_assert (); + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } - if (*params_size < local_params) + if (*params_size < local_params) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; } - + *params_size = local_params; for (i = 0; i < local_params; i++) { - result = _gnutls_read_pgp_mpi( pkt, 0, i, ¶ms[i]); - if (result < 0) - { - gnutls_assert(); - goto error; - } + result = _gnutls_read_pgp_mpi (pkt, 0, i, ¶ms[i]); + if (result < 0) + { + gnutls_assert (); + goto error; + } } return 0; - + error: { int j; - for (j=0;j<i;j++) - _gnutls_mpi_release( ¶ms[j]); + for (j = 0; j < i; j++) + _gnutls_mpi_release (¶ms[j]); } return result; @@ -1193,9 +1222,9 @@ error: /* The internal version of export */ -static -int _get_pk_rsa_raw(gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, - gnutls_datum_t * m, gnutls_datum_t * e) +static int +_get_pk_rsa_raw (gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, + gnutls_datum_t * m, gnutls_datum_t * e) { int pk_algorithm, ret, i; cdk_packet_t pkt; @@ -1208,18 +1237,18 @@ int _get_pk_rsa_raw(gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - KEYID_IMPORT(kid32, keyid); - - pkt = _gnutls_openpgp_find_key( crt->knode, kid32, 0); + + KEYID_IMPORT (kid32, keyid); + + pkt = _gnutls_openpgp_find_key (crt->knode, kid32, 0); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - pk_algorithm = _gnutls_openpgp_get_algo( pkt->pkt.public_key->pubkey_algo); - + pk_algorithm = _gnutls_openpgp_get_algo (pkt->pkt.public_key->pubkey_algo); + if (pk_algorithm != GNUTLS_PK_RSA) { gnutls_assert (); @@ -1258,10 +1287,10 @@ cleanup: return ret; } -static -int _get_pk_dsa_raw(gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y) +static int +_get_pk_dsa_raw (gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y) { int pk_algorithm, ret, i; cdk_packet_t pkt; @@ -1274,25 +1303,25 @@ int _get_pk_dsa_raw(gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid, gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - KEYID_IMPORT(kid32, keyid); - - pkt = _gnutls_openpgp_find_key( crt->knode, kid32, 0); + + KEYID_IMPORT (kid32, keyid); + + pkt = _gnutls_openpgp_find_key (crt->knode, kid32, 0); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - pk_algorithm = _gnutls_openpgp_get_algo( pkt->pkt.public_key->pubkey_algo); - + pk_algorithm = _gnutls_openpgp_get_algo (pkt->pkt.public_key->pubkey_algo); + if (pk_algorithm != GNUTLS_PK_DSA) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - ret = _gnutls_openpgp_crt_get_mpis(crt, kid32, params, ¶ms_size); + ret = _gnutls_openpgp_crt_get_mpis (crt, kid32, params, ¶ms_size); if (ret < 0) { gnutls_assert (); @@ -1365,20 +1394,20 @@ cleanup: * Since: 2.4.0 **/ int -gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt, - gnutls_datum_t * m, gnutls_datum_t * e) +gnutls_openpgp_crt_get_pk_rsa_raw (gnutls_openpgp_crt_t crt, + gnutls_datum_t * m, gnutls_datum_t * e) { -gnutls_openpgp_keyid_t keyid; -int ret; + gnutls_openpgp_keyid_t keyid; + int ret; - ret = gnutls_openpgp_crt_get_key_id( crt, keyid); + ret = gnutls_openpgp_crt_get_key_id (crt, keyid); if (ret < 0) { gnutls_assert (); return ret; } - - return _get_pk_rsa_raw( crt, keyid, m, e); + + return _get_pk_rsa_raw (crt, keyid, m, e); } /** @@ -1398,21 +1427,21 @@ int ret; * Since: 2.4.0 **/ int -gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y) +gnutls_openpgp_crt_get_pk_dsa_raw (gnutls_openpgp_crt_t crt, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y) { -gnutls_openpgp_keyid_t keyid; -int ret; + gnutls_openpgp_keyid_t keyid; + int ret; - ret = gnutls_openpgp_crt_get_key_id( crt, keyid); + ret = gnutls_openpgp_crt_get_key_id (crt, keyid); if (ret < 0) { gnutls_assert (); return ret; } - return _get_pk_dsa_raw( crt, keyid, p, q, g, y); + return _get_pk_dsa_raw (crt, keyid, p, q, g, y); } /** @@ -1431,20 +1460,22 @@ int ret; * Since: 2.4.0 **/ int -gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt, unsigned int idx, - gnutls_datum_t * m, gnutls_datum_t * e) +gnutls_openpgp_crt_get_subkey_pk_rsa_raw (gnutls_openpgp_crt_t crt, + unsigned int idx, + gnutls_datum_t * m, + gnutls_datum_t * e) { -gnutls_openpgp_keyid_t keyid; -int ret; + gnutls_openpgp_keyid_t keyid; + int ret; - ret = gnutls_openpgp_crt_get_subkey_id( crt, idx, keyid); + ret = gnutls_openpgp_crt_get_subkey_id (crt, idx, keyid); if (ret < 0) { gnutls_assert (); return ret; } - return _get_pk_rsa_raw( crt, keyid, m, e); + return _get_pk_rsa_raw (crt, keyid, m, e); } /** @@ -1475,14 +1506,14 @@ gnutls_openpgp_crt_get_subkey_pk_dsa_raw (gnutls_openpgp_crt_t crt, gnutls_openpgp_keyid_t keyid; int ret; - ret = gnutls_openpgp_crt_get_subkey_id( crt, idx, keyid); + ret = gnutls_openpgp_crt_get_subkey_id (crt, idx, keyid); if (ret < 0) { gnutls_assert (); return ret; } - return _get_pk_dsa_raw( crt, keyid, p, q, g, y); + return _get_pk_dsa_raw (crt, keyid, p, q, g, y); } /** @@ -1505,7 +1536,7 @@ gnutls_openpgp_crt_get_preferred_key_id (gnutls_openpgp_crt_t key, return GNUTLS_E_INVALID_REQUEST; } - memcpy( keyid, key->preferred_keyid, sizeof(gnutls_openpgp_keyid_t)); + memcpy (keyid, key->preferred_keyid, sizeof (gnutls_openpgp_keyid_t)); return 0; } @@ -1523,7 +1554,7 @@ int gnutls_openpgp_crt_set_preferred_key_id (gnutls_openpgp_crt_t key, const gnutls_openpgp_keyid_t keyid) { -int ret; + int ret; if (!key) { @@ -1532,16 +1563,16 @@ int ret; } /* check if the id is valid */ - ret = gnutls_openpgp_crt_get_subkey_idx ( key, keyid); + ret = gnutls_openpgp_crt_get_subkey_idx (key, keyid); if (ret < 0) { - _gnutls_x509_log("the requested subkey does not exist\n"); - gnutls_assert(); + _gnutls_x509_log ("the requested subkey does not exist\n"); + gnutls_assert (); return ret; } key->preferred_set = 1; - memcpy( key->preferred_keyid, keyid, sizeof(gnutls_openpgp_keyid_t)); + memcpy (key->preferred_keyid, keyid, sizeof (gnutls_openpgp_keyid_t)); return 0; } @@ -1563,62 +1594,65 @@ int ret; * * Returns: %GNUTLS_E_SUCCESS on success, or an error code. **/ -int gnutls_openpgp_crt_get_auth_subkey( gnutls_openpgp_crt_t crt, - gnutls_openpgp_keyid_t keyid, - unsigned int flag) +int +gnutls_openpgp_crt_get_auth_subkey (gnutls_openpgp_crt_t crt, + gnutls_openpgp_keyid_t keyid, + unsigned int flag) { int ret, subkeys, i; unsigned int usage; unsigned int keyid_init = 0; - subkeys = gnutls_openpgp_crt_get_subkey_count( crt); + subkeys = gnutls_openpgp_crt_get_subkey_count (crt); if (subkeys <= 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_SUBKEY_ERROR; } /* Try to find a subkey with the authentication flag set. * if none exists use the last one found - */ - for (i=0;i<subkeys;i++) + */ + for (i = 0; i < subkeys; i++) { - ret = gnutls_openpgp_crt_get_subkey_revoked_status(crt, i); - if (ret != 0) /* it is revoked. ignore it */ + ret = gnutls_openpgp_crt_get_subkey_revoked_status (crt, i); + if (ret != 0) /* it is revoked. ignore it */ continue; if (keyid_init == 0) - { /* keep the first valid subkey */ - ret = gnutls_openpgp_crt_get_subkey_id( crt, i, keyid); + { /* keep the first valid subkey */ + ret = gnutls_openpgp_crt_get_subkey_id (crt, i, keyid); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } keyid_init = 1; } - ret = gnutls_openpgp_crt_get_subkey_usage( crt, i, &usage); + ret = gnutls_openpgp_crt_get_subkey_usage (crt, i, &usage); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } if (usage & GNUTLS_KEY_KEY_AGREEMENT) - { - ret = gnutls_openpgp_crt_get_subkey_id( crt, i, keyid); - if (ret < 0) - { - gnutls_assert(); - return ret; - } - return 0; - } - } - - if (flag && keyid_init) return 0; - else return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; + { + ret = gnutls_openpgp_crt_get_subkey_id (crt, i, keyid); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + return 0; + } + } + + if (flag && keyid_init) + return 0; + else + return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } diff --git a/lib/openpgp/pgpverify.c b/lib/openpgp/pgpverify.c index 6659a6f911..df1907b142 100644 --- a/lib/openpgp/pgpverify.c +++ b/lib/openpgp/pgpverify.c @@ -81,12 +81,12 @@ gnutls_openpgp_crt_verify_ring (gnutls_openpgp_crt_t key, } else if (rc != CDK_Success) { - _gnutls_x509_log("cdk_pk_check_sigs: error %d\n", rc); + _gnutls_x509_log ("cdk_pk_check_sigs: error %d\n", rc); rc = _gnutls_map_cdk_rc (rc); gnutls_assert (); return rc; } - _gnutls_x509_log("status: %x\n", status); + _gnutls_x509_log ("status: %x\n", status); if (status & CDK_KEY_INVALID) *verify |= GNUTLS_CERT_INVALID; @@ -144,4 +144,3 @@ gnutls_openpgp_crt_verify_self (gnutls_openpgp_crt_t key, return 0; } - diff --git a/lib/openpgp/privkey.c b/lib/openpgp/privkey.c index 13cd072ea0..592fe83165 100644 --- a/lib/openpgp/privkey.c +++ b/lib/openpgp/privkey.c @@ -48,7 +48,7 @@ gnutls_openpgp_privkey_init (gnutls_openpgp_privkey_t * key) *key = gnutls_calloc (1, sizeof (gnutls_openpgp_privkey_int)); if (*key) - return 0; /* success */ + return 0; /* success */ return GNUTLS_E_MEMORY_ERROR; } @@ -99,10 +99,10 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key, if (data->data == NULL || data->size == 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - + if (format == GNUTLS_OPENPGP_FMT_RAW) rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size); else @@ -113,7 +113,7 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key, rc = _gnutls_map_cdk_rc (rc); gnutls_assert (); return rc; - } + } if (cdk_armor_filter_use (inp)) rc = cdk_stream_set_armor_flag (inp, 0); if (!rc) @@ -131,10 +131,10 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key, pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - + return 0; } @@ -158,12 +158,13 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key, **/ int gnutls_openpgp_privkey_export (gnutls_openpgp_privkey_t key, - gnutls_openpgp_crt_fmt_t format, - const char* password, unsigned int flags, - void *output_data, size_t * output_data_size) + gnutls_openpgp_crt_fmt_t format, + const char *password, unsigned int flags, + void *output_data, size_t * output_data_size) { /* FIXME for now we do not export encrypted keys */ - return _gnutls_openpgp_export( key->knode, format, output_data, output_data_size, 1); + return _gnutls_openpgp_export (key->knode, format, output_data, + output_data_size, 1); } @@ -193,36 +194,38 @@ gnutls_openpgp_privkey_get_pk_algorithm (gnutls_openpgp_privkey_t key, if (!key) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_PK_UNKNOWN; } - + algo = 0; pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY); if (pkt) { if (bits) *bits = cdk_pk_get_nbits (pkt->pkt.secret_key->pk); - algo = _gnutls_openpgp_get_algo(pkt->pkt.secret_key->pk->pubkey_algo); + algo = _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); } - + return algo; } -int _gnutls_openpgp_get_algo( int cdk_algo) +int +_gnutls_openpgp_get_algo (int cdk_algo) { -int algo; + int algo; - if (is_RSA (cdk_algo)) - algo = GNUTLS_PK_RSA; - else if (is_DSA (cdk_algo)) - algo = GNUTLS_PK_DSA; - else { - _gnutls_x509_log("Unknown OpenPGP algorithm %d\n", cdk_algo); - algo = GNUTLS_PK_UNKNOWN; - } - - return algo; + if (is_RSA (cdk_algo)) + algo = GNUTLS_PK_RSA; + else if (is_DSA (cdk_algo)) + algo = GNUTLS_PK_DSA; + else + { + _gnutls_x509_log ("Unknown OpenPGP algorithm %d\n", cdk_algo); + algo = GNUTLS_PK_UNKNOWN; + } + + return algo; } /** @@ -251,7 +254,8 @@ gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t key) if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; - if (pkt->pkt.secret_key->is_revoked != 0) return 1; + if (pkt->pkt.secret_key->is_revoked != 0) + return 1; return 0; } @@ -270,7 +274,7 @@ gnutls_openpgp_privkey_get_revoked_status (gnutls_openpgp_privkey_t key) **/ int gnutls_openpgp_privkey_get_fingerprint (gnutls_openpgp_privkey_t key, - void *fpr, size_t * fprlen) + void *fpr, size_t * fprlen) { cdk_packet_t pkt; cdk_pkt_pubkey_t pk = NULL; @@ -284,15 +288,15 @@ gnutls_openpgp_privkey_get_fingerprint (gnutls_openpgp_privkey_t key, *fprlen = 0; pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY); - if (!pkt) + if (!pkt) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } pk = pkt->pkt.secret_key->pk; *fprlen = 20; - + if (is_RSA (pk->pubkey_algo) && pk->version < 4) *fprlen = 16; @@ -330,8 +334,8 @@ gnutls_openpgp_privkey_get_key_id (gnutls_openpgp_privkey_t key, return GNUTLS_E_OPENPGP_GETKEY_FAILED; cdk_sk_get_keyid (pkt->pkt.secret_key, kid); - _gnutls_write_uint32( kid[0], keyid); - _gnutls_write_uint32( kid[1], keyid+4); + _gnutls_write_uint32 (kid[0], keyid); + _gnutls_write_uint32 (kid[1], keyid + 4); return 0; } @@ -374,7 +378,8 @@ gnutls_openpgp_privkey_get_subkey_count (gnutls_openpgp_privkey_t key) } /* returns the subkey with the given index */ -static cdk_packet_t _get_secret_subkey(gnutls_openpgp_privkey_t key, unsigned int indx) +static cdk_packet_t +_get_secret_subkey (gnutls_openpgp_privkey_t key, unsigned int indx) { cdk_kbnode_t p, ctx; cdk_packet_t pkt; @@ -405,7 +410,8 @@ static cdk_packet_t _get_secret_subkey(gnutls_openpgp_privkey_t key, unsigned in * Since: 2.4.0 **/ int -gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t key, unsigned int idx) +gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t + key, unsigned int idx) { cdk_packet_t pkt; @@ -415,11 +421,12 @@ gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } - pkt = _get_secret_subkey( key, idx); + pkt = _get_secret_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; - if (pkt->pkt.secret_key->is_revoked != 0) return 1; + if (pkt->pkt.secret_key->is_revoked != 0) + return 1; return 0; } @@ -443,18 +450,19 @@ gnutls_openpgp_privkey_get_subkey_revoked_status (gnutls_openpgp_privkey_t key, **/ gnutls_pk_algorithm_t gnutls_openpgp_privkey_get_subkey_pk_algorithm (gnutls_openpgp_privkey_t key, - unsigned int idx, unsigned int *bits) + unsigned int idx, + unsigned int *bits) { cdk_packet_t pkt; int algo; if (!key) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_PK_UNKNOWN; } - - pkt = _get_secret_subkey( key, idx); + + pkt = _get_secret_subkey (key, idx); algo = 0; if (pkt) @@ -497,12 +505,12 @@ gnutls_openpgp_privkey_get_subkey_idx (gnutls_openpgp_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } - KEYID_IMPORT( kid, keyid); - ret = _gnutls_openpgp_find_subkey_idx( key->knode, kid, 1); + KEYID_IMPORT (kid, keyid); + ret = _gnutls_openpgp_find_subkey_idx (key->knode, kid, 1); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); } return ret; @@ -529,7 +537,7 @@ gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t key, if (!key) return (time_t) - 1; - pkt = _get_secret_subkey( key, idx); + pkt = _get_secret_subkey (key, idx); if (pkt) timestamp = pkt->pkt.secret_key->pk->timestamp; else @@ -551,8 +559,8 @@ gnutls_openpgp_privkey_get_subkey_creation_time (gnutls_openpgp_privkey_t key, * Since: 2.4.0 **/ time_t -gnutls_openpgp_privkey_get_subkey_expiration_time (gnutls_openpgp_privkey_t key, - unsigned int idx) +gnutls_openpgp_privkey_get_subkey_expiration_time (gnutls_openpgp_privkey_t + key, unsigned int idx) { cdk_packet_t pkt; time_t expiredate; @@ -560,7 +568,7 @@ gnutls_openpgp_privkey_get_subkey_expiration_time (gnutls_openpgp_privkey_t key, if (!key) return (time_t) - 1; - pkt = _get_secret_subkey( key, idx); + pkt = _get_secret_subkey (key, idx); if (pkt) expiredate = pkt->pkt.secret_key->expiredate; else @@ -595,13 +603,13 @@ gnutls_openpgp_privkey_get_subkey_id (gnutls_openpgp_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } - pkt = _get_secret_subkey( key, idx); + pkt = _get_secret_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; cdk_sk_get_keyid (pkt->pkt.secret_key, kid); - _gnutls_write_uint32( kid[0], keyid); - _gnutls_write_uint32( kid[1], keyid+4); + _gnutls_write_uint32 (kid[0], keyid); + _gnutls_write_uint32 (kid[1], keyid + 4); return 0; } @@ -636,7 +644,7 @@ gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t key, *fprlen = 0; - pkt = _get_secret_subkey( key, idx); + pkt = _get_secret_subkey (key, idx); if (!pkt) return GNUTLS_E_OPENPGP_GETKEY_FAILED; @@ -655,8 +663,9 @@ gnutls_openpgp_privkey_get_subkey_fingerprint (gnutls_openpgp_privkey_t key, /* Extracts DSA and RSA parameters from a certificate. */ int -_gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, uint32_t *keyid /*[2]*/, - bigint_t * params, int *params_size) +_gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, + uint32_t * keyid /*[2] */ , + bigint_t * params, int *params_size) { int result, i; int pk_algorithm, local_params; @@ -665,55 +674,56 @@ _gnutls_openpgp_privkey_get_mpis (gnutls_openpgp_privkey_t pkey, uint32_t *keyid if (keyid == NULL) pkt = cdk_kbnode_find_packet (pkey->knode, CDK_PKT_SECRET_KEY); else - pkt = _gnutls_openpgp_find_key( pkey->knode, keyid, 1); - + pkt = _gnutls_openpgp_find_key (pkey->knode, keyid, 1); + if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - pk_algorithm = _gnutls_openpgp_get_algo( pkt->pkt.secret_key->pk->pubkey_algo); + pk_algorithm = + _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); switch (pk_algorithm) { - case GNUTLS_PK_RSA: - local_params = RSA_PRIVATE_PARAMS; - break; - case GNUTLS_PK_DSA: - local_params = DSA_PRIVATE_PARAMS; - break; - default: - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + case GNUTLS_PK_RSA: + local_params = RSA_PRIVATE_PARAMS; + break; + case GNUTLS_PK_DSA: + local_params = DSA_PRIVATE_PARAMS; + break; + default: + gnutls_assert (); + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; } - if (*params_size < local_params) + if (*params_size < local_params) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; } - + *params_size = local_params; - + for (i = 0; i < local_params; i++) { - result = _gnutls_read_pgp_mpi( pkt, 1, i, ¶ms[i]); - if (result < 0) - { - gnutls_assert(); - goto error; - } + result = _gnutls_read_pgp_mpi (pkt, 1, i, ¶ms[i]); + if (result < 0) + { + gnutls_assert (); + goto error; + } } return 0; - + error: { int j; - for (j=0;j<i;j++) - _gnutls_mpi_release( ¶ms[j]); + for (j = 0; j < i; j++) + _gnutls_mpi_release (¶ms[j]); } return result; @@ -721,11 +731,11 @@ error: /* The internal version of export */ -static -int _get_sk_rsa_raw(gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u) +static int +_get_sk_rsa_raw (gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, + gnutls_datum_t * m, gnutls_datum_t * e, + gnutls_datum_t * d, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * u) { int pk_algorithm, ret, i; cdk_packet_t pkt; @@ -738,18 +748,19 @@ int _get_sk_rsa_raw(gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - KEYID_IMPORT(kid32, keyid); - - pkt = _gnutls_openpgp_find_key( pkey->knode, kid32, 1); + + KEYID_IMPORT (kid32, keyid); + + pkt = _gnutls_openpgp_find_key (pkey->knode, kid32, 1); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - pk_algorithm = _gnutls_openpgp_get_algo( pkt->pkt.secret_key->pk->pubkey_algo); - + pk_algorithm = + _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); + if (pk_algorithm != GNUTLS_PK_RSA) { gnutls_assert (); @@ -830,11 +841,10 @@ cleanup: return ret; } -static -int _get_sk_dsa_raw(gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x) +static int +_get_sk_dsa_raw (gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, gnutls_datum_t * x) { int pk_algorithm, ret, i; cdk_packet_t pkt; @@ -847,18 +857,19 @@ int _get_sk_dsa_raw(gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid, gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } - - KEYID_IMPORT(kid32, keyid); - pkt = _gnutls_openpgp_find_key( pkey->knode, kid32, 1); + KEYID_IMPORT (kid32, keyid); + + pkt = _gnutls_openpgp_find_key (pkey->knode, kid32, 1); if (pkt == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_OPENPGP_GETKEY_FAILED; } - pk_algorithm = _gnutls_openpgp_get_algo( pkt->pkt.secret_key->pk->pubkey_algo); - + pk_algorithm = + _gnutls_openpgp_get_algo (pkt->pkt.secret_key->pk->pubkey_algo); + if (pk_algorithm != GNUTLS_PK_DSA) { gnutls_assert (); @@ -953,22 +964,22 @@ cleanup: * Since: 2.4.0 **/ int -gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t pkey, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u) +gnutls_openpgp_privkey_export_rsa_raw (gnutls_openpgp_privkey_t pkey, + gnutls_datum_t * m, gnutls_datum_t * e, + gnutls_datum_t * d, gnutls_datum_t * p, + gnutls_datum_t * q, gnutls_datum_t * u) { -gnutls_openpgp_keyid_t keyid; -int ret; + gnutls_openpgp_keyid_t keyid; + int ret; - ret = gnutls_openpgp_privkey_get_key_id( pkey, keyid); + ret = gnutls_openpgp_privkey_get_key_id (pkey, keyid); if (ret < 0) { gnutls_assert (); return ret; } - - return _get_sk_rsa_raw( pkey, keyid, m, e, d, p, q, u); + + return _get_sk_rsa_raw (pkey, keyid, m, e, d, p, q, u); } /** @@ -989,22 +1000,22 @@ int ret; * Since: 2.4.0 **/ int -gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t pkey, - gnutls_datum_t * p, gnutls_datum_t * q, - gnutls_datum_t * g, gnutls_datum_t * y, - gnutls_datum_t * x) +gnutls_openpgp_privkey_export_dsa_raw (gnutls_openpgp_privkey_t pkey, + gnutls_datum_t * p, gnutls_datum_t * q, + gnutls_datum_t * g, gnutls_datum_t * y, + gnutls_datum_t * x) { -gnutls_openpgp_keyid_t keyid; -int ret; + gnutls_openpgp_keyid_t keyid; + int ret; - ret = gnutls_openpgp_privkey_get_key_id( pkey, keyid); + ret = gnutls_openpgp_privkey_get_key_id (pkey, keyid); if (ret < 0) { gnutls_assert (); return ret; } - - return _get_sk_dsa_raw( pkey, keyid, p, q, g, y, x); + + return _get_sk_dsa_raw (pkey, keyid, p, q, g, y, x); } /** @@ -1027,22 +1038,26 @@ int ret; * Since: 2.4.0 **/ int -gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t pkey, unsigned int idx, - gnutls_datum_t * m, gnutls_datum_t * e, - gnutls_datum_t * d, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * u) +gnutls_openpgp_privkey_export_subkey_rsa_raw (gnutls_openpgp_privkey_t pkey, + unsigned int idx, + gnutls_datum_t * m, + gnutls_datum_t * e, + gnutls_datum_t * d, + gnutls_datum_t * p, + gnutls_datum_t * q, + gnutls_datum_t * u) { -gnutls_openpgp_keyid_t keyid; -int ret; + gnutls_openpgp_keyid_t keyid; + int ret; - ret = gnutls_openpgp_privkey_get_subkey_id( pkey, idx, keyid); + ret = gnutls_openpgp_privkey_get_subkey_id (pkey, idx, keyid); if (ret < 0) { gnutls_assert (); return ret; } - - return _get_sk_rsa_raw( pkey, keyid, m, e, d, p, q, u); + + return _get_sk_rsa_raw (pkey, keyid, m, e, d, p, q, u); } /** @@ -1075,14 +1090,14 @@ gnutls_openpgp_privkey_export_subkey_dsa_raw (gnutls_openpgp_privkey_t pkey, gnutls_openpgp_keyid_t keyid; int ret; - ret = gnutls_openpgp_privkey_get_subkey_id( pkey, idx, keyid); + ret = gnutls_openpgp_privkey_get_subkey_id (pkey, idx, keyid); if (ret < 0) { gnutls_assert (); return ret; } - return _get_sk_dsa_raw( pkey, keyid, p, q, g, y, x); + return _get_sk_dsa_raw (pkey, keyid, p, q, g, y, x); } /** @@ -1105,7 +1120,7 @@ gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } - memcpy( keyid, key->preferred_keyid, sizeof(gnutls_openpgp_keyid_t)); + memcpy (keyid, key->preferred_keyid, sizeof (gnutls_openpgp_keyid_t)); return 0; } @@ -1122,7 +1137,8 @@ gnutls_openpgp_privkey_get_preferred_key_id (gnutls_openpgp_privkey_t key, **/ int gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t key, - const gnutls_openpgp_keyid_t keyid) + const gnutls_openpgp_keyid_t + keyid) { int ret; @@ -1133,16 +1149,16 @@ gnutls_openpgp_privkey_set_preferred_key_id (gnutls_openpgp_privkey_t key, } /* check if the id is valid */ - ret = gnutls_openpgp_privkey_get_subkey_idx ( key, keyid); + ret = gnutls_openpgp_privkey_get_subkey_idx (key, keyid); if (ret < 0) { - _gnutls_x509_log("the requested subkey does not exist\n"); - gnutls_assert(); + _gnutls_x509_log ("the requested subkey does not exist\n"); + gnutls_assert (); return ret; } key->preferred_set = 1; - memcpy( key->preferred_keyid, keyid, sizeof(gnutls_openpgp_keyid_t)); + memcpy (key->preferred_keyid, keyid, sizeof (gnutls_openpgp_keyid_t)); return 0; } diff --git a/lib/pk-libgcrypt.c b/lib/pk-libgcrypt.c index 2c1c83c117..0db5534c2c 100644 --- a/lib/pk-libgcrypt.c +++ b/lib/pk-libgcrypt.c @@ -47,191 +47,210 @@ int (*generate) (gnutls_pk_algorithm_t, unsigned int level /*bits */ , gnutls_pk_params_st *); int -_wrap_gcry_pk_encrypt(gnutls_pk_algorithm_t algo, - gnutls_datum_t * ciphertext, - const gnutls_datum_t * plaintext, - const gnutls_pk_params_st * pk_params) +_wrap_gcry_pk_encrypt (gnutls_pk_algorithm_t algo, + gnutls_datum_t * ciphertext, + const gnutls_datum_t * plaintext, + const gnutls_pk_params_st * pk_params) { gcry_sexp_t s_ciph = NULL, s_data = NULL, s_pkey = NULL; int rc = -1; int ret; bigint_t data = NULL; - if (_gnutls_mpi_scan_nz(&data, plaintext->data, plaintext->size) != 0) { - gnutls_assert(); - return GNUTLS_E_MPI_SCAN_FAILED; - } + if (_gnutls_mpi_scan_nz (&data, plaintext->data, plaintext->size) != 0) + { + gnutls_assert (); + return GNUTLS_E_MPI_SCAN_FAILED; + } /* make a sexp from pkey */ - switch (algo) { - case GNUTLS_PK_RSA: - if (pk_params->params_nr >= 2) - rc = gcry_sexp_build(&s_pkey, NULL, - "(public-key(rsa(n%m)(e%m)))", - pk_params->params[0], pk_params->params[1]); - break; - - default: - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - if (rc != 0) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - /* put the data into a simple list */ - if (gcry_sexp_build(&s_data, NULL, "%m", data)) { - gnutls_assert(); - ret = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - _gnutls_mpi_release(&data); - - /* pass it to libgcrypt */ - rc = gcry_pk_encrypt(&s_ciph, s_data, s_pkey); - gcry_sexp_release(s_data); - s_data = NULL; - gcry_sexp_release(s_pkey); - s_pkey = NULL; - - if (rc != 0) { - gnutls_assert(); - ret = GNUTLS_E_PK_ENCRYPTION_FAILED; - goto cleanup; - } else { - gcry_sexp_t list = gcry_sexp_find_token(s_ciph, "a", 0); - bigint_t res; - - if (list == NULL) { - gnutls_assert(); + switch (algo) + { + case GNUTLS_PK_RSA: + if (pk_params->params_nr >= 2) + rc = gcry_sexp_build (&s_pkey, NULL, + "(public-key(rsa(n%m)(e%m)))", + pk_params->params[0], pk_params->params[1]); + break; + + default: + gnutls_assert (); ret = GNUTLS_E_INTERNAL_ERROR; goto cleanup; } - res = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - if (res == NULL) { - gnutls_assert(); + if (rc != 0) + { + gnutls_assert (); ret = GNUTLS_E_INTERNAL_ERROR; goto cleanup; } - ret = _gnutls_mpi_dprint_size(res, ciphertext, plaintext->size); - _gnutls_mpi_release(&res); + /* put the data into a simple list */ + if (gcry_sexp_build (&s_data, NULL, "%m", data)) + { + gnutls_assert (); + ret = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + _gnutls_mpi_release (&data); + + /* pass it to libgcrypt */ + rc = gcry_pk_encrypt (&s_ciph, s_data, s_pkey); + gcry_sexp_release (s_data); + s_data = NULL; + gcry_sexp_release (s_pkey); + s_pkey = NULL; - if (ret < 0) { - gnutls_assert(); + if (rc != 0) + { + gnutls_assert (); + ret = GNUTLS_E_PK_ENCRYPTION_FAILED; goto cleanup; } - } + else + { + gcry_sexp_t list = gcry_sexp_find_token (s_ciph, "a", 0); + bigint_t res; + + if (list == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + res = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + if (res == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + ret = _gnutls_mpi_dprint_size (res, ciphertext, plaintext->size); + _gnutls_mpi_release (&res); + + if (ret < 0) + { + gnutls_assert (); + goto cleanup; + } + } - gcry_sexp_release(s_ciph); + gcry_sexp_release (s_ciph); return 0; cleanup: - _gnutls_mpi_release(&data); + _gnutls_mpi_release (&data); if (s_ciph) - gcry_sexp_release(s_ciph); + gcry_sexp_release (s_ciph); if (s_data) - gcry_sexp_release(s_data); + gcry_sexp_release (s_data); if (s_pkey) - gcry_sexp_release(s_pkey); + gcry_sexp_release (s_pkey); return ret; } int -_wrap_gcry_pk_decrypt(gnutls_pk_algorithm_t algo, - gnutls_datum_t * plaintext, - const gnutls_datum_t * ciphertext, - const gnutls_pk_params_st * pk_params) +_wrap_gcry_pk_decrypt (gnutls_pk_algorithm_t algo, + gnutls_datum_t * plaintext, + const gnutls_datum_t * ciphertext, + const gnutls_pk_params_st * pk_params) { gcry_sexp_t s_plain = NULL, s_data = NULL, s_pkey = NULL; int rc = -1; int ret; bigint_t data; - if (_gnutls_mpi_scan_nz(&data, ciphertext->data, ciphertext->size) != 0) { - gnutls_assert(); - return GNUTLS_E_MPI_SCAN_FAILED; - } + if (_gnutls_mpi_scan_nz (&data, ciphertext->data, ciphertext->size) != 0) + { + gnutls_assert (); + return GNUTLS_E_MPI_SCAN_FAILED; + } /* make a sexp from pkey */ - switch (algo) { - case GNUTLS_PK_RSA: - if (pk_params->params_nr >= 6) - rc = gcry_sexp_build(&s_pkey, NULL, - "(private-key(rsa((n%m)(e%m)(d%m)(p%m)(q%m)(u%m))))", - pk_params->params[0], pk_params->params[1], - pk_params->params[2], pk_params->params[3], - pk_params->params[4], pk_params->params[5]); - break; - - default: - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - if (rc != 0) { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } - - /* put the data into a simple list */ - if (gcry_sexp_build(&s_data, NULL, "(enc-val(rsa(a%m)))", data)) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } + switch (algo) + { + case GNUTLS_PK_RSA: + if (pk_params->params_nr >= 6) + rc = gcry_sexp_build (&s_pkey, NULL, + "(private-key(rsa((n%m)(e%m)(d%m)(p%m)(q%m)(u%m))))", + pk_params->params[0], pk_params->params[1], + pk_params->params[2], pk_params->params[3], + pk_params->params[4], pk_params->params[5]); + break; + + default: + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } - _gnutls_mpi_release(&data); + if (rc != 0) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } - /* pass it to libgcrypt */ - rc = gcry_pk_decrypt(&s_plain, s_data, s_pkey); - gcry_sexp_release(s_data); - gcry_sexp_release(s_pkey); - - if (rc != 0) { - gnutls_assert(); - return GNUTLS_E_PK_DECRYPTION_FAILED; - } else { - bigint_t res; - res = gcry_sexp_nth_mpi(s_plain, 0, 0); - gcry_sexp_release(s_plain); - - if (res == NULL) { - gnutls_assert(); + /* put the data into a simple list */ + if (gcry_sexp_build (&s_data, NULL, "(enc-val(rsa(a%m)))", data)) + { + gnutls_assert (); ret = GNUTLS_E_INTERNAL_ERROR; goto cleanup; } - ret = _gnutls_mpi_dprint_size(res, plaintext, ciphertext->size); - _gnutls_mpi_release(&res); + _gnutls_mpi_release (&data); - if (ret < 0) { - gnutls_assert(); - goto cleanup; + /* pass it to libgcrypt */ + rc = gcry_pk_decrypt (&s_plain, s_data, s_pkey); + gcry_sexp_release (s_data); + gcry_sexp_release (s_pkey); + + if (rc != 0) + { + gnutls_assert (); + return GNUTLS_E_PK_DECRYPTION_FAILED; } + else + { + bigint_t res; + res = gcry_sexp_nth_mpi (s_plain, 0, 0); + gcry_sexp_release (s_plain); + + if (res == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + ret = _gnutls_mpi_dprint_size (res, plaintext, ciphertext->size); + _gnutls_mpi_release (&res); + + if (ret < 0) + { + gnutls_assert (); + goto cleanup; + } - } + } return 0; cleanup: - _gnutls_mpi_release(&data); + _gnutls_mpi_release (&data); if (s_plain) - gcry_sexp_release(s_plain); + gcry_sexp_release (s_plain); if (s_data) - gcry_sexp_release(s_data); + gcry_sexp_release (s_data); if (s_pkey) - gcry_sexp_release(s_pkey); + gcry_sexp_release (s_pkey); return ret; @@ -241,9 +260,9 @@ cleanup: /* in case of DSA puts into data, r,s */ int -_wrap_gcry_pk_sign(gnutls_pk_algorithm_t algo, gnutls_datum_t * signature, - const gnutls_datum_t * vdata, - const gnutls_pk_params_st * pk_params) +_wrap_gcry_pk_sign (gnutls_pk_algorithm_t algo, gnutls_datum_t * signature, + const gnutls_datum_t * vdata, + const gnutls_pk_params_st * pk_params) { gcry_sexp_t s_hash = NULL, s_key = NULL, s_sig = NULL; gcry_sexp_t list = NULL; @@ -251,336 +270,370 @@ _wrap_gcry_pk_sign(gnutls_pk_algorithm_t algo, gnutls_datum_t * signature, bigint_t hash; bigint_t res[2] = { NULL, NULL }; - if (_gnutls_mpi_scan_nz(&hash, vdata->data, vdata->size) != 0) { - gnutls_assert(); - return GNUTLS_E_MPI_SCAN_FAILED; - } + if (_gnutls_mpi_scan_nz (&hash, vdata->data, vdata->size) != 0) + { + gnutls_assert (); + return GNUTLS_E_MPI_SCAN_FAILED; + } /* make a sexp from pkey */ - switch (algo) { - case GNUTLS_PK_DSA: - if (pk_params->params_nr >= 5) - rc = gcry_sexp_build(&s_key, NULL, - "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))", - pk_params->params[0], pk_params->params[1], - pk_params->params[2], pk_params->params[3], - pk_params->params[4]); - else { - gnutls_assert(); - } - - break; - case GNUTLS_PK_RSA: - if (pk_params->params_nr >= 6) - rc = gcry_sexp_build(&s_key, NULL, - "(private-key(rsa((n%m)(e%m)(d%m)(p%m)(q%m)(u%m))))", - pk_params->params[0], pk_params->params[1], - pk_params->params[2], pk_params->params[3], - pk_params->params[4], pk_params->params[5]); - else { - gnutls_assert(); - } - break; - - default: - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } - - if (rc != 0) { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } + switch (algo) + { + case GNUTLS_PK_DSA: + if (pk_params->params_nr >= 5) + rc = gcry_sexp_build (&s_key, NULL, + "(private-key(dsa(p%m)(q%m)(g%m)(y%m)(x%m)))", + pk_params->params[0], pk_params->params[1], + pk_params->params[2], pk_params->params[3], + pk_params->params[4]); + else + { + gnutls_assert (); + } + + break; + case GNUTLS_PK_RSA: + if (pk_params->params_nr >= 6) + rc = gcry_sexp_build (&s_key, NULL, + "(private-key(rsa((n%m)(e%m)(d%m)(p%m)(q%m)(u%m))))", + pk_params->params[0], pk_params->params[1], + pk_params->params[2], pk_params->params[3], + pk_params->params[4], pk_params->params[5]); + else + { + gnutls_assert (); + } + break; + + default: + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } + + if (rc != 0) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } /* put the data into a simple list */ - if (gcry_sexp_build(&s_hash, NULL, "%m", hash)) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } + if (gcry_sexp_build (&s_hash, NULL, "%m", hash)) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } - _gnutls_mpi_release(&hash); + _gnutls_mpi_release (&hash); /* pass it to libgcrypt */ - rc = gcry_pk_sign(&s_sig, s_hash, s_key); - gcry_sexp_release(s_hash); - gcry_sexp_release(s_key); - - if (rc != 0) { - gnutls_assert(); - ret = GNUTLS_E_PK_SIGN_FAILED; - goto cleanup; - } + rc = gcry_pk_sign (&s_sig, s_hash, s_key); + gcry_sexp_release (s_hash); + gcry_sexp_release (s_key); + + if (rc != 0) + { + gnutls_assert (); + ret = GNUTLS_E_PK_SIGN_FAILED; + goto cleanup; + } ret = GNUTLS_E_INTERNAL_ERROR; - if (algo == GNUTLS_PK_DSA) { - list = gcry_sexp_find_token(s_sig, "r", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(s_sig); - return GNUTLS_E_INTERNAL_ERROR; - } + if (algo == GNUTLS_PK_DSA) + { + list = gcry_sexp_find_token (s_sig, "r", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (s_sig); + return GNUTLS_E_INTERNAL_ERROR; + } - res[0] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); + res[0] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); - list = gcry_sexp_find_token(s_sig, "s", 0); - if (list == NULL) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } + list = gcry_sexp_find_token (s_sig, "s", 0); + if (list == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } - res[1] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); + res[1] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); - ret = _gnutls_encode_ber_rs(signature, res[0], res[1]); + ret = _gnutls_encode_ber_rs (signature, res[0], res[1]); - } else if (algo == GNUTLS_PK_RSA) { /* GCRY_PK_RSA */ - list = gcry_sexp_find_token(s_sig, "s", 0); - if (list == NULL) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; + } + else if (algo == GNUTLS_PK_RSA) + { /* GCRY_PK_RSA */ + list = gcry_sexp_find_token (s_sig, "s", 0); + if (list == NULL) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + res[0] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + ret = _gnutls_mpi_dprint (res[0], signature); } - res[0] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - ret = _gnutls_mpi_dprint(res[0], signature); - } - - if (ret < 0) { - gnutls_assert(); - goto cleanup; - } + if (ret < 0) + { + gnutls_assert (); + goto cleanup; + } - gcry_sexp_release(s_sig); + gcry_sexp_release (s_sig); return 0; cleanup: - _gnutls_mpi_release(&hash); - _gnutls_mpi_release(&res[0]); - _gnutls_mpi_release(&res[1]); + _gnutls_mpi_release (&hash); + _gnutls_mpi_release (&res[0]); + _gnutls_mpi_release (&res[1]); if (s_sig) - gcry_sexp_release(s_sig); + gcry_sexp_release (s_sig); if (list) - gcry_sexp_release(list); + gcry_sexp_release (list); if (s_hash) - gcry_sexp_release(s_hash); + gcry_sexp_release (s_hash); if (s_key) - gcry_sexp_release(s_key); + gcry_sexp_release (s_key); return ret; } -int _wrap_gcry_pk_verify( gnutls_pk_algorithm_t algo, - const gnutls_datum_t * vdata, const gnutls_datum_t * signature, - const gnutls_pk_params_st * pk_params) +int +_wrap_gcry_pk_verify (gnutls_pk_algorithm_t algo, + const gnutls_datum_t * vdata, + const gnutls_datum_t * signature, + const gnutls_pk_params_st * pk_params) { gcry_sexp_t s_sig, s_hash, s_pkey; int rc = -1, ret; bigint_t hash; bigint_t tmp[2] = { NULL, NULL }; - if (_gnutls_mpi_scan_nz(&hash, vdata->data, vdata->size) != 0) { - gnutls_assert(); - return GNUTLS_E_MPI_SCAN_FAILED; - } + if (_gnutls_mpi_scan_nz (&hash, vdata->data, vdata->size) != 0) + { + gnutls_assert (); + return GNUTLS_E_MPI_SCAN_FAILED; + } /* make a sexp from pkey */ - switch (algo) { - case GNUTLS_PK_DSA: - if (pk_params->params_nr >= 4) - rc = gcry_sexp_build(&s_pkey, NULL, - "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))", - pk_params->params[0], pk_params->params[1], pk_params->params[2], pk_params->params[3]); - break; - case GNUTLS_PK_RSA: - if (pk_params->params_nr >= 2) - rc = gcry_sexp_build(&s_pkey, NULL, - "(public-key(rsa(n%m)(e%m)))", - pk_params->params[0], pk_params->params[1]); - break; - - default: - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - if (rc != 0) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } + switch (algo) + { + case GNUTLS_PK_DSA: + if (pk_params->params_nr >= 4) + rc = gcry_sexp_build (&s_pkey, NULL, + "(public-key(dsa(p%m)(q%m)(g%m)(y%m)))", + pk_params->params[0], pk_params->params[1], + pk_params->params[2], pk_params->params[3]); + break; + case GNUTLS_PK_RSA: + if (pk_params->params_nr >= 2) + rc = gcry_sexp_build (&s_pkey, NULL, + "(public-key(rsa(n%m)(e%m)))", + pk_params->params[0], pk_params->params[1]); + break; + + default: + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + if (rc != 0) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } /* put the data into a simple list */ - if (gcry_sexp_build(&s_hash, NULL, "%m", hash)) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - switch (algo) { - case GNUTLS_PK_DSA: - ret = _gnutls_decode_ber_rs (signature, &tmp[0], &tmp[1]); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - rc = gcry_sexp_build(&s_sig, NULL, - "(sig-val(dsa(r%m)(s%m)))", tmp[0], tmp[1]); - - break; - case GNUTLS_PK_RSA: - ret = _gnutls_mpi_scan_nz( &tmp[0], signature->data, signature->size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - rc = gcry_sexp_build(&s_sig, NULL, "(sig-val(rsa(s%m)))", tmp[0]); - break; - - default: - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - if (rc != 0) { - gnutls_assert(); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - _gnutls_mpi_release(&tmp[0]); - _gnutls_mpi_release(&tmp[1]); - - rc = gcry_pk_verify(s_sig, s_hash, s_pkey); - - gcry_sexp_release(s_sig); - gcry_sexp_release(s_hash); - gcry_sexp_release(s_pkey); - - if (rc != 0) { - gnutls_assert(); - ret = GNUTLS_E_PK_SIG_VERIFY_FAILED; - goto cleanup; - } + if (gcry_sexp_build (&s_hash, NULL, "%m", hash)) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + switch (algo) + { + case GNUTLS_PK_DSA: + ret = _gnutls_decode_ber_rs (signature, &tmp[0], &tmp[1]); + if (ret < 0) + { + gnutls_assert (); + goto cleanup; + } + rc = gcry_sexp_build (&s_sig, NULL, + "(sig-val(dsa(r%m)(s%m)))", tmp[0], tmp[1]); + + break; + case GNUTLS_PK_RSA: + ret = _gnutls_mpi_scan_nz (&tmp[0], signature->data, signature->size); + if (ret < 0) + { + gnutls_assert (); + goto cleanup; + } + rc = gcry_sexp_build (&s_sig, NULL, "(sig-val(rsa(s%m)))", tmp[0]); + break; + + default: + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + if (rc != 0) + { + gnutls_assert (); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + + _gnutls_mpi_release (&tmp[0]); + _gnutls_mpi_release (&tmp[1]); + + rc = gcry_pk_verify (s_sig, s_hash, s_pkey); + + gcry_sexp_release (s_sig); + gcry_sexp_release (s_hash); + gcry_sexp_release (s_pkey); + + if (rc != 0) + { + gnutls_assert (); + ret = GNUTLS_E_PK_SIG_VERIFY_FAILED; + goto cleanup; + } return 0; cleanup: - _gnutls_mpi_release(&hash); - _gnutls_mpi_release(&tmp[0]); - _gnutls_mpi_release(&tmp[1]); + _gnutls_mpi_release (&hash); + _gnutls_mpi_release (&tmp[0]); + _gnutls_mpi_release (&tmp[1]); if (s_sig) - gcry_sexp_release(s_sig); + gcry_sexp_release (s_sig); if (s_hash) - gcry_sexp_release(s_hash); + gcry_sexp_release (s_hash); if (s_pkey) - gcry_sexp_release(s_pkey); + gcry_sexp_release (s_pkey); return ret; } -static int _dsa_generate_params(bigint_t * resarr, int *resarr_len, int bits) +static int +_dsa_generate_params (bigint_t * resarr, int *resarr_len, int bits) { int ret; gcry_sexp_t parms, key, list; /* FIXME: Remove me once we depend on 1.3.1 */ - if (bits > 1024 && gcry_check_version("1.3.1") == NULL) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - if (bits < 512) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - - ret = gcry_sexp_build(&parms, NULL, "(genkey(dsa(nbits %d)))", bits); - if (ret != 0) { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } + if (bits > 1024 && gcry_check_version ("1.3.1") == NULL) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + if (bits < 512) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + ret = gcry_sexp_build (&parms, NULL, "(genkey(dsa(nbits %d)))", bits); + if (ret != 0) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } /* generate the DSA key */ - ret = gcry_pk_genkey(&key, parms); - gcry_sexp_release(parms); - - if (ret != 0) { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } - - list = gcry_sexp_find_token(key, "p", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[0] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - list = gcry_sexp_find_token(key, "q", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[1] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - list = gcry_sexp_find_token(key, "g", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[2] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - list = gcry_sexp_find_token(key, "y", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[3] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - - list = gcry_sexp_find_token(key, "x", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[4] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - - gcry_sexp_release(key); - - _gnutls_dump_mpi("p: ", resarr[0]); - _gnutls_dump_mpi("q: ", resarr[1]); - _gnutls_dump_mpi("g: ", resarr[2]); - _gnutls_dump_mpi("y: ", resarr[3]); - _gnutls_dump_mpi("x: ", resarr[4]); + ret = gcry_pk_genkey (&key, parms); + gcry_sexp_release (parms); + + if (ret != 0) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } + + list = gcry_sexp_find_token (key, "p", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "q", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "g", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "y", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + + list = gcry_sexp_find_token (key, "x", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + + gcry_sexp_release (key); + + _gnutls_dump_mpi ("p: ", resarr[0]); + _gnutls_dump_mpi ("q: ", resarr[1]); + _gnutls_dump_mpi ("g: ", resarr[2]); + _gnutls_dump_mpi ("y: ", resarr[3]); + _gnutls_dump_mpi ("x: ", resarr[4]); *resarr_len = 5; @@ -588,97 +641,106 @@ static int _dsa_generate_params(bigint_t * resarr, int *resarr_len, int bits) } -static int _rsa_generate_params(bigint_t * resarr, int *resarr_len, int bits) +static int +_rsa_generate_params (bigint_t * resarr, int *resarr_len, int bits) { int ret; gcry_sexp_t parms, key, list; - ret = gcry_sexp_build(&parms, NULL, "(genkey(rsa(nbits %d)))", bits); - if (ret != 0) { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } + ret = gcry_sexp_build (&parms, NULL, "(genkey(rsa(nbits %d)))", bits); + if (ret != 0) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } /* generate the RSA key */ - ret = gcry_pk_genkey(&key, parms); - gcry_sexp_release(parms); - - if (ret != 0) { - gnutls_assert(); - return GNUTLS_E_INTERNAL_ERROR; - } - - list = gcry_sexp_find_token(key, "n", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[0] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - list = gcry_sexp_find_token(key, "e", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[1] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - list = gcry_sexp_find_token(key, "d", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[2] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - list = gcry_sexp_find_token(key, "p", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[3] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - - list = gcry_sexp_find_token(key, "q", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[4] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - - list = gcry_sexp_find_token(key, "u", 0); - if (list == NULL) { - gnutls_assert(); - gcry_sexp_release(key); - return GNUTLS_E_INTERNAL_ERROR; - } - - resarr[5] = gcry_sexp_nth_mpi(list, 1, 0); - gcry_sexp_release(list); - - gcry_sexp_release(key); - - _gnutls_dump_mpi("n: ", resarr[0]); - _gnutls_dump_mpi("e: ", resarr[1]); - _gnutls_dump_mpi("d: ", resarr[2]); - _gnutls_dump_mpi("p: ", resarr[3]); - _gnutls_dump_mpi("q: ", resarr[4]); - _gnutls_dump_mpi("u: ", resarr[5]); + ret = gcry_pk_genkey (&key, parms); + gcry_sexp_release (parms); + + if (ret != 0) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } + + list = gcry_sexp_find_token (key, "n", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "e", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "d", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "p", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + + list = gcry_sexp_find_token (key, "q", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + + list = gcry_sexp_find_token (key, "u", 0); + if (list == NULL) + { + gnutls_assert (); + gcry_sexp_release (key); + return GNUTLS_E_INTERNAL_ERROR; + } + + resarr[5] = gcry_sexp_nth_mpi (list, 1, 0); + gcry_sexp_release (list); + + gcry_sexp_release (key); + + _gnutls_dump_mpi ("n: ", resarr[0]); + _gnutls_dump_mpi ("e: ", resarr[1]); + _gnutls_dump_mpi ("d: ", resarr[2]); + _gnutls_dump_mpi ("p: ", resarr[3]); + _gnutls_dump_mpi ("q: ", resarr[4]); + _gnutls_dump_mpi ("u: ", resarr[5]); *resarr_len = 6; @@ -687,44 +749,46 @@ static int _rsa_generate_params(bigint_t * resarr, int *resarr_len, int bits) } -static -int wrap_gcry_pk_generate_params(gnutls_pk_algorithm_t algo, - unsigned int level /*bits */ , - gnutls_pk_params_st * params) +static int +wrap_gcry_pk_generate_params (gnutls_pk_algorithm_t algo, + unsigned int level /*bits */ , + gnutls_pk_params_st * params) { - switch (algo) { - - case GNUTLS_PK_DSA: - params->params_nr = RSA_PRIVATE_PARAMS; - params->params = gnutls_malloc(sizeof(bigint_t)*params->params_nr); - if (params->params == NULL) - { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - return _dsa_generate_params(params->params, ¶ms->params_nr, level); - - case GNUTLS_PK_RSA: - params->params_nr = DSA_PRIVATE_PARAMS; - params->params = gnutls_malloc(sizeof(bigint_t)*params->params_nr); - if (params->params == NULL) - { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - return _rsa_generate_params(params->params, ¶ms->params_nr, level); - - default: - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } + switch (algo) + { + + case GNUTLS_PK_DSA: + params->params_nr = RSA_PRIVATE_PARAMS; + params->params = gnutls_malloc (sizeof (bigint_t) * params->params_nr); + if (params->params == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + return _dsa_generate_params (params->params, ¶ms->params_nr, level); + + case GNUTLS_PK_RSA: + params->params_nr = DSA_PRIVATE_PARAMS; + params->params = gnutls_malloc (sizeof (bigint_t) * params->params_nr); + if (params->params == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + return _rsa_generate_params (params->params, ¶ms->params_nr, level); + + default: + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } } -static int wrap_gcry_pk_fixup(gnutls_pk_algorithm_t algo, - gnutls_direction_t direction, - gnutls_pk_params_st * params) +static int +wrap_gcry_pk_fixup (gnutls_pk_algorithm_t algo, + gnutls_direction_t direction, + gnutls_pk_params_st * params) { int ret; @@ -734,23 +798,27 @@ static int wrap_gcry_pk_fixup(gnutls_pk_algorithm_t algo, return 0; if (params->params[5]) - _gnutls_mpi_release(¶ms->params[5]); + _gnutls_mpi_release (¶ms->params[5]); params->params[5] = - _gnutls_mpi_new(_gnutls_mpi_get_nbits(params->params[0])); + _gnutls_mpi_new (_gnutls_mpi_get_nbits (params->params[0])); - if (params->params[5] == NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } + if (params->params[5] == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } if (direction == GNUTLS_IMPORT) - ret = gcry_mpi_invm(params->params[5], params->params[3], params->params[4]); + ret = + gcry_mpi_invm (params->params[5], params->params[3], params->params[4]); else - ret = gcry_mpi_invm(params->params[5], params->params[4], params->params[3]); - if (ret == 0) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } + ret = + gcry_mpi_invm (params->params[5], params->params[4], params->params[3]); + if (ret == 0) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } return 0; } diff --git a/lib/random.c b/lib/random.c index 40b959b0bd..71174fa5d5 100644 --- a/lib/random.c +++ b/lib/random.c @@ -29,36 +29,40 @@ #include <gnutls_errors.h> #include <random.h> -static void * rnd_ctx; +static void *rnd_ctx; -int _gnutls_rnd_init () +int +_gnutls_rnd_init () { - if (_gnutls_rnd_ops.init != NULL) { - if (_gnutls_rnd_ops.init(& rnd_ctx) < 0) { - gnutls_assert(); - return GNUTLS_E_RANDOM_FAILED; + if (_gnutls_rnd_ops.init != NULL) + { + if (_gnutls_rnd_ops.init (&rnd_ctx) < 0) + { + gnutls_assert (); + return GNUTLS_E_RANDOM_FAILED; + } } - } - + return 0; } void _gnutls_rnd_deinit () { - if (_gnutls_rnd_ops.deinit != NULL) { - _gnutls_rnd_ops.deinit( rnd_ctx); - } - + if (_gnutls_rnd_ops.deinit != NULL) + { + _gnutls_rnd_ops.deinit (rnd_ctx); + } + return; } int _gnutls_rnd (int level, void *data, int len) { - if (len > 0) { - return _gnutls_rnd_ops.rnd( rnd_ctx, level, data, len); - } + if (len > 0) + { + return _gnutls_rnd_ops.rnd (rnd_ctx, level, data, len); + } return 0; } - diff --git a/lib/rnd-libgcrypt.c b/lib/rnd-libgcrypt.c index 3a4a50d590..372856a2a4 100644 --- a/lib/rnd-libgcrypt.c +++ b/lib/rnd-libgcrypt.c @@ -32,22 +32,24 @@ #include <gnutls_mpi.h> #include <gcrypt.h> -static int wrap_gcry_rnd_init( void** ctx) +static int +wrap_gcry_rnd_init (void **ctx) { -char c; + char c; + + gcry_create_nonce (&c, 1); + gcry_randomize (&c, 1, GCRY_STRONG_RANDOM); - gcry_create_nonce ( &c, 1); - gcry_randomize(&c, 1, GCRY_STRONG_RANDOM); - return 0; } -static int wrap_gcry_rnd( void* ctx, int level, void* data, int datasize) +static int +wrap_gcry_rnd (void *ctx, int level, void *data, int datasize) { if (level == GNUTLS_RND_NONCE) - gcry_create_nonce ( data, datasize); + gcry_create_nonce (data, datasize); else - gcry_randomize( data, datasize, level); + gcry_randomize (data, datasize, level); return 0; } diff --git a/lib/x509/common.c b/lib/x509/common.c index 925051eae9..54cf5c8ddb 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c @@ -218,10 +218,11 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, } if ((result = - asn1_der_decoding (&tmpasn, value, value_size, asn1_err)) != ASN1_SUCCESS) + asn1_der_decoding (&tmpasn, value, value_size, + asn1_err)) != ASN1_SUCCESS) { gnutls_assert (); - _gnutls_x509_log("asn1_der_decoding: %s:%s\n", str, asn1_err); + _gnutls_x509_log ("asn1_der_decoding: %s:%s\n", str, asn1_err); asn1_delete_structure (&tmpasn); return _gnutls_asn2err (result); } @@ -256,8 +257,7 @@ _gnutls_x509_oid_data2string (const char *oid, void *value, * UTF-8 (thus ASCII as well). */ if (strcmp (str, "printableString") != 0 && - strcmp (str, "ia5String") != 0 && - strcmp (str, "utf8String") != 0) + strcmp (str, "ia5String") != 0 && strcmp (str, "utf8String") != 0) { non_printable = 1; } @@ -711,8 +711,9 @@ _gnutls_x509_san_find_type (char *str_type) */ int _gnutls_x509_export_int_named (ASN1_TYPE asn1_data, const char *name, - gnutls_x509_crt_fmt_t format, char *pem_header, - unsigned char *output_data, size_t * output_data_size) + gnutls_x509_crt_fmt_t format, char *pem_header, + unsigned char *output_data, + size_t * output_data_size) { int result, len; @@ -745,12 +746,12 @@ _gnutls_x509_export_int_named (ASN1_TYPE asn1_data, const char *name, opaque *out; gnutls_datum tmp; - result = _gnutls_x509_der_encode( asn1_data, name, &tmp, 0); + result = _gnutls_x509_der_encode (asn1_data, name, &tmp, 0); if (result < 0) - { - gnutls_assert(); - return result; - } + { + gnutls_assert (); + return result; + } result = _gnutls_fbase64_encode (pem_header, tmp.data, tmp.size, &out); @@ -795,12 +796,13 @@ _gnutls_x509_export_int_named (ASN1_TYPE asn1_data, const char *name, int _gnutls_x509_export_int (ASN1_TYPE asn1_data, - gnutls_x509_crt_fmt_t format, char *pem_header, - unsigned char *output_data, size_t * output_data_size) + gnutls_x509_crt_fmt_t format, char *pem_header, + unsigned char *output_data, + size_t * output_data_size) { - return _gnutls_x509_export_int_named (asn1_data, "", - format, pem_header, output_data, - output_data_size); + return _gnutls_x509_export_int_named (asn1_data, "", + format, pem_header, output_data, + output_data_size); } /* Decodes an octet string. Leave string_type null for a normal @@ -883,7 +885,8 @@ _gnutls_x509_read_value (ASN1_TYPE c, const char *root, return result; } - if (flags==2) len /= 8; + if (flags == 2) + len /= 8; tmp = gnutls_malloc (len); if (tmp == NULL) @@ -901,12 +904,13 @@ _gnutls_x509_read_value (ASN1_TYPE c, const char *root, goto cleanup; } - if (flags==2) len /= 8; + if (flags == 2) + len /= 8; /* Extract the OCTET STRING. */ - if (flags==1) + if (flags == 1) { slen = len; result = _gnutls_x509_decode_octet_string (NULL, tmp, slen, tmp, &slen); @@ -1324,38 +1328,39 @@ _gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name, len /= 8; - switch (algo) + switch (algo) { case GNUTLS_PK_RSA: { - if ((result = _gnutls_x509_read_rsa_params (str, len, params)) < 0) - { - gnutls_assert (); - return result; - } + if ((result = _gnutls_x509_read_rsa_params (str, len, params)) < 0) + { + gnutls_assert (); + return result; + } - bits[0] = _gnutls_mpi_get_nbits (params[0]); + bits[0] = _gnutls_mpi_get_nbits (params[0]); - _gnutls_mpi_release (¶ms[0]); - _gnutls_mpi_release (¶ms[1]); + _gnutls_mpi_release (¶ms[0]); + _gnutls_mpi_release (¶ms[1]); } break; case GNUTLS_PK_DSA: { - if ((result = _gnutls_x509_read_dsa_pubkey (str, len, params)) < 0) - { - gnutls_assert (); - return result; - } + if ((result = _gnutls_x509_read_dsa_pubkey (str, len, params)) < 0) + { + gnutls_assert (); + return result; + } - bits[0] = _gnutls_mpi_get_nbits (params[3]); + bits[0] = _gnutls_mpi_get_nbits (params[3]); - _gnutls_mpi_release (¶ms[3]); + _gnutls_mpi_release (¶ms[3]); } break; default: - _gnutls_x509_log("_gnutls_x509_get_pk_algorithm: unhandled algorithm %d\n", algo); + _gnutls_x509_log + ("_gnutls_x509_get_pk_algorithm: unhandled algorithm %d\n", algo); } gnutls_free (str); diff --git a/lib/x509/crl.c b/lib/x509/crl.c index b37f26cf78..f7a59e6445 100644 --- a/lib/x509/crl.c +++ b/lib/x509/crl.c @@ -324,7 +324,7 @@ gnutls_x509_crl_get_signature_algorithm (gnutls_x509_crl_t crl) **/ int gnutls_x509_crl_get_signature (gnutls_x509_crl_t crl, - char *sig, size_t *sizeof_sig) + char *sig, size_t * sizeof_sig) { int result; int bits; @@ -506,8 +506,10 @@ gnutls_x509_crl_get_crt_serial (gnutls_x509_crl_t crl, int indx, return GNUTLS_E_INVALID_REQUEST; } - snprintf( serial_name, sizeof(serial_name), "tbsCertList.revokedCertificates.?%u.userCertificate", indx+1); - snprintf( date_name, sizeof(date_name), "tbsCertList.revokedCertificates.?%u.revocationDate", indx+1); + snprintf (serial_name, sizeof (serial_name), + "tbsCertList.revokedCertificates.?%u.userCertificate", indx + 1); + snprintf (date_name, sizeof (date_name), + "tbsCertList.revokedCertificates.?%u.revocationDate", indx + 1); _serial_size = *serial_size; result = asn1_read_value (crl->crl, serial_name, serial, &_serial_size); @@ -639,8 +641,7 @@ gnutls_x509_crl_export (gnutls_x509_crl_t crl, } return _gnutls_x509_export_int (crl->crl, format, PEM_CRL, - output_data, - output_data_size); + output_data, output_data_size); } /*- diff --git a/lib/x509/crq.c b/lib/x509/crq.c index 6aaaf83f4c..ff73c401b2 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -312,9 +312,9 @@ parse_attribute (ASN1_TYPE asn1_struct, /* create a string like "attribute.?1" */ if (attr_name[0] != 0) - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", attr_name, k1); + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", attr_name, k1); else - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); len = sizeof (value) - 1; result = asn1_read_value (asn1_struct, tmpbuffer1, value, &len); @@ -356,7 +356,8 @@ parse_attribute (ASN1_TYPE asn1_struct, /* Read the Value */ - snprintf( tmpbuffer3, sizeof (tmpbuffer3), "%s.values.?%u", tmpbuffer1, indx+1); + snprintf (tmpbuffer3, sizeof (tmpbuffer3), "%s.values.?%u", + tmpbuffer1, indx + 1); len = sizeof (value) - 1; result = asn1_read_value (asn1_struct, tmpbuffer3, value, &len); @@ -861,8 +862,7 @@ gnutls_x509_crq_export (gnutls_x509_crq_t crq, } return _gnutls_x509_export_int (crq->crq, format, PEM_CRQ, - output_data, - output_data_size); + output_data, output_data_size); } /** diff --git a/lib/x509/dn.c b/lib/x509/dn.c index 44fe5ad8c8..abc3afa8d6 100644 --- a/lib/x509/dn.c +++ b/lib/x509/dn.c @@ -123,11 +123,12 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct, k1++; /* create a string like "tbsCertList.issuer.rdnSequence.?1" */ - if (asn1_rdn_name[0]!=0) - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", asn1_rdn_name, k1); + if (asn1_rdn_name[0] != 0) + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", asn1_rdn_name, + k1); else - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); - + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); + len = sizeof (value) - 1; result = asn1_read_value (asn1_struct, tmpbuffer1, value, &len); @@ -150,10 +151,11 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct, */ k2++; - if (tmpbuffer1[0] != 0) - snprintf( tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, k2); - else - snprintf( tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); + if (tmpbuffer1[0] != 0) + snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, + k2); + else + snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); /* Try to read the RelativeDistinguishedName attributes. */ @@ -261,7 +263,7 @@ _gnutls_x509_parse_dn (ASN1_TYPE asn1_struct, STR_APPEND (ldap_desc); STR_APPEND ("="); result = 0; - + if (printable) result = _gnutls_x509_oid_data2string (oid, @@ -362,9 +364,10 @@ _gnutls_x509_parse_dn_oid (ASN1_TYPE asn1_struct, /* create a string like "tbsCertList.issuer.rdnSequence.?1" */ if (asn1_rdn_name[0] != 0) - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", asn1_rdn_name, k1); + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", asn1_rdn_name, + k1); else - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); len = sizeof (value) - 1; result = asn1_read_value (asn1_struct, tmpbuffer1, value, &len); @@ -389,10 +392,11 @@ _gnutls_x509_parse_dn_oid (ASN1_TYPE asn1_struct, */ k2++; - if (tmpbuffer1[0] != 0) - snprintf( tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, k2); - else - snprintf( tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); + if (tmpbuffer1[0] != 0) + snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, + k2); + else + snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); /* Try to read the RelativeDistinguishedName attributes. */ @@ -529,9 +533,10 @@ _gnutls_x509_get_dn_oid (ASN1_TYPE asn1_struct, /* create a string like "tbsCertList.issuer.rdnSequence.?1" */ if (asn1_rdn_name[0] != 0) - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", asn1_rdn_name, k1); + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", asn1_rdn_name, + k1); else - snprintf( tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); + snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); len = sizeof (value) - 1; result = asn1_read_value (asn1_struct, tmpbuffer1, value, &len); @@ -556,10 +561,11 @@ _gnutls_x509_get_dn_oid (ASN1_TYPE asn1_struct, */ k2++; - if (tmpbuffer1[0] != 0) - snprintf( tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, k2); - else - snprintf( tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); + if (tmpbuffer1[0] != 0) + snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, + k2); + else + snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); /* Try to read the RelativeDistinguishedName attributes. */ @@ -956,7 +962,8 @@ _gnutls_x509_set_dn_oid (ASN1_TYPE asn1_struct, * * Since: 2.4.0 **/ -int gnutls_x509_dn_init (gnutls_x509_dn_t * odn) +int +gnutls_x509_dn_init (gnutls_x509_dn_t * odn) { int result; ASN1_TYPE dn = ASN1_TYPE_EMPTY; @@ -991,8 +998,7 @@ int gnutls_x509_dn_init (gnutls_x509_dn_t * odn) * Since: 2.4.0 **/ int -gnutls_x509_dn_import (gnutls_x509_dn_t odn, - const gnutls_datum_t * data) +gnutls_x509_dn_import (gnutls_x509_dn_t odn, const gnutls_datum_t * data) { int result; char err[MAX_ERROR_DESCRIPTION_SIZE]; @@ -1002,7 +1008,7 @@ gnutls_x509_dn_import (gnutls_x509_dn_t odn, if (result != ASN1_SUCCESS) { /* couldn't decode DER */ - _gnutls_x509_log("ASN.1 Decoding error: %s\n", err); + _gnutls_x509_log ("ASN.1 Decoding error: %s\n", err); gnutls_assert (); return _gnutls_asn2err (result); } @@ -1024,7 +1030,7 @@ gnutls_x509_dn_deinit (gnutls_x509_dn_t idn) { ASN1_TYPE dn = idn; - asn1_delete_structure(&dn); + asn1_delete_structure (&dn); } /** @@ -1246,7 +1252,7 @@ gnutls_x509_dn_export (gnutls_x509_dn_t dn, size_t * output_data_size) { ASN1_TYPE asn1 = dn; - + if (asn1 == NULL) { gnutls_assert (); @@ -1254,7 +1260,6 @@ gnutls_x509_dn_export (gnutls_x509_dn_t dn, } return _gnutls_x509_export_int_named (asn1, "rdnSequence", - format, "NAME", - output_data, - output_data_size); + format, "NAME", + output_data, output_data_size); } diff --git a/lib/x509/dsa.c b/lib/x509/dsa.c index 2abb8f5326..58a772f033 100644 --- a/lib/x509/dsa.c +++ b/lib/x509/dsa.c @@ -41,7 +41,7 @@ _gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, int bits) gcry_sexp_t parms, key, list; /* FIXME: Remove me once we depend on 1.3.1 */ - if (bits > 1024 && gcry_check_version("1.3.1")==NULL) + if (bits > 1024 && gcry_check_version ("1.3.1") == NULL) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; diff --git a/lib/x509/extensions.c b/lib/x509/extensions.c index af3b0fc5f8..47c02b637b 100644 --- a/lib/x509/extensions.c +++ b/lib/x509/extensions.c @@ -64,7 +64,7 @@ _gnutls_x509_crt_get_extension (gnutls_x509_crt_t cert, { k++; - snprintf( name, sizeof(name), "tbsCertificate.extensions.?%u", k); + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u", k); len = sizeof (str) - 1; result = asn1_read_value (cert->cert, name, str, &len); @@ -188,7 +188,7 @@ _gnutls_x509_crt_get_extension_oid (gnutls_x509_crt_t cert, { k++; - snprintf( name, sizeof(name), "tbsCertificate.extensions.?%u", k); + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u", k); len = sizeof (str) - 1; result = asn1_read_value (cert->cert, name, str, &len); @@ -326,7 +326,7 @@ overwrite_extension (ASN1_TYPE asn, unsigned int indx, const char *str; int result; - snprintf( name, sizeof(name), "tbsCertificate.extensions.?%u", indx); + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u", indx); if (critical == 0) str = "FALSE"; @@ -379,7 +379,7 @@ _gnutls_x509_crt_set_extension (gnutls_x509_crt_t cert, { k++; - snprintf( name, sizeof(name), "tbsCertificate.extensions.?%u", k); + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u", k); len = sizeof (extnID) - 1; result = asn1_read_value (cert->cert, name, extnID, &len); @@ -523,7 +523,7 @@ _gnutls_x509_ext_extract_basicConstraints (int *CA, *pathLenConstraint = -1; else if (result != GNUTLS_E_SUCCESS) { - gnutls_assert(); + gnutls_assert (); asn1_delete_structure (&ext); return _gnutls_asn2err (result); } @@ -951,9 +951,8 @@ int _gnutls_x509_ext_extract_proxyCertInfo (int *pathLenConstraint, char **policyLanguage, char **policy, - size_t *sizeof_policy, - opaque * extnValue, - int extnValueLen) + size_t * sizeof_policy, + opaque * extnValue, int extnValueLen) { ASN1_TYPE ext = ASN1_TYPE_EMPTY; int result; diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c index 1ff3f65ccf..9ae61ee70e 100644 --- a/lib/x509/mpi.c +++ b/lib/x509/mpi.c @@ -154,7 +154,7 @@ _gnutls_x509_read_dsa_params (opaque * der, int dersize, bigint_t * params) */ int -_gnutls_x509_read_der_int (opaque * der, int dersize, bigint_t * out) +_gnutls_x509_read_der_int (opaque * der, int dersize, bigint_t * out) { int result; ASN1_TYPE spk = ASN1_TYPE_EMPTY; @@ -199,7 +199,7 @@ _gnutls_x509_read_der_int (opaque * der, int dersize, bigint_t * out) int _gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, bigint_t * params) { - return _gnutls_x509_read_der_int( der, dersize, ¶ms[3]); + return _gnutls_x509_read_der_int (der, dersize, ¶ms[3]); } @@ -219,8 +219,9 @@ _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert, /* Read the algorithm's parameters */ - result = _gnutls_x509_read_value( cert->cert, - "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey", &tmp, 2); + result = _gnutls_x509_read_value (cert->cert, + "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey", + &tmp, 2); if (result < 0) { @@ -242,7 +243,8 @@ _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert, goto error; } - if ((result = _gnutls_x509_read_rsa_params (tmp.data, tmp.size, params)) < 0) + if ((result = + _gnutls_x509_read_rsa_params (tmp.data, tmp.size, params)) < 0) { gnutls_assert (); goto error; @@ -265,7 +267,8 @@ _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert, goto error; } - if ((result = _gnutls_x509_read_dsa_pubkey (tmp.data, tmp.size, params)) < 0) + if ((result = + _gnutls_x509_read_dsa_pubkey (tmp.data, tmp.size, params)) < 0) { gnutls_assert (); goto error; @@ -273,11 +276,11 @@ _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert, /* Now read the parameters */ - _gnutls_free_datum( &tmp); + _gnutls_free_datum (&tmp); result = _gnutls_x509_read_value (cert->cert, - "tbsCertificate.subjectPublicKeyInfo.algorithm.parameters", - &tmp, 0); + "tbsCertificate.subjectPublicKeyInfo.algorithm.parameters", + &tmp, 0); /* FIXME: If the parameters are not included in the certificate * then the issuer's parameters should be used. This is not @@ -290,7 +293,8 @@ _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert, goto error; } - if ((result = _gnutls_x509_read_dsa_params (tmp.data, tmp.size, params)) < 0) + if ((result = + _gnutls_x509_read_dsa_params (tmp.data, tmp.size, params)) < 0) { gnutls_assert (); goto error; @@ -309,9 +313,9 @@ _gnutls_x509_crt_get_mpis (gnutls_x509_crt_t cert, } result = 0; - + error: - _gnutls_free_datum( &tmp); + _gnutls_free_datum (&tmp); return result; } @@ -384,8 +388,8 @@ cleanup: int _gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name, gnutls_pk_algorithm_t pk_algorithm, - gnutls_digest_algorithm_t dig, bigint_t * params, - int params_size) + gnutls_digest_algorithm_t dig, + bigint_t * params, int params_size) { gnutls_datum_t der; int result; diff --git a/lib/x509/output.c b/lib/x509/output.c index c0fd18a4fd..d178107008 100644 --- a/lib/x509/output.c +++ b/lib/x509/output.c @@ -395,8 +395,9 @@ print_san (gnutls_string * str, gnutls_x509_crt_t cert) size_t size = 0; int err; - err = gnutls_x509_crt_get_subject_alt_name (cert, san_idx, buffer, &size, - NULL); + err = + gnutls_x509_crt_get_subject_alt_name (cert, san_idx, buffer, &size, + NULL); if (err == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE) break; if (err != GNUTLS_E_SHORT_MEMORY_BUFFER) @@ -883,7 +884,9 @@ print_cert (gnutls_string * str, gnutls_x509_crt_t cert, int notsigned) } if (err == GNUTLS_SIGN_RSA_MD5 || err == GNUTLS_SIGN_RSA_MD2) { - addf (str, _("warning: signed using a broken signature algorithm that can be forged.\n")); + addf (str, + _ + ("warning: signed using a broken signature algorithm that can be forged.\n")); } err = gnutls_x509_crt_get_signature (cert, buffer, &size); @@ -921,7 +924,7 @@ print_fingerprint (gnutls_string * str, gnutls_x509_crt_t cert, { int err; char buffer[MAX_HASH_SIZE]; - size_t size = sizeof(buffer); + size_t size = sizeof (buffer); err = gnutls_x509_crt_get_fingerprint (cert, algo, buffer, &size); if (err < 0) @@ -1063,8 +1066,7 @@ print_oneline (gnutls_string * str, gnutls_x509_crt_t cert) int err; err = gnutls_x509_crt_get_proxy (cert, NULL, - &pathlen, &policyLanguage, - NULL, NULL); + &pathlen, &policyLanguage, NULL, NULL); if (err == 0) { addf (str, "proxy certificate (policy="); @@ -1125,7 +1127,7 @@ print_oneline (gnutls_string * str, gnutls_x509_crt_t cert) int gnutls_x509_crt_print (gnutls_x509_crt_t cert, gnutls_certificate_print_formats_t format, - gnutls_datum_t *out) + gnutls_datum_t * out) { gnutls_string str; @@ -1166,9 +1168,7 @@ gnutls_x509_crt_print (gnutls_x509_crt_t cert, } static void -print_crl (gnutls_string *str, - gnutls_x509_crl_t crl, - int notsigned) +print_crl (gnutls_string * str, gnutls_x509_crl_t crl, int notsigned) { /* Version. */ { @@ -1293,7 +1293,9 @@ print_crl (gnutls_string *str, } if (err == GNUTLS_SIGN_RSA_MD5 || err == GNUTLS_SIGN_RSA_MD2) { - addf (str, _("warning: signed using a broken signature algorithm that can be forged.\n")); + addf (str, + _ + ("warning: signed using a broken signature algorithm that can be forged.\n")); } err = gnutls_x509_crl_get_signature (crl, buffer, &size); @@ -1342,7 +1344,7 @@ print_crl (gnutls_string *str, int gnutls_x509_crl_print (gnutls_x509_crl_t crl, gnutls_certificate_print_formats_t format, - gnutls_datum_t *out) + gnutls_datum_t * out) { gnutls_string str; diff --git a/lib/x509/pbkdf2-sha1.c b/lib/x509/pbkdf2-sha1.c index 7ab7a3f439..37f2bbb993 100644 --- a/lib/x509/pbkdf2-sha1.c +++ b/lib/x509/pbkdf2-sha1.c @@ -51,9 +51,8 @@ int _gnutls_pbkdf2_sha1 (const char *P, size_t Plen, - const char *S, size_t Slen, - unsigned int c, - char *DK, size_t dkLen) + const char *S, size_t Slen, + unsigned int c, char *DK, size_t dkLen) { unsigned int hLen = 20; char U[20]; @@ -69,13 +68,13 @@ _gnutls_pbkdf2_sha1 (const char *P, size_t Plen, if (c == 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } if (dkLen == 0) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } /* @@ -87,8 +86,8 @@ _gnutls_pbkdf2_sha1 (const char *P, size_t Plen, */ if (dkLen > 4294967295U) - { - gnutls_assert(); + { + gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } @@ -152,7 +151,7 @@ _gnutls_pbkdf2_sha1 (const char *P, size_t Plen, tmp = gnutls_malloc (tmplen); if (tmp == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } @@ -171,10 +170,11 @@ _gnutls_pbkdf2_sha1 (const char *P, size_t Plen, tmp[Slen + 2] = (i & 0x0000ff00) >> 8; tmp[Slen + 3] = (i & 0x000000ff) >> 0; - rc = _gnutls_hmac_fast( GNUTLS_MAC_SHA1, P, Plen, tmp, tmplen, U); + rc = + _gnutls_hmac_fast (GNUTLS_MAC_SHA1, P, Plen, tmp, tmplen, U); } else - rc = _gnutls_hmac_fast( GNUTLS_MAC_SHA1, P, Plen, U, hLen, U); + rc = _gnutls_hmac_fast (GNUTLS_MAC_SHA1, P, Plen, U, hLen, U); if (rc < 0) { diff --git a/lib/x509/pkcs12.c b/lib/x509/pkcs12.c index 3fc73ea9b2..f42b7fa34e 100644 --- a/lib/x509/pkcs12.c +++ b/lib/x509/pkcs12.c @@ -284,8 +284,7 @@ gnutls_pkcs12_export (gnutls_pkcs12_t pkcs12, } return _gnutls_x509_export_int (pkcs12->pkcs12, format, PEM_PKCS12, - output_data, - output_data_size); + output_data, output_data_size); } static int @@ -388,7 +387,7 @@ _pkcs12_decode_safe_contents (const gnutls_datum_t * content, for (i = 0; i < bag->bag_elements; i++) { - snprintf( root, sizeof (root), "?%u.bagId", i+1); + snprintf (root, sizeof (root), "?%u.bagId", i + 1); len = sizeof (oid); result = asn1_read_value (c2, root, oid, &len); @@ -412,7 +411,7 @@ _pkcs12_decode_safe_contents (const gnutls_datum_t * content, /* Read the Bag Value */ - snprintf( root, sizeof (root), "?%u.bagValue", i+1); + snprintf (root, sizeof (root), "?%u.bagValue", i + 1); result = _gnutls_x509_read_value (c2, root, &bag->element[i].data, 0); if (result < 0) @@ -438,7 +437,7 @@ _pkcs12_decode_safe_contents (const gnutls_datum_t * content, /* read the bag attributes */ - snprintf( root, sizeof (root), "?%u.bagAttributes", i+1); + snprintf (root, sizeof (root), "?%u.bagAttributes", i + 1); result = asn1_number_of_elements (c2, root, &attributes); if (result != ASN1_SUCCESS && result != ASN1_ELEMENT_NOT_FOUND) @@ -455,7 +454,8 @@ _pkcs12_decode_safe_contents (const gnutls_datum_t * content, for (j = 0; j < attributes; j++) { - snprintf( root, sizeof (root), "?%u.bagAttributes.?%u", i+1, j+1); + snprintf (root, sizeof (root), "?%u.bagAttributes.?%u", i + 1, + j + 1); result = _gnutls_x509_decode_and_read_attribute (c2, root, oid, @@ -606,7 +606,7 @@ gnutls_pkcs12_get_bag (gnutls_pkcs12_t pkcs12, /* Step 2. Parse the AuthenticatedSafe */ - snprintf( root2, sizeof (root2), "?%u.contentType", indx+1); + snprintf (root2, sizeof (root2), "?%u.contentType", indx + 1); len = sizeof (oid) - 1; result = asn1_read_value (c2, root2, oid, &len); @@ -627,7 +627,7 @@ gnutls_pkcs12_get_bag (gnutls_pkcs12_t pkcs12, /* Not encrypted Bag */ - snprintf( root2, sizeof (root2), "?%u.content", indx+1); + snprintf (root2, sizeof (root2), "?%u.content", indx + 1); if (strcmp (oid, DATA_OID) == 0) { @@ -910,7 +910,7 @@ gnutls_pkcs12_generate_mac (gnutls_pkcs12_t pkcs12, const char *pass) /* Generate the key. */ result = _gnutls_pkcs12_string_to_key (3 /*MAC*/, salt, sizeof (salt), - iter, pass, sizeof (key), key); + iter, pass, sizeof (key), key); if (result < 0) { gnutls_assert (); @@ -1034,7 +1034,7 @@ gnutls_pkcs12_verify_mac (gnutls_pkcs12_t pkcs12, const char *pass) /* Generate the key. */ result = _gnutls_pkcs12_string_to_key (3 /*MAC*/, salt.data, salt.size, - iter, pass, sizeof (key), key); + iter, pass, sizeof (key), key); if (result < 0) { gnutls_assert (); @@ -1134,10 +1134,12 @@ write_attributes (gnutls_pkcs12_bag_t bag, int elem, result = _gnutls_x509_encode_and_write_attribute (KEY_ID_OID, c2, root, - bag->element[elem]. - local_key_id.data, - bag->element[elem]. - local_key_id.size, 1); + bag-> + element[elem].local_key_id. + data, + bag-> + element[elem].local_key_id. + size, 1); if (result < 0) { gnutls_assert (); diff --git a/lib/x509/pkcs12_encr.c b/lib/x509/pkcs12_encr.c index 6ed78f64f5..267ed42843 100644 --- a/lib/x509/pkcs12_encr.c +++ b/lib/x509/pkcs12_encr.c @@ -54,9 +54,9 @@ _pkcs12_check_pass (const char *pass, size_t plen) */ int _gnutls_pkcs12_string_to_key (unsigned int id, const opaque * salt, - unsigned int salt_size, unsigned int iter, - const char *pw, unsigned int req_keylen, - opaque * keybuf) + unsigned int salt_size, unsigned int iter, + const char *pw, unsigned int req_keylen, + opaque * keybuf) { int rc; unsigned int i, j; @@ -67,13 +67,14 @@ _gnutls_pkcs12_string_to_key (unsigned int id, const opaque * salt, opaque hash[20], buf_b[64], buf_i[128], *p; size_t cur_keylen; size_t n; - const opaque buf_512[] = /* 2^64 */ + const opaque buf_512[] = /* 2^64 */ { 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 + }; cur_keylen = 0; @@ -94,12 +95,12 @@ _gnutls_pkcs12_string_to_key (unsigned int id, const opaque * salt, return rc; } - rc = _gnutls_mpi_scan (&mpi512, buf_512, sizeof(buf_512)); + rc = _gnutls_mpi_scan (&mpi512, buf_512, sizeof (buf_512)); if (rc < 0) { - gnutls_assert(); + gnutls_assert (); return rc; - } + } /* Store salt and password in BUF_I */ p = buf_i; @@ -131,19 +132,19 @@ _gnutls_pkcs12_string_to_key (unsigned int id, const opaque * salt, unsigned char lid = id & 0xFF; _gnutls_hash (&md, &lid, 1); } - _gnutls_hash( &md, buf_i, pw ? 128 : 64); - _gnutls_hash_deinit( &md, hash); + _gnutls_hash (&md, buf_i, pw ? 128 : 64); + _gnutls_hash_deinit (&md, hash); for (i = 1; i < iter; i++) - { - rc = _gnutls_hash_init (&md, GNUTLS_MAC_SHA1); - if (rc < 0) - { - gnutls_assert(); - goto cleanup; - } - _gnutls_hash( &md, hash, 20); - _gnutls_hash_deinit( &md, hash); - } + { + rc = _gnutls_hash_init (&md, GNUTLS_MAC_SHA1); + if (rc < 0) + { + gnutls_assert (); + goto cleanup; + } + _gnutls_hash (&md, hash, 20); + _gnutls_hash_deinit (&md, hash); + } for (i = 0; i < 20 && cur_keylen < req_keylen; i++) keybuf[cur_keylen++] = hash[i]; if (cur_keylen == req_keylen) @@ -187,7 +188,7 @@ cleanup: _gnutls_mpi_release (&num_ij); _gnutls_mpi_release (&num_b1); _gnutls_mpi_release (&mpi512); - + return rc; } diff --git a/lib/x509/pkcs7.c b/lib/x509/pkcs7.c index 02b7305e9b..882ba27d1f 100644 --- a/lib/x509/pkcs7.c +++ b/lib/x509/pkcs7.c @@ -303,7 +303,7 @@ gnutls_pkcs7_get_crt_raw (gnutls_pkcs7_t pkcs7, /* Step 2. Parse the CertificateSet */ - snprintf( root2, sizeof(root2), "certificates.?%u", indx+1); + snprintf (root2, sizeof (root2), "certificates.?%u", indx + 1); len = sizeof (oid) - 1; @@ -440,8 +440,7 @@ gnutls_pkcs7_export (gnutls_pkcs7_t pkcs7, return GNUTLS_E_INVALID_REQUEST; return _gnutls_x509_export_int (pkcs7->pkcs7, format, PEM_PKCS7, - output_data, - output_data_size); + output_data, output_data_size); } /* Creates an empty signed data structure in the pkcs7 @@ -692,7 +691,7 @@ gnutls_pkcs7_delete_crt (gnutls_pkcs7_t pkcs7, int indx) /* Step 2. Delete the certificate. */ - snprintf( root2, sizeof(root2), "certificates.?%u", indx+1); + snprintf (root2, sizeof (root2), "certificates.?%u", indx + 1); result = asn1_write_value (c2, root2, NULL, 0); if (result != ASN1_SUCCESS) @@ -765,7 +764,7 @@ gnutls_pkcs7_get_crl_raw (gnutls_pkcs7_t pkcs7, /* Step 2. Parse the CertificateSet */ - snprintf( root2, sizeof(root2), "crls.?%u", indx+1); + snprintf (root2, sizeof (root2), "crls.?%u", indx + 1); /* Get the raw CRL */ @@ -1002,7 +1001,7 @@ gnutls_pkcs7_delete_crl (gnutls_pkcs7_t pkcs7, int indx) /* Step 2. Delete the crl. */ - snprintf( root2, sizeof(root2), "crls.?%u", indx+1); + snprintf (root2, sizeof (root2), "crls.?%u", indx + 1); result = asn1_write_value (c2, root2, NULL, 0); if (result != ASN1_SUCCESS) diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 61a95d212b..45e8b73962 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -159,7 +159,7 @@ _gnutls_privkey_decode_pkcs1_rsa_key (const gnutls_datum_t * raw_key, ASN1_TYPE pkey_asn; bigint_t temp_params[RSA_PRIVATE_PARAMS]; gnutls_pk_params_st pk_params; - + pk_params.params = temp_params; pk_params.params_nr = RSA_PRIVATE_PARAMS; @@ -231,13 +231,13 @@ _gnutls_privkey_decode_pkcs1_rsa_key (const gnutls_datum_t * raw_key, } - result = _gnutls_pk_fixup( GNUTLS_PK_RSA, GNUTLS_IMPORT, &pk_params); + result = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_IMPORT, &pk_params); if (result < 0) { - gnutls_assert(); + gnutls_assert (); goto error; } - + pkey->params[0] = pk_params.params[0]; pkey->params[1] = pk_params.params[1]; pkey->params[2] = pk_params.params[2]; @@ -410,12 +410,14 @@ gnutls_x509_privkey_import (gnutls_x509_privkey_t key, if (key->pk_algorithm == GNUTLS_PK_RSA) { key->key = _gnutls_privkey_decode_pkcs1_rsa_key (&_data, key); - if (key->key == NULL) gnutls_assert(); + if (key->key == NULL) + gnutls_assert (); } else if (key->pk_algorithm == GNUTLS_PK_DSA) { key->key = decode_dsa_key (&_data, key); - if (key->key == NULL) gnutls_assert(); + if (key->key == NULL) + gnutls_assert (); } else { @@ -427,9 +429,10 @@ gnutls_x509_privkey_import (gnutls_x509_privkey_t key, if (key->key == NULL) { - key->pk_algorithm = GNUTLS_PK_DSA; - key->key = decode_dsa_key (&_data, key); - if (key->key == NULL) gnutls_assert(); + key->pk_algorithm = GNUTLS_PK_DSA; + key->key = decode_dsa_key (&_data, key); + if (key->key == NULL) + gnutls_assert (); } } @@ -490,7 +493,7 @@ gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key, size_t siz = 0; bigint_t temp_params[RSA_PRIVATE_PARAMS]; gnutls_pk_params_st pk_params; - + pk_params.params = temp_params; pk_params.params_nr = RSA_PRIVATE_PARAMS; @@ -548,10 +551,10 @@ gnutls_x509_privkey_import_rsa_raw (gnutls_x509_privkey_t key, return GNUTLS_E_MPI_SCAN_FAILED; } - ret = _gnutls_pk_fixup( GNUTLS_PK_RSA, GNUTLS_IMPORT, &pk_params); + ret = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_IMPORT, &pk_params); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); FREE_RSA_PRIVATE_PARAMS; return ret; } @@ -765,8 +768,7 @@ gnutls_x509_privkey_export (gnutls_x509_privkey_t key, } return _gnutls_x509_export_int (key->key, format, msg, - output_data, - output_data_size); + output_data, output_data_size); } /** @@ -803,18 +805,18 @@ gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key, m->data = e->data = d->data = p->data = q->data = u->data = NULL; m->size = e->size = d->size = p->size = q->size = u->size = 0; - - ret = _gnutls_pk_params_copy( &pk_params, key->params, RSA_PRIVATE_PARAMS); + + ret = _gnutls_pk_params_copy (&pk_params, key->params, RSA_PRIVATE_PARAMS); if (ret < 0) { gnutls_assert (); return ret; } - - ret = _gnutls_pk_fixup( GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params); + + ret = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); goto error; } @@ -865,7 +867,7 @@ gnutls_x509_privkey_export_rsa_raw (gnutls_x509_privkey_t key, goto error; } - gnutls_pk_params_release( &pk_params); + gnutls_pk_params_release (&pk_params); return 0; @@ -875,7 +877,7 @@ error: _gnutls_free_datum (e); _gnutls_free_datum (p); _gnutls_free_datum (q); - gnutls_pk_params_release( &pk_params); + gnutls_pk_params_release (&pk_params); return ret; } @@ -988,17 +990,17 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t * params) total += size[i]; } - result = _gnutls_pk_params_copy( &pk_params, params, RSA_PRIVATE_PARAMS); + result = _gnutls_pk_params_copy (&pk_params, params, RSA_PRIVATE_PARAMS); if (result < 0) { gnutls_assert (); return result; } - - result = _gnutls_pk_fixup( GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params); + + result = _gnutls_pk_fixup (GNUTLS_PK_RSA, GNUTLS_EXPORT, &pk_params); if (result < 0) { - gnutls_assert(); + gnutls_assert (); goto cleanup; } @@ -1167,7 +1169,7 @@ _gnutls_asn1_encode_rsa (ASN1_TYPE * c2, bigint_t * params) _gnutls_mpi_release (&exp2); _gnutls_mpi_release (&q1); _gnutls_mpi_release (&p1); - gnutls_pk_params_release( &pk_params); + gnutls_pk_params_release (&pk_params); gnutls_free (all_data); if ((result = asn1_write_value (*c2, "otherPrimeInfos", @@ -1192,7 +1194,7 @@ cleanup: _gnutls_mpi_release (&exp2); _gnutls_mpi_release (&q1); _gnutls_mpi_release (&p1); - gnutls_pk_params_release( &pk_params); + gnutls_pk_params_release (&pk_params); asn1_delete_structure (c2); gnutls_free (all_data); diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 1e7e5d62fc..d424ce266b 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -692,9 +692,10 @@ read_pkcs_schema_params (schema_id schema, const char *password, { result = _gnutls_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt, - kdf_params->salt_size, - kdf_params->iter_count, password, - enc_params->iv_size, enc_params->iv); + kdf_params->salt_size, + kdf_params->iter_count, password, + enc_params->iv_size, + enc_params->iv); if (result < 0) { gnutls_assert (); @@ -1490,8 +1491,8 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn, if (schema == PBES2) { result = _gnutls_pbkdf2_sha1 (password, strlen (password), - kdf_params->salt, kdf_params->salt_size, - kdf_params->iter_count, key, key_size); + kdf_params->salt, kdf_params->salt_size, + kdf_params->iter_count, key, key_size); if (result < 0) { @@ -1503,9 +1504,9 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn, { result = _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt, - kdf_params->salt_size, - kdf_params->iter_count, password, - key_size, key); + kdf_params->salt_size, + kdf_params->iter_count, password, + key_size, key); if (result < 0) { @@ -1531,7 +1532,7 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn, gnutls_assert (); goto error; } - + ch_init = 1; result = _gnutls_cipher_decrypt (&ch, data, data_size); @@ -1752,7 +1753,7 @@ generate_key (schema_id schema, else if (schema == PKCS12_RC2_40_SHA1) enc_params->cipher = GNUTLS_CIPHER_RC2_40_CBC; - ret = _gnutls_rnd( RND_RANDOM, rnd, 2); + ret = _gnutls_rnd (RND_RANDOM, rnd, 2); if (ret < 0) { gnutls_assert (); @@ -1767,8 +1768,8 @@ generate_key (schema_id schema, else kdf_params->salt_size = 8; - ret = _gnutls_rnd ( RND_RANDOM, kdf_params->salt, kdf_params->salt_size); - if ( ret < 0) + ret = _gnutls_rnd (RND_RANDOM, kdf_params->salt, kdf_params->salt_size); + if (ret < 0) { gnutls_assert (); return GNUTLS_E_RANDOM_FAILED; @@ -1794,9 +1795,9 @@ generate_key (schema_id schema, { ret = _gnutls_pbkdf2_sha1 (password, strlen (password), - kdf_params->salt, kdf_params->salt_size, - kdf_params->iter_count, - key->data, kdf_params->key_size); + kdf_params->salt, kdf_params->salt_size, + kdf_params->iter_count, + key->data, kdf_params->key_size); if (ret < 0) { gnutls_assert (); @@ -1804,22 +1805,22 @@ generate_key (schema_id schema, } if (enc_params->iv_size) - { + { ret = _gnutls_rnd (RND_NONCE, enc_params->iv, enc_params->iv_size); if (ret < 0) - { + { gnutls_assert (); return ret; } - } + } } else { /* PKCS12 schemas */ ret = _gnutls_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt, - kdf_params->salt_size, - kdf_params->iter_count, password, - kdf_params->key_size, key->data); + kdf_params->salt_size, + kdf_params->iter_count, password, + kdf_params->key_size, key->data); if (ret < 0) { gnutls_assert (); @@ -1832,9 +1833,10 @@ generate_key (schema_id schema, { ret = _gnutls_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt, - kdf_params->salt_size, - kdf_params->iter_count, password, - enc_params->iv_size, enc_params->iv); + kdf_params->salt_size, + kdf_params->iter_count, password, + enc_params->iv_size, + enc_params->iv); if (ret < 0) { gnutls_assert (); diff --git a/lib/x509/rfc2818_hostname.c b/lib/x509/rfc2818_hostname.c index ca066cd737..45cc90bb17 100644 --- a/lib/x509/rfc2818_hostname.c +++ b/lib/x509/rfc2818_hostname.c @@ -81,9 +81,9 @@ gnutls_x509_crt_check_hostname (gnutls_x509_crt_t cert, const char *hostname) } else if (ret == GNUTLS_SAN_IPADDRESS) { - found_dnsname = 1; /* RFC 2818 is unclear whether the CN - should be compared for IP addresses - too, but we won't do it. */ + found_dnsname = 1; /* RFC 2818 is unclear whether the CN + should be compared for IP addresses + too, but we won't do it. */ if (_gnutls_hostname_compare (dnsname, hostname)) { return 1; diff --git a/lib/x509/sign.c b/lib/x509/sign.c index 79ebda0425..53e223c47e 100644 --- a/lib/x509/sign.c +++ b/lib/x509/sign.c @@ -56,7 +56,7 @@ encode_ber_digest_info (gnutls_digest_algorithm_t hash, if (algo == NULL) { gnutls_assert (); - _gnutls_x509_log("Hash algorithm: %d\n", hash); + _gnutls_x509_log ("Hash algorithm: %d\n", hash); return GNUTLS_E_UNKNOWN_PK_ALGORITHM; } diff --git a/lib/x509/x509.c b/lib/x509/x509.c index e621cdef65..8ee8105167 100644 --- a/lib/x509/x509.c +++ b/lib/x509/x509.c @@ -54,8 +54,7 @@ gnutls_x509_crt_init (gnutls_x509_crt_t * cert) return GNUTLS_E_MEMORY_ERROR; result = asn1_create_element (_gnutls_get_pkix (), - "PKIX1.Certificate", - &tmp->cert); + "PKIX1.Certificate", &tmp->cert); if (result != ASN1_SUCCESS) { gnutls_assert (); @@ -506,7 +505,7 @@ gnutls_x509_crt_get_signature_algorithm (gnutls_x509_crt_t cert) **/ int gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, - char *sig, size_t *sizeof_sig) + char *sig, size_t * sizeof_sig) { int result; int bits, len; @@ -533,7 +532,7 @@ gnutls_x509_crt_get_signature (gnutls_x509_crt_t cert, len = bits / 8; - if (*sizeof_sig < (unsigned int)len) + if (*sizeof_sig < (unsigned int) len) { *sizeof_sig = bits / 8; return GNUTLS_E_SHORT_MEMORY_BUFFER; @@ -890,13 +889,14 @@ gnutls_x509_crt_get_pk_algorithm (gnutls_x509_crt_t cert, unsigned int *bits) } -inline static int is_type_printable(int type) +inline static int +is_type_printable (int type) { - if (type == GNUTLS_SAN_DNSNAME || type == GNUTLS_SAN_RFC822NAME || - type == GNUTLS_SAN_URI) - return 1; - else - return 0; + if (type == GNUTLS_SAN_DNSNAME || type == GNUTLS_SAN_RFC822NAME || + type == GNUTLS_SAN_URI) + return 1; + else + return 0; } #define XMPP_OID "1.3.6.1.5.5.7.8.5" @@ -906,8 +906,8 @@ inline static int is_type_printable(int type) */ static int parse_general_name (ASN1_TYPE src, const char *src_name, - int seq, void *name, size_t * name_size, - unsigned int* ret_type, int othername_oid) + int seq, void *name, size_t * name_size, + unsigned int *ret_type, int othername_oid) { unsigned int len; char nptr[MAX_NAME_SIZE]; @@ -917,11 +917,11 @@ parse_general_name (ASN1_TYPE src, const char *src_name, seq++; /* 0->1, 1->2 etc */ - if ( src_name[0] != 0) - snprintf( nptr, sizeof(nptr), "%s.?%u", src_name, seq); + if (src_name[0] != 0) + snprintf (nptr, sizeof (nptr), "%s.?%u", src_name, seq); else - snprintf( nptr, sizeof(nptr), "?%u", seq); - + snprintf (nptr, sizeof (nptr), "?%u", seq); + len = sizeof (choice_type); result = asn1_read_value (src, nptr, choice_type, &len); @@ -943,7 +943,7 @@ parse_general_name (ASN1_TYPE src, const char *src_name, gnutls_assert (); return GNUTLS_E_X509_UNKNOWN_SAN; } - + if (ret_type) *ret_type = type; @@ -976,11 +976,11 @@ parse_general_name (ASN1_TYPE src, const char *src_name, { char oid[42]; - if ( src_name[0] != 0) - snprintf( nptr, sizeof(nptr), "%s.?%u.otherName.type-id", + if (src_name[0] != 0) + snprintf (nptr, sizeof (nptr), "%s.?%u.otherName.type-id", src_name, seq); else - snprintf( nptr, sizeof(nptr), "?%u.otherName.type-id", seq); + snprintf (nptr, sizeof (nptr), "?%u.otherName.type-id", seq); len = sizeof (oid); result = asn1_read_value (src, nptr, oid, &len); @@ -1037,7 +1037,7 @@ parse_general_name (ASN1_TYPE src, const char *src_name, else { size_t orig_name_size = *name_size; - + _gnutls_str_cat (nptr, sizeof (nptr), "."); _gnutls_str_cat (nptr, sizeof (nptr), choice_type); @@ -1045,10 +1045,12 @@ parse_general_name (ASN1_TYPE src, const char *src_name, result = asn1_read_value (src, nptr, name, &len); *name_size = len; - if (result == ASN1_MEM_ERROR) { - if (is_type_printable(type)) (*name_size)++; - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } + if (result == ASN1_MEM_ERROR) + { + if (is_type_printable (type)) + (*name_size)++; + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } if (result != ASN1_SUCCESS) { @@ -1056,19 +1058,19 @@ parse_general_name (ASN1_TYPE src, const char *src_name, return _gnutls_asn2err (result); } - if (is_type_printable(type)) - { - - if (len+1 > orig_name_size) - { - gnutls_assert(); - (*name_size)++; - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } + if (is_type_printable (type)) + { - /* null terminate it */ - ((char*)name)[*name_size] = 0; - } + if (len + 1 > orig_name_size) + { + gnutls_assert (); + (*name_size)++; + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } + + /* null terminate it */ + ((char *) name)[*name_size] = 0; + } } @@ -1079,8 +1081,7 @@ static int get_subject_alt_name (gnutls_x509_crt_t cert, unsigned int seq, void *ret, size_t * ret_size, unsigned int *ret_type, - unsigned int *critical, - int othername_oid) + unsigned int *critical, int othername_oid) { int result; gnutls_datum_t dnsname; @@ -1130,7 +1131,8 @@ get_subject_alt_name (gnutls_x509_crt_t cert, return _gnutls_asn2err (result); } - result = parse_general_name (c2, "", seq, ret, ret_size, ret_type, othername_oid); + result = + parse_general_name (c2, "", seq, ret, ret_size, ret_type, othername_oid); asn1_delete_structure (&c2); @@ -1206,12 +1208,13 @@ gnutls_x509_crt_get_subject_alt_name (gnutls_x509_crt_t cert, **/ int gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert, - unsigned int seq, void *ret, - size_t * ret_size, - unsigned int* ret_type, - unsigned int *critical) + unsigned int seq, void *ret, + size_t * ret_size, + unsigned int *ret_type, + unsigned int *critical) { - return get_subject_alt_name (cert, seq, ret, ret_size, ret_type, critical, 0); + return get_subject_alt_name (cert, seq, ret, ret_size, ret_type, critical, + 0); } /** @@ -1243,8 +1246,7 @@ gnutls_x509_crt_get_subject_alt_name2 (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert, unsigned int seq, - void *ret, - size_t * ret_size) + void *ret, size_t * ret_size) { return get_subject_alt_name (cert, seq, ret, ret_size, NULL, NULL, 1); } @@ -1272,8 +1274,7 @@ gnutls_x509_crt_get_subject_alt_othername_oid (gnutls_x509_crt_t cert, int gnutls_x509_crt_get_basic_constraints (gnutls_x509_crt_t cert, unsigned int *critical, - int *ca, - int *pathlen) + int *ca, int *pathlen) { int result; gnutls_datum_t basicConstraints; @@ -1338,7 +1339,8 @@ int gnutls_x509_crt_get_ca_status (gnutls_x509_crt_t cert, unsigned int *critical) { int ca, pathlen; - return gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, &pathlen); + return gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, + &pathlen); } /** @@ -1426,8 +1428,7 @@ gnutls_x509_crt_get_proxy (gnutls_x509_crt_t cert, unsigned int *critical, int *pathlen, char **policyLanguage, - char **policy, - size_t *sizeof_policy) + char **policy, size_t * sizeof_policy) { int result; gnutls_datum_t proxyCertInfo; @@ -1608,13 +1609,13 @@ gnutls_x509_crt_get_extension_info (gnutls_x509_crt_t cert, int indx, return GNUTLS_E_INVALID_REQUEST; } - snprintf (name, sizeof(name), "tbsCertificate.extensions.?%u.extnID", + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u.extnID", indx + 1); len = *sizeof_oid; result = asn1_read_value (cert->cert, name, oid, &len); *sizeof_oid = len; - + if (result == ASN1_ELEMENT_NOT_FOUND) return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; else if (result < 0) @@ -1623,7 +1624,7 @@ gnutls_x509_crt_get_extension_info (gnutls_x509_crt_t cert, int indx, return _gnutls_asn2err (result); } - snprintf (name, sizeof(name), "tbsCertificate.extensions.?%u.critical", + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u.critical", indx + 1); len = sizeof (str_critical); result = asn1_read_value (cert->cert, name, str_critical, &len); @@ -1678,13 +1679,13 @@ gnutls_x509_crt_get_extension_data (gnutls_x509_crt_t cert, int indx, return GNUTLS_E_INVALID_REQUEST; } - snprintf (name, sizeof(name), "tbsCertificate.extensions.?%u.extnValue", + snprintf (name, sizeof (name), "tbsCertificate.extensions.?%u.extnValue", indx + 1); - + len = *sizeof_data; result = asn1_read_value (cert->cert, name, data, &len); *sizeof_data = len; - + if (result == ASN1_ELEMENT_NOT_FOUND) return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; else if (result < 0) @@ -1793,9 +1794,9 @@ gnutls_x509_crt_get_raw_dn (gnutls_x509_crt_t cert, gnutls_datum_t * start) } static int -get_dn (gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t *dn) +get_dn (gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t * dn) { - *dn = asn1_find_node(cert->cert, whom); + *dn = asn1_find_node (cert->cert, whom); if (!*dn) return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND; return 0; @@ -1816,8 +1817,7 @@ get_dn (gnutls_x509_crt_t cert, const char *whom, gnutls_x509_dn_t *dn) * Returns: Returns 0 on success, or an error code. **/ int -gnutls_x509_crt_get_subject (gnutls_x509_crt_t cert, - gnutls_x509_dn_t *dn) +gnutls_x509_crt_get_subject (gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn) { return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn); } @@ -1837,8 +1837,7 @@ gnutls_x509_crt_get_subject (gnutls_x509_crt_t cert, * Returns: Returns 0 on success, or an error code. **/ int -gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert, - gnutls_x509_dn_t *dn) +gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert, gnutls_x509_dn_t * dn) { return get_dn (cert, "tbsCertificate.issuer.rdnSequence", dn); } @@ -1861,9 +1860,7 @@ gnutls_x509_crt_get_issuer (gnutls_x509_crt_t cert, **/ int gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, - int irdn, - int iava, - gnutls_x509_ava_st *ava) + int irdn, int iava, gnutls_x509_ava_st * ava) { ASN1_TYPE rdn, elem; long len; @@ -1871,17 +1868,18 @@ gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, char rbuf[MAX_NAME_SIZE]; unsigned char cls, *ptr; - iava++; irdn++; /* 0->1, 1->2 etc */ + iava++; + irdn++; /* 0->1, 1->2 etc */ - snprintf (rbuf, sizeof(rbuf), "rdnSequence.?%d.?%d", irdn, iava); + snprintf (rbuf, sizeof (rbuf), "rdnSequence.?%d.?%d", irdn, iava); rdn = asn1_find_node (dn, rbuf); if (!rdn) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_ASN1_ELEMENT_NOT_FOUND; } - snprintf (rbuf, sizeof(rbuf), "?%d.type", iava); + snprintf (rbuf, sizeof (rbuf), "?%d.type", iava); elem = asn1_find_node (rdn, rbuf); if (!elem) { @@ -1892,8 +1890,8 @@ gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, ava->oid.data = elem->value; ava->oid.size = elem->value_len; - snprintf(rbuf, sizeof(rbuf), "?%d.value", iava); - elem = asn1_find_node(rdn, rbuf); + snprintf (rbuf, sizeof (rbuf), "?%d.value", iava); + elem = asn1_find_node (rdn, rbuf); if (!elem) { gnutls_assert (); @@ -1906,7 +1904,7 @@ gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, ptr = elem->value; remlen = elem->value_len; - len = asn1_get_length_der(ptr, remlen, &lenlen); + len = asn1_get_length_der (ptr, remlen, &lenlen); if (len < 0) { gnutls_assert (); @@ -1915,7 +1913,7 @@ gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, ptr += lenlen; remlen -= lenlen; - ret = asn1_get_tag_der(ptr, remlen, &cls, &lenlen, &ava->value_tag); + ret = asn1_get_tag_der (ptr, remlen, &cls, &lenlen, &ava->value_tag); if (ret) { gnutls_assert (); @@ -1928,7 +1926,7 @@ gnutls_x509_dn_get_rdn_ava (gnutls_x509_dn_t dn, { signed long tmp; - tmp = asn1_get_length_der(ptr, remlen, &lenlen); + tmp = asn1_get_length_der (ptr, remlen, &lenlen); if (tmp < 0) { gnutls_assert (); @@ -2032,15 +2030,13 @@ gnutls_x509_crt_export (gnutls_x509_crt_t cert, } return _gnutls_x509_export_int (cert->cert, format, "CERTIFICATE", - output_data, - output_data_size); + output_data, output_data_size); } static int rsadsa_get_key_id (gnutls_x509_crt_t crt, int pk, - unsigned char *output_data, - size_t * output_data_size) + unsigned char *output_data, size_t * output_data_size) { bigint_t params[MAX_PUBLIC_PARAMS_SIZE]; int params_size = MAX_PUBLIC_PARAMS_SIZE; @@ -2090,7 +2086,7 @@ rsadsa_get_key_id (gnutls_x509_crt_t crt, int pk, result = 0; - cleanup: +cleanup: _gnutls_free_datum (&der); @@ -2154,10 +2150,10 @@ gnutls_x509_crt_get_key_id (gnutls_x509_crt_t crt, unsigned int flags, if (pk == GNUTLS_PK_RSA || pk == GNUTLS_PK_DSA) { /* This is for compatibility with what GnuTLS has printed for - RSA/DSA before the code below was added. The code below is - applicable to all types, and it would probably be a better - idea to use it for RSA/DSA too, but doing so would break - backwards compatibility. */ + RSA/DSA before the code below was added. The code below is + applicable to all types, and it would probably be a better + idea to use it for RSA/DSA too, but doing so would break + backwards compatibility. */ return rsadsa_get_key_id (crt, pk, output_data, output_data_size); } @@ -2455,7 +2451,7 @@ gnutls_x509_crt_get_crl_dist_points (gnutls_x509_crt_t cert, */ if (reason_flags) { - _gnutls_str_cpy( name, sizeof(name), "?1.reasons"); + _gnutls_str_cpy (name, sizeof (name), "?1.reasons"); reasons[0] = reasons[1] = 0; @@ -2549,7 +2545,7 @@ gnutls_x509_crt_get_key_purpose_oid (gnutls_x509_crt_t cert, indx++; /* create a string like "?1" */ - snprintf( tmpstr, sizeof(tmpstr), "?%u", indx); + snprintf (tmpstr, sizeof (tmpstr), "?%u", indx); len = *sizeof_oid; result = asn1_read_value (c2, tmpstr, oid, &len); @@ -2874,7 +2870,7 @@ gnutls_x509_crt_list_import (gnutls_x509_crt_t * certs, return GNUTLS_E_SHORT_MEMORY_BUFFER; error: - for (j=0; j < count; j++) + for (j = 0; j < count; j++) gnutls_x509_crt_deinit (certs[j]); return ret; } diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index e7381ae5ac..5fa34e87f3 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -134,7 +134,7 @@ gnutls_x509_crt_set_issuer_dn_by_oid (gnutls_x509_crt_t crt, * negative error value. **/ int -gnutls_x509_crt_set_proxy_dn (gnutls_x509_crt_t crt,gnutls_x509_crt_t eecrt, +gnutls_x509_crt_set_proxy_dn (gnutls_x509_crt_t crt, gnutls_x509_crt_t eecrt, unsigned int raw_flag, const void *name, unsigned int sizeof_name) { @@ -351,8 +351,7 @@ gnutls_x509_crt_set_extension_by_oid (gnutls_x509_crt_t crt, **/ int gnutls_x509_crt_set_basic_constraints (gnutls_x509_crt_t crt, - unsigned int ca, - int pathLenConstraint) + unsigned int ca, int pathLenConstraint) { int result; gnutls_datum_t der_data; @@ -537,8 +536,7 @@ int gnutls_x509_crt_set_proxy (gnutls_x509_crt_t crt, int pathLenConstraint, const char *policyLanguage, - const char *policy, - size_t sizeof_policy) + const char *policy, size_t sizeof_policy) { int result; gnutls_datum_t der_data; diff --git a/libextra/gnutls_openssl.c b/libextra/gnutls_openssl.c index a0628c9391..cbe30e52d5 100644 --- a/libextra/gnutls_openssl.c +++ b/libextra/gnutls_openssl.c @@ -1003,23 +1003,23 @@ RAND_egd_bytes (const char *path, int bytes) void MD5_Init (MD5_CTX * ctx) { - ctx->handle = gnutls_malloc( sizeof(digest_hd_st)); + ctx->handle = gnutls_malloc (sizeof (digest_hd_st)); if (!ctx->handle) - abort(); - _gnutls_hash_init( ctx->handle, GNUTLS_DIG_MD5); + abort (); + _gnutls_hash_init (ctx->handle, GNUTLS_DIG_MD5); } void MD5_Update (MD5_CTX * ctx, const void *buf, int len) { - _gnutls_hash( ctx->handle, buf, len); + _gnutls_hash (ctx->handle, buf, len); } void MD5_Final (unsigned char *md, MD5_CTX * ctx) { - _gnutls_hash_deinit( ctx->handle, md); - gnutls_free(ctx->handle); + _gnutls_hash_deinit (ctx->handle, md); + gnutls_free (ctx->handle); } unsigned char * @@ -1028,7 +1028,7 @@ MD5 (const unsigned char *buf, unsigned long len, unsigned char *md) if (!md) return NULL; - _gnutls_hash_fast( GNUTLS_DIG_MD5, buf, len, md); + _gnutls_hash_fast (GNUTLS_DIG_MD5, buf, len, md); return md; } @@ -1036,23 +1036,23 @@ MD5 (const unsigned char *buf, unsigned long len, unsigned char *md) void RIPEMD160_Init (RIPEMD160_CTX * ctx) { - ctx->handle = gnutls_malloc( sizeof(digest_hd_st)); + ctx->handle = gnutls_malloc (sizeof (digest_hd_st)); if (!ctx->handle) - abort(); - _gnutls_hash_init( ctx->handle, GNUTLS_DIG_RMD160); + abort (); + _gnutls_hash_init (ctx->handle, GNUTLS_DIG_RMD160); } void RIPEMD160_Update (RIPEMD160_CTX * ctx, const void *buf, int len) { - _gnutls_hash( ctx->handle, buf, len); + _gnutls_hash (ctx->handle, buf, len); } void RIPEMD160_Final (unsigned char *md, RIPEMD160_CTX * ctx) { - _gnutls_hash_deinit( ctx->handle, md); - gnutls_free(ctx->handle); + _gnutls_hash_deinit (ctx->handle, md); + gnutls_free (ctx->handle); } unsigned char * @@ -1061,7 +1061,7 @@ RIPEMD160 (const unsigned char *buf, unsigned long len, unsigned char *md) if (!md) return NULL; - _gnutls_hash_fast( GNUTLS_DIG_RMD160, buf, len, md); + _gnutls_hash_fast (GNUTLS_DIG_RMD160, buf, len, md); return md; } diff --git a/src/certtool-cfg.c b/src/certtool-cfg.c index ca3431508c..609c7888fc 100644 --- a/src/certtool-cfg.c +++ b/src/certtool-cfg.c @@ -224,7 +224,7 @@ read_int_with_default (const char *input_str, int def) char *endptr; long l; - printf(input_str, def); + printf (input_str, def); in = readline (""); l = strtol (in, &endptr, 0); @@ -612,7 +612,8 @@ get_serial (void) else { return read_int_with_default - ("Enter the certificate's serial number in decimal (default: %u): ", default_serial); + ("Enter the certificate's serial number in decimal (default: %u): ", + default_serial); } } @@ -897,7 +898,7 @@ get_crl_next_update (void) } const char * -get_proxy_policy (char **policy, size_t *policylen) +get_proxy_policy (char **policy, size_t * policylen) { const char *ret; diff --git a/src/certtool.c b/src/certtool.c index bf0990f7a7..cd9732ed5b 100644 --- a/src/certtool.c +++ b/src/certtool.c @@ -209,8 +209,7 @@ print_private_key (gnutls_x509_privkey_t key) ret = gnutls_x509_privkey_export (key, info.outcert_format, buffer, &size); if (ret < 0) - error (EXIT_FAILURE, 0, "privkey_export: %s", - gnutls_strerror (ret)); + error (EXIT_FAILURE, 0, "privkey_export: %s", gnutls_strerror (ret)); } else { @@ -227,8 +226,8 @@ print_private_key (gnutls_x509_privkey_t key) size = sizeof (buffer); ret = - gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, pass, - flags, buffer, &size); + gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, pass, + flags, buffer, &size); if (ret < 0) error (EXIT_FAILURE, 0, "privkey_export_pkcs8: %s", gnutls_strerror (ret)); @@ -342,12 +341,10 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, days = get_days (); result = - gnutls_x509_crt_set_expiration_time (crt, - time (NULL) + - days * 24 * 60 * 60); + gnutls_x509_crt_set_expiration_time (crt, + time (NULL) + days * 24 * 60 * 60); if (result < 0) - error (EXIT_FAILURE, 0, "set_expiration: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); if (!batch) fprintf (stderr, "\n\nExtensions.\n"); @@ -372,8 +369,8 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, policylanguage = get_proxy_policy (&policy, &policylen); result = - gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage, - policy, policylen); + gnutls_x509_crt_set_proxy (crt, proxypathlen, policylanguage, + policy, policylen); if (result < 0) error (EXIT_FAILURE, 0, "set_proxy: %s", gnutls_strerror (result)); @@ -387,7 +384,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, path_len = -1; result = - gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len); + gnutls_x509_crt_set_basic_constraints (crt, ca_status, path_len); if (result < 0) error (EXIT_FAILURE, 0, "basic_constraints: %s", gnutls_strerror (result)); @@ -399,8 +396,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, GNUTLS_KP_TLS_WWW_CLIENT, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); } server = get_tls_server_status (); @@ -414,7 +410,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (str != NULL) { result = gnutls_x509_crt_set_subject_alternative_name - (crt, GNUTLS_SAN_DNSNAME, str); + (crt, GNUTLS_SAN_DNSNAME, str); } else { @@ -422,7 +418,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (str != NULL) { result = gnutls_x509_crt_set_subject_alternative_name - (crt, GNUTLS_SAN_IPADDRESS, str); + (crt, GNUTLS_SAN_IPADDRESS, str); } } @@ -432,12 +428,10 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, } result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_TLS_WWW_SERVER, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_TLS_WWW_SERVER, 0); if (result < 0) - error (EXIT_FAILURE, 0, "key_kp: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); } else if (!proxy) { @@ -446,7 +440,7 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (str != NULL) { result = gnutls_x509_crt_set_subject_alternative_name - (crt, GNUTLS_SAN_RFC822NAME, str); + (crt, GNUTLS_SAN_RFC822NAME, str); if (result < 0) error (EXIT_FAILURE, 0, "subject_alt_name: %s", gnutls_strerror (result)); @@ -490,9 +484,9 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result) { result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_CODE_SIGNING, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_CODE_SIGNING, + 0); if (result < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); @@ -502,9 +496,9 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result) { result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_OCSP_SIGNING, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_OCSP_SIGNING, + 0); if (result < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); @@ -514,9 +508,9 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result) { result = - gnutls_x509_crt_set_key_purpose_oid (crt, - GNUTLS_KP_TIME_STAMPING, - 0); + gnutls_x509_crt_set_key_purpose_oid (crt, + GNUTLS_KP_TIME_STAMPING, + 0); if (result < 0) error (EXIT_FAILURE, 0, "key_kp: %s", gnutls_strerror (result)); @@ -553,13 +547,12 @@ generate_certificate (gnutls_x509_privkey_t * ret_key, if (result < 0) { size = sizeof (buffer); - result = - gnutls_x509_crt_get_key_id (ca_crt, 0, buffer, &size); + result = gnutls_x509_crt_get_key_id (ca_crt, 0, buffer, &size); } if (result >= 0) { result = - gnutls_x509_crt_set_authority_key_id (crt, buffer, size); + gnutls_x509_crt_set_authority_key_id (crt, buffer, size); if (result < 0) error (EXIT_FAILURE, 0, "set_authority_key_id: %s", gnutls_strerror (result)); @@ -601,8 +594,7 @@ generate_crl (void) { result = gnutls_x509_crl_set_crt (crl, crts[i], now); if (result < 0) - error (EXIT_FAILURE, 0, "crl_set_crt: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "crl_set_crt: %s", gnutls_strerror (result)); } result = gnutls_x509_crl_set_this_update (crl, now); @@ -612,8 +604,7 @@ generate_crl (void) fprintf (stderr, "Update times.\n"); days = get_crl_next_update (); - result = - gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60); + result = gnutls_x509_crl_set_next_update (crl, now + days * 24 * 60 * 60); if (result < 0) error (EXIT_FAILURE, 0, "next_update: %s", gnutls_strerror (result)); @@ -660,8 +651,7 @@ generate_self_signed (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -703,8 +693,7 @@ generate_signed_certificate (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -738,8 +727,7 @@ generate_proxy_certificate (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -797,10 +785,9 @@ update_signed_certificate (void) days = get_days (); result = - gnutls_x509_crt_set_expiration_time (crt, tim + days * 24 * 60 * 60); + gnutls_x509_crt_set_expiration_time (crt, tim + days * 24 * 60 * 60); if (result < 0) - error (EXIT_FAILURE, 0, "set_expiration: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "set_expiration: %s", gnutls_strerror (result)); fprintf (stderr, "\n\nSigning certificate...\n"); @@ -809,8 +796,7 @@ update_signed_certificate (void) error (EXIT_FAILURE, 0, "crt_sign: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); + result = gnutls_x509_crt_export (crt, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "crt_export: %s", gnutls_strerror (result)); @@ -819,14 +805,15 @@ update_signed_certificate (void) gnutls_x509_crt_deinit (crt); } -FILE* safe_open_rw(const char* file) +FILE * +safe_open_rw (const char *file) { mode_t oldmask; FILE *fh; if (info.privkey_op != 0) { - oldmask = umask (S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH); + oldmask = umask (S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH); } fh = fopen (file, "wb"); @@ -1009,8 +996,8 @@ certificate_info (void) crt_num = MAX_CRTS; ret = - gnutls_x509_crt_list_import (crt, &crt_num, &pem, info.incert_format, - GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); + gnutls_x509_crt_list_import (crt, &crt_num, &pem, info.incert_format, + GNUTLS_X509_CRT_LIST_IMPORT_FAIL_IF_EXCEED); if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { error (0, 0, @@ -1087,8 +1074,7 @@ pgp_certificate_info (void) } size = sizeof (buffer); - ret = - gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, &size); + ret = gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, &size); if (ret < 0) { error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1119,8 +1105,7 @@ pgp_privkey_info (void) pem.size = size; ret = - gnutls_openpgp_privkey_import (key, &pem, info.incert_format, NULL, - 0); + gnutls_openpgp_privkey_import (key, &pem, info.incert_format, NULL, 0); if (ret < 0) error (EXIT_FAILURE, 0, "Import error: %s", gnutls_strerror (ret)); @@ -1143,8 +1128,7 @@ pgp_privkey_info (void) if (i == -1) ret = gnutls_openpgp_privkey_get_pk_algorithm (key, NULL); else - ret = - gnutls_openpgp_privkey_get_subkey_pk_algorithm (key, i, NULL); + ret = gnutls_openpgp_privkey_get_subkey_pk_algorithm (key, i, NULL); fprintf (outfile, "\tPublic Key Algorithm: "); @@ -1162,13 +1146,13 @@ pgp_privkey_info (void) if (i == -1) ret = - gnutls_openpgp_privkey_export_rsa_raw (key, &m, &e, &d, &p, - &q, &u); + gnutls_openpgp_privkey_export_rsa_raw (key, &m, &e, &d, &p, + &q, &u); else ret = - gnutls_openpgp_privkey_export_subkey_rsa_raw (key, i, &m, - &e, &d, &p, - &q, &u); + gnutls_openpgp_privkey_export_subkey_rsa_raw (key, i, &m, + &e, &d, &p, + &q, &u); if (ret < 0) fprintf (stderr, "Error in key RSA data export: %s\n", gnutls_strerror (ret)); @@ -1182,13 +1166,11 @@ pgp_privkey_info (void) if (i == -1) ret = - gnutls_openpgp_privkey_export_dsa_raw (key, &p, &q, &g, &y, - &x); + gnutls_openpgp_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x); else ret = - gnutls_openpgp_privkey_export_subkey_dsa_raw (key, i, &p, - &q, &g, &y, - &x); + gnutls_openpgp_privkey_export_subkey_dsa_raw (key, i, &p, + &q, &g, &y, &x); if (ret < 0) fprintf (stderr, "Error in key DSA data export: %s\n", gnutls_strerror (ret)); @@ -1211,16 +1193,15 @@ pgp_privkey_info (void) } else { - fprintf (outfile, "Public Key ID: %s\n", - raw_to_string (keyid, 8)); + fprintf (outfile, "Public Key ID: %s\n", raw_to_string (keyid, 8)); } } size = sizeof (buffer); ret = - gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64, - NULL, 0, buffer, &size); + gnutls_openpgp_privkey_export (key, GNUTLS_OPENPGP_FMT_BASE64, + NULL, 0, buffer, &size); if (ret < 0) error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1253,24 +1234,22 @@ pgp_ring_info (void) count = gnutls_openpgp_keyring_get_crt_count (ring); if (count > 0) - fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", - count); + fprintf (outfile, "Keyring contains %d OpenPGP certificates\n\n", count); else error (EXIT_FAILURE, 0, "Keyring error: %s", gnutls_strerror (count)); for (i = 0; i < count; i++) { ret = gnutls_openpgp_keyring_get_crt (ring, i, &crt); - + if (ret < 0) - { + { error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); - } + } size = sizeof (buffer); ret = - gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, - &size); + gnutls_openpgp_crt_export (crt, info.outcert_format, buffer, &size); if (ret < 0) { error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1307,8 +1286,7 @@ print_hex_datum (gnutls_datum_t * dat) static void -print_certificate_info (gnutls_x509_crt_t crt, FILE * out, - unsigned int all) +print_certificate_info (gnutls_x509_crt_t crt, FILE * out, unsigned int all) { gnutls_datum_t info; int ret; @@ -1316,8 +1294,7 @@ print_certificate_info (gnutls_x509_crt_t crt, FILE * out, if (all) ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &info); else - ret = - gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_UNSIGNED_FULL, &info); + ret = gnutls_x509_crt_print (crt, GNUTLS_CRT_PRINT_UNSIGNED_FULL, &info); if (ret == 0) { fprintf (out, "%s\n", info.data); @@ -1412,8 +1389,8 @@ privkey_info (void) else pass = get_pass (); ret = - gnutls_x509_privkey_import_pkcs8 (key, &pem, info.incert_format, - pass, 0); + gnutls_x509_privkey_import_pkcs8 (key, &pem, info.incert_format, + pass, 0); } if (ret < 0) error (EXIT_FAILURE, 0, "Import error: %s", gnutls_strerror (ret)); @@ -1435,8 +1412,7 @@ privkey_info (void) { gnutls_datum_t m, e, d, p, q, u; - ret = - gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u); + ret = gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u); if (ret < 0) fprintf (stderr, "Error in key RSA data export: %s\n", gnutls_strerror (ret)); @@ -1466,8 +1442,7 @@ privkey_info (void) } else { - fprintf (outfile, "Public Key ID: %s\n", - raw_to_string (buffer, size)); + fprintf (outfile, "Public Key ID: %s\n", raw_to_string (buffer, size)); } if (info.fix_key != 0) @@ -1478,8 +1453,7 @@ privkey_info (void) } size = sizeof (buffer); - ret = - gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); + ret = gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); if (ret < 0) error (EXIT_FAILURE, 0, "Export error: %s", gnutls_strerror (ret)); @@ -1512,15 +1486,14 @@ load_private_key (int mand) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-privkey: %s", - info.privkey); + error (EXIT_FAILURE, errno, "reading --load-privkey: %s", info.privkey); if (info.pkcs8) { const char *pass = get_pass (); ret = - gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, - pass, 0); + gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, + pass, 0); } else ret = gnutls_x509_privkey_import (key, &dat, info.incert_format); @@ -1561,8 +1534,7 @@ load_request (void) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-request: %s", - info.request); + error (EXIT_FAILURE, errno, "reading --load-request: %s", info.request); ret = gnutls_x509_crq_import (crq, &dat, info.incert_format); if (ret == GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR) @@ -1607,8 +1579,8 @@ load_ca_private_key (void) { const char *pass = get_pass (); ret = - gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, - pass, 0); + gnutls_x509_privkey_import_pkcs8 (key, &dat, info.incert_format, + pass, 0); } else ret = gnutls_x509_privkey_import (key, &dat, info.incert_format); @@ -1641,8 +1613,7 @@ load_ca_cert (void) dat.size = size; if (!dat.data) - error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s", - info.ca); + error (EXIT_FAILURE, errno, "reading --load-ca-certificate: %s", info.ca); ret = gnutls_x509_crt_import (crt, &dat, info.incert_format); free (dat.data); @@ -1728,8 +1699,7 @@ load_cert_list (int mand, int *crt_size) ptr_size = size; ptr_size -= - (unsigned int) ((unsigned char *) ptr - - (unsigned char *) buffer); + (unsigned int) ((unsigned char *) ptr - (unsigned char *) buffer); if (ptr_size < 0) break; @@ -1846,16 +1816,15 @@ _verify_x509_mem (const void *cert, int cert_size) do { x509_crl_list = - (gnutls_x509_crl_t *) realloc (x509_crl_list, - i * sizeof (gnutls_x509_crl_t)); + (gnutls_x509_crl_t *) realloc (x509_crl_list, + i * sizeof (gnutls_x509_crl_t)); if (x509_crl_list == NULL) error (EXIT_FAILURE, 0, "memory error"); tmp.data = (char *) ptr; tmp.size = cert_size; tmp.size -= - (unsigned int) ((unsigned char *) ptr - - (unsigned char *) cert); + (unsigned int) ((unsigned char *) ptr - (unsigned char *) cert); ret = gnutls_x509_crl_init (&x509_crl_list[i - 1]); if (ret < 0) @@ -1890,8 +1859,8 @@ _verify_x509_mem (const void *cert, int cert_size) do { x509_cert_list = - (gnutls_x509_crt_t *) realloc (x509_cert_list, - i * sizeof (gnutls_x509_crt_t)); + (gnutls_x509_crt_t *) realloc (x509_cert_list, + i * sizeof (gnutls_x509_crt_t)); if (x509_cert_list == NULL) error (EXIT_FAILURE, 0, "memory error"); @@ -1899,7 +1868,7 @@ _verify_x509_mem (const void *cert, int cert_size) tmp.data = (char *) ptr; tmp.size = cert_size; tmp.size -= - (unsigned int) ((unsigned char *) ptr - (unsigned char *) cert); + (unsigned int) ((unsigned char *) ptr - (unsigned char *) cert); ret = gnutls_x509_crt_init (&x509_cert_list[i - 1]); if (ret < 0) @@ -1907,8 +1876,8 @@ _verify_x509_mem (const void *cert, int cert_size) gnutls_strerror (ret)); ret = - gnutls_x509_crt_import (x509_cert_list[i - 1], &tmp, - GNUTLS_X509_FMT_PEM); + gnutls_x509_crt_import (x509_cert_list[i - 1], &tmp, + GNUTLS_X509_FMT_PEM); if (ret < 0) error (EXIT_FAILURE, 0, "Error parsing the certificate[%d]: %s", i, gnutls_strerror (ret)); @@ -1922,8 +1891,7 @@ _verify_x509_mem (const void *cert, int cert_size) name_size = sizeof (name); ret = - gnutls_x509_crt_get_dn (x509_cert_list[i - 2], name, - &name_size); + gnutls_x509_crt_get_dn (x509_cert_list[i - 2], name, &name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_dn: %s", gnutls_strerror (ret)); @@ -1933,9 +1901,8 @@ _verify_x509_mem (const void *cert, int cert_size) */ issuer_name_size = sizeof (issuer_name); ret = - gnutls_x509_crt_get_issuer_dn (x509_cert_list[i - 2], - issuer_name, - &issuer_name_size); + gnutls_x509_crt_get_issuer_dn (x509_cert_list[i - 2], + issuer_name, &issuer_name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_issuer_dn: %s", gnutls_strerror (ret)); @@ -1946,13 +1913,11 @@ _verify_x509_mem (const void *cert, int cert_size) */ name_size = sizeof (name); ret = - gnutls_x509_crt_get_dn (x509_cert_list[i - 1], name, - &name_size); + gnutls_x509_crt_get_dn (x509_cert_list[i - 1], name, &name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_dn: %s", gnutls_strerror (ret)); - fprintf (outfile, "\tVerifying against certificate[%d].\n", - i - 1); + fprintf (outfile, "\tVerifying against certificate[%d].\n", i - 1); if (strcmp (issuer_name, name) != 0) { @@ -1997,8 +1962,8 @@ _verify_x509_mem (const void *cert, int cert_size) */ issuer_name_size = sizeof (issuer_name); ret = - gnutls_x509_crt_get_issuer_dn (x509_cert_list[x509_ncerts - 1], - issuer_name, &issuer_name_size); + gnutls_x509_crt_get_issuer_dn (x509_cert_list[x509_ncerts - 1], + issuer_name, &issuer_name_size); if (ret < 0) error (EXIT_FAILURE, 0, "get_issuer_dn: %s", gnutls_strerror (ret)); @@ -2162,8 +2127,7 @@ verify_crl (void) fprintf (outfile, "Verification output: "); ret = gnutls_x509_crl_verify (crl, &issuer, 1, 0, &output); if (ret < 0) - error (EXIT_FAILURE, 0, "Verification error: %s", - gnutls_strerror (ret)); + error (EXIT_FAILURE, 0, "Verification error: %s", gnutls_strerror (ret)); if (output & GNUTLS_CERT_INVALID) { @@ -2244,8 +2208,8 @@ generate_pkcs8 (void) size = sizeof (buffer); result = - gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, - password, flags, buffer, &size); + gnutls_x509_privkey_export_pkcs8 (key, info.outcert_format, + password, flags, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result)); @@ -2333,8 +2297,7 @@ generate_pkcs12 (void) result = gnutls_pkcs12_bag_encrypt (bag, password, flags); if (result < 0) - error (EXIT_FAILURE, 0, "bag_encrypt: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "bag_encrypt: %s", gnutls_strerror (result)); result = gnutls_pkcs12_set_bag (pkcs12, bag); if (result < 0) @@ -2356,22 +2319,18 @@ generate_pkcs12 (void) size = sizeof (buffer); result = - gnutls_x509_privkey_export_pkcs8 (key, GNUTLS_X509_FMT_DER, - password, flags, buffer, - &size); + gnutls_x509_privkey_export_pkcs8 (key, GNUTLS_X509_FMT_DER, + password, flags, buffer, &size); if (result < 0) - error (EXIT_FAILURE, 0, "key_export: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "key_export: %s", gnutls_strerror (result)); data.data = buffer; data.size = size; result = - gnutls_pkcs12_bag_set_data (kbag, - GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, - &data); + gnutls_pkcs12_bag_set_data (kbag, + GNUTLS_BAG_PKCS8_ENCRYPTED_KEY, &data); if (result < 0) - error (EXIT_FAILURE, 0, "bag_set_data: %s", - gnutls_strerror (result)); + error (EXIT_FAILURE, 0, "bag_set_data: %s", gnutls_strerror (result)); index = result; @@ -2403,8 +2362,7 @@ generate_pkcs12 (void) error (EXIT_FAILURE, 0, "generate_mac: %s", gnutls_strerror (result)); size = sizeof (buffer); - result = - gnutls_pkcs12_export (pkcs12, info.outcert_format, buffer, &size); + result = gnutls_pkcs12_export (pkcs12, info.outcert_format, buffer, &size); if (result < 0) error (EXIT_FAILURE, 0, "pkcs12_export: %s", gnutls_strerror (result)); @@ -2458,8 +2416,7 @@ print_bag_data (gnutls_pkcs12_bag_t bag) fprintf (stderr, "\tType: %s\n", BAGTYPE (type)); name = NULL; - result = - gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name); + result = gnutls_pkcs12_bag_get_friendly_name (bag, i, (char **) &name); if (result < 0) error (EXIT_FAILURE, 0, "get_friendly_name: %s", gnutls_strerror (type)); @@ -2471,8 +2428,7 @@ print_bag_data (gnutls_pkcs12_bag_t bag) result = gnutls_pkcs12_bag_get_key_id (bag, i, &id); if (result < 0) error (EXIT_FAILURE, 0, "get_key_id: %s", gnutls_strerror (type)); - fprintf (outfile, "\tKey ID: %s\n", - raw_to_string (id.data, id.size)); + fprintf (outfile, "\tKey ID: %s\n", raw_to_string (id.data, id.size)); result = gnutls_pkcs12_bag_get_data (bag, i, &cdata); if (result < 0) @@ -2683,8 +2639,7 @@ smime_to_pkcs7 (void) { len = getline (&lineptr, &linesize, infile); if (len == -1) - error (EXIT_FAILURE, 0, - "Cannot find RFC 2822 header/body separator"); + error (EXIT_FAILURE, 0, "Cannot find RFC 2822 header/body separator"); } while (strcmp (lineptr, "\r\n") != 0 && strcmp (lineptr, "\n") != 0); @@ -45,8 +45,8 @@ #include "cli-gaa.h" #if defined _WIN32 || defined __WIN32__ -int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, - const struct timeval *tv); +int _win_select (int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, + const struct timeval *tv); #define select _win_select #endif @@ -164,23 +164,25 @@ static gnutls_x509_privkey_t x509_key = NULL; static gnutls_openpgp_crt_t pgp_crt = NULL; static gnutls_openpgp_privkey_t pgp_key = NULL; -static void get_keyid( gnutls_openpgp_keyid_t keyid, const char* str) +static void +get_keyid (gnutls_openpgp_keyid_t keyid, const char *str) { - size_t keyid_size = sizeof(keyid); + size_t keyid_size = sizeof (keyid); - if (strlen(str) != 16) - { - fprintf(stderr, "The OpenPGP subkey ID has to be 16 hexadecimal characters.\n"); - exit(1); - } + if (strlen (str) != 16) + { + fprintf (stderr, + "The OpenPGP subkey ID has to be 16 hexadecimal characters.\n"); + exit (1); + } - if (gnutls_hex2bin (str, strlen(str), keyid, &keyid_size) < 0) - { - fprintf(stderr, "Error converting hex string: %s.\n", str); - exit(1); - } - - return; + if (gnutls_hex2bin (str, strlen (str), keyid, &keyid_size) < 0) + { + fprintf (stderr, "Error converting hex string: %s.\n", str); + exit (1); + } + + return; } /* Load the certificate and the private key. @@ -297,34 +299,35 @@ load_keys (void) unload_file (data); if (info.pgp_subkey != NULL) - { - gnutls_openpgp_keyid_t keyid; - - if (strcasecmp(info.pgp_subkey, "auto")==0) - { - ret = gnutls_openpgp_crt_get_auth_subkey( pgp_crt, keyid, 1); - if (ret < 0) - { - fprintf (stderr, - "*** Error setting preferred sub key id (%s): %s\n", info.pgp_subkey, - gnutls_strerror (ret)); - exit (1); - } - } - else - get_keyid( keyid, info.pgp_subkey); - - ret = gnutls_openpgp_crt_set_preferred_key_id( pgp_crt, keyid); - if (ret >= 0) - ret = gnutls_openpgp_privkey_set_preferred_key_id( pgp_key, keyid); - if (ret < 0) - { - fprintf (stderr, - "*** Error setting preferred sub key id (%s): %s\n", info.pgp_subkey, - gnutls_strerror (ret)); - exit (1); - } - } + { + gnutls_openpgp_keyid_t keyid; + + if (strcasecmp (info.pgp_subkey, "auto") == 0) + { + ret = gnutls_openpgp_crt_get_auth_subkey (pgp_crt, keyid, 1); + if (ret < 0) + { + fprintf (stderr, + "*** Error setting preferred sub key id (%s): %s\n", + info.pgp_subkey, gnutls_strerror (ret)); + exit (1); + } + } + else + get_keyid (keyid, info.pgp_subkey); + + ret = gnutls_openpgp_crt_set_preferred_key_id (pgp_crt, keyid); + if (ret >= 0) + ret = + gnutls_openpgp_privkey_set_preferred_key_id (pgp_key, keyid); + if (ret < 0) + { + fprintf (stderr, + "*** Error setting preferred sub key id (%s): %s\n", + info.pgp_subkey, gnutls_strerror (ret)); + exit (1); + } + } fprintf (stderr, "Processed 1 client PGP certificate...\n"); } @@ -420,7 +423,7 @@ cert_callback (gnutls_session_t session, static gnutls_session_t init_tls_session (const char *hostname) { -const char *err; + const char *err; gnutls_session_t session; @@ -428,8 +431,8 @@ const char *err; if (gnutls_priority_set_direct (session, info.priorities, &err) < 0) { - fprintf(stderr, "Syntax error at: %s\n", err); - exit(1); + fprintf (stderr, "Syntax error at: %s\n", err); + exit (1); } /* allow the use of private ciphersuites. @@ -971,9 +974,8 @@ srp_username_callback (gnutls_session_t session, return 0; } -static int psk_callback (gnutls_session_t session, - char **username, - gnutls_datum_t * key) +static int +psk_callback (gnutls_session_t session, char **username, gnutls_datum_t * key) { const char *hint = gnutls_psk_client_get_hint (session); char *passwd; @@ -1022,12 +1024,11 @@ static int psk_callback (gnutls_session_t session, } ret = gnutls_psk_netconf_derive_key (passwd, - *username, - hint ? hint : "", - key); + *username, hint ? hint : "", key); if (ret < 0) { - fprintf (stderr, "Error deriving password: %s\n", gnutls_strerror (ret)); + fprintf (stderr, "Error deriving password: %s\n", + gnutls_strerror (ret)); gnutls_free (*username); return ret; } @@ -1097,7 +1098,9 @@ init_global_tls_stuff (void) #ifdef ENABLE_OPENPGP if (pgp_keyring != NULL) { - ret = gnutls_certificate_set_openpgp_keyring_file (xcred, pgp_keyring, GNUTLS_OPENPGP_FMT_BASE64); + ret = + gnutls_certificate_set_openpgp_keyring_file (xcred, pgp_keyring, + GNUTLS_OPENPGP_FMT_BASE64); if (ret < 0) { fprintf (stderr, "Error setting the OpenPGP keyring file\n"); diff --git a/src/common.c b/src/common.c index a181597598..ae7569ed61 100644 --- a/src/common.c +++ b/src/common.c @@ -153,8 +153,8 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) printf (" # The hostname in the certificate does NOT match '%s'.\n", hostname); - if (!insecure) - exit(1); + if (!insecure) + exit (1); } else { @@ -282,7 +282,8 @@ print_x509_info (gnutls_session_t session, const char *hostname, int insecure) #ifdef ENABLE_OPENPGP void -print_openpgp_info (gnutls_session_t session, const char *hostname, int insecure) +print_openpgp_info (gnutls_session_t session, const char *hostname, + int insecure) { char digest[20]; @@ -344,12 +345,13 @@ print_openpgp_info (gnutls_session_t session, const char *hostname, int insecure printf (" # The hostname in the certificate does NOT match '%s'.\n", hostname); - if (!insecure) - exit(1); + if (!insecure) + exit (1); } else { - printf (" # The hostname in the certificate matches '%s'.\n", hostname); + printf (" # The hostname in the certificate matches '%s'.\n", + hostname); } } @@ -445,10 +447,8 @@ void print_dh_info (gnutls_session_t session, const char *str) { printf ("- %sDiffie-Hellman parameters\n", str); - printf (" - Using prime: %d bits\n", - gnutls_dh_get_prime_bits (session)); - printf (" - Secret key: %d bits\n", - gnutls_dh_get_secret_bits (session)); + printf (" - Using prime: %d bits\n", gnutls_dh_get_prime_bits (session)); + printf (" - Secret key: %d bits\n", gnutls_dh_get_secret_bits (session)); printf (" - Peer's public key: %d bits\n", gnutls_dh_get_peers_public_bits (session)); @@ -475,8 +475,7 @@ print_dh_info (gnutls_session_t session, const char *str) goto out; } - ret = gnutls_dh_params_import_raw (dh_params, &raw_prime, - &raw_gen); + ret = gnutls_dh_params_import_raw (dh_params, &raw_prime, &raw_gen); if (ret) { fprintf (stderr, "gnutls_dh_params_import_raw %d\n", ret); @@ -485,8 +484,7 @@ print_dh_info (gnutls_session_t session, const char *str) ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM, - params_data, - ¶ms_data_size); + params_data, ¶ms_data_size); if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) { fprintf (stderr, "gnutls_dh_params_export_pkcs3 %d\n", ret); @@ -502,8 +500,7 @@ print_dh_info (gnutls_session_t session, const char *str) ret = gnutls_dh_params_export_pkcs3 (dh_params, GNUTLS_X509_FMT_PEM, - params_data, - ¶ms_data_size); + params_data, ¶ms_data_size); if (ret) { fprintf (stderr, "gnutls_dh_params_export_pkcs3-2 %d\n", ret); @@ -606,12 +603,13 @@ print_info (gnutls_session_t session, const char *hostname, int insecure) tmp = SU (gnutls_compression_get_name (gnutls_compression_get (session))); printf ("- Compression: %s\n", tmp); - if (verbose) { - char id[32]; - size_t id_size = sizeof(id); - gnutls_session_get_id (session, id, &id_size); - printf("- Session ID: %s\n", raw_to_string(id, id_size) ); - } + if (verbose) + { + char id[32]; + size_t id_size = sizeof (id); + gnutls_session_get_id (session, id, &id_size); + printf ("- Session ID: %s\n", raw_to_string (id, id_size)); + } fflush (stdout); @@ -631,9 +629,9 @@ print_cert_info (gnutls_session_t session, const char *hostname, int insecure) { case GNUTLS_CRT_UNKNOWN: printf ("Unknown\n"); - + if (!insecure) - exit(1); + exit (1); break; case GNUTLS_CRT_X509: printf ("X.509\n"); @@ -788,7 +786,7 @@ void parse_protocols (char **protocols, int protocols_size, int *protocol_priority) { int i, j; - + if (protocols != NULL && protocols_size > 0) { DEPRECATED; diff --git a/src/crypt.c b/src/crypt.c index f6a49a701e..5558a98f34 100644 --- a/src/crypt.c +++ b/src/crypt.c @@ -48,7 +48,7 @@ srptool_version (void) #include <gnutls/gnutls.h> #include <gnutls/extra.h> #include <crypt-gaa.h> -#include "../lib/random.h" /* for random */ +#include "../lib/random.h" /* for random */ #include <sys/types.h> #include <sys/stat.h> @@ -71,7 +71,8 @@ srptool_version (void) int crypt_int (const char *username, const char *passwd, int salt, char *tpasswd_conf, char *tpasswd, int uindex); -static int read_conf_values (gnutls_datum_t * g, gnutls_datum_t * n, char *str); +static int read_conf_values (gnutls_datum_t * g, gnutls_datum_t * n, + char *str); static int _verify_passwd_int (const char *username, const char *passwd, char *verifier, char *salt, const gnutls_datum_t * g, @@ -218,7 +219,7 @@ _verify_passwd_int (const char *username, const char *passwd, /* encode the verifier into _salt */ salt_size = sizeof (_salt); - memset(_salt, 0, salt_size); + memset (_salt, 0, salt_size); if (gnutls_srp_base64_encode (&new_verifier, _salt, &salt_size) < 0) { fprintf (stderr, "Encoding error\n"); @@ -48,7 +48,7 @@ psktool_version (void) #include <gnutls/extra.h> #include <psk-gaa.h> -#include "../lib/random.h" /* for random */ +#include "../lib/random.h" /* for random */ #include "getpass.h" #include <sys/types.h> @@ -148,8 +148,7 @@ main (int argc, char **argv) ret = gnutls_psk_netconf_derive_key (passwd, info.username, - info.netconf_hint, - &dkey); + info.netconf_hint, &dkey); } else { @@ -158,7 +157,7 @@ main (int argc, char **argv) printf ("Generating a random key for user '%s'\n", info.username); - ret = _gnutls_rnd (RND_RANDOM, (char*)key, info.key_size); + ret = _gnutls_rnd (RND_RANDOM, (char *) key, info.key_size); if (ret < 0) { fprintf (stderr, "Not enough randomness\n"); diff --git a/src/select.c b/src/select.c index d310409cb6..dffc553a24 100644 --- a/src/select.c +++ b/src/select.c @@ -59,8 +59,9 @@ * cause this function call to take up to 100 ms longer than you specified. * - Pipes are not checked for writability or errors (errno = ENOSYS) */ -int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, - const struct timeval *tv) +int +_win_select (int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, + const struct timeval *tv) { DWORD ms_total, limit; HANDLE handles[MAXIMUM_WAIT_OBJECTS], hPipes[MAXIMUM_WAIT_OBJECTS]; @@ -79,184 +80,186 @@ int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, iPipes = 0; /* calculate how long we need to wait in milliseconds */ - if(tv == NULL) + if (tv == NULL) ms_total = INFINITE; else - { - ms_total = tv->tv_sec * 1000; - ms_total += tv->tv_usec / 1000; - } + { + ms_total = tv->tv_sec * 1000; + ms_total += tv->tv_usec / 1000; + } /* select() may be used as a portable way to sleep */ if (!(rfds || wfds || efds)) - { - Sleep(ms_total); + { + Sleep (ms_total); - return 0; - } + return 0; + } - FD_ZERO(&sock_read); - FD_ZERO(&sock_write); - FD_ZERO(&sock_except); + FD_ZERO (&sock_read); + FD_ZERO (&sock_write); + FD_ZERO (&sock_except); /* build an array of handles for non-sockets */ - for(i = 0; i < max_fd; i++) - { - if(SAFE_FD_ISSET(i, rfds) || SAFE_FD_ISSET(i, wfds) || - SAFE_FD_ISSET(i, efds)) + for (i = 0; i < max_fd; i++) { - unsigned long ulVal; - - if (ioctlsocket(i, FIONREAD, &ulVal) != SOCKET_ERROR && _get_osfhandle(i) == -1) - { - /* socket */ - if(SAFE_FD_ISSET(i, rfds)) - FD_SET(i, &sock_read); - - if(SAFE_FD_ISSET(i, wfds)) - FD_SET(i, &sock_write); - - if(SAFE_FD_ISSET(i, efds)) - FD_SET(i, &sock_except); - - if(i > sock_max_fd) - sock_max_fd = i; - } - else - { - if (GetFileType((HANDLE) i) == FILE_TYPE_PIPE) - hPipes[iPipes++] = (HANDLE) i; /* Pipe */ - else - { - handles[n_handles] = (HANDLE) _get_osfhandle(i); - if ((DWORD) handles[n_handles] == 0xffffffff) - handles[n_handles] = (HANDLE) i; - handle_slot_to_fd[n_handles] = i; - n_handles++; - } - } + if (SAFE_FD_ISSET (i, rfds) || SAFE_FD_ISSET (i, wfds) || + SAFE_FD_ISSET (i, efds)) + { + unsigned long ulVal; + + if (ioctlsocket (i, FIONREAD, &ulVal) != SOCKET_ERROR + && _get_osfhandle (i) == -1) + { + /* socket */ + if (SAFE_FD_ISSET (i, rfds)) + FD_SET (i, &sock_read); + + if (SAFE_FD_ISSET (i, wfds)) + FD_SET (i, &sock_write); + + if (SAFE_FD_ISSET (i, efds)) + FD_SET (i, &sock_except); + + if (i > sock_max_fd) + sock_max_fd = i; + } + else + { + if (GetFileType ((HANDLE) i) == FILE_TYPE_PIPE) + hPipes[iPipes++] = (HANDLE) i; /* Pipe */ + else + { + handles[n_handles] = (HANDLE) _get_osfhandle (i); + if ((DWORD) handles[n_handles] == 0xffffffff) + handles[n_handles] = (HANDLE) i; + handle_slot_to_fd[n_handles] = i; + n_handles++; + } + } + } } - } - if((n_handles == 0) && (iPipes == 0)) - { - /* plain sockets only - let winsock handle the whole thing */ - if ((retcode = select(max_fd, rfds, wfds, efds, tv)) == SOCKET_ERROR) - SetErrnoFromWinsockError(WSAGetLastError()); - return retcode; - } + if ((n_handles == 0) && (iPipes == 0)) + { + /* plain sockets only - let winsock handle the whole thing */ + if ((retcode = select (max_fd, rfds, wfds, efds, tv)) == SOCKET_ERROR) + SetErrnoFromWinsockError (WSAGetLastError ()); + return retcode; + } /* mixture of handles and sockets; lets multiplex between * winsock and waiting on the handles */ - FD_ZERO(&aread); - FD_ZERO(&awrite); - FD_ZERO(&aexcept); + FD_ZERO (&aread); + FD_ZERO (&awrite); + FD_ZERO (&aexcept); - limit = GetTickCount() + ms_total; + limit = GetTickCount () + ms_total; do - { - retcode = 0; - - if(sock_max_fd >= 0) { - /* overwrite the zero'd sets here; the select call - * will clear those that are not active */ - aread = sock_read; - awrite = sock_write; - aexcept = sock_except; - - tvslice.tv_sec = 0; - tvslice.tv_usec = 100000; - - if ((retcode = select(sock_max_fd + 1, &aread, &awrite, &aexcept, - &tvslice)) == SOCKET_ERROR) - { - SetErrnoFromWinsockError(WSAGetLastError()); - - return -1; - } - } + retcode = 0; - if(n_handles > 0) - { - /* check handles */ - DWORD wret; - - wret = - MsgWaitForMultipleObjects(n_handles, handles, FALSE, - retcode > 0 ? 0 : 100, QS_ALLEVENTS); - - if(wret == WAIT_TIMEOUT) - { - /* set retcode to 0; this is the default. - * select() may have set it to something else, - * in which case we leave it alone, so this branch - * does nothing */ - ; - } - else if(wret == WAIT_FAILED) - { - SetErrnoFromWinError(GetLastError()); - - return -1; - } - else - { - for(i = 0; i < n_handles; i++) - { - if(WAIT_OBJECT_0 == WaitForSingleObject(handles[i], 0)) - { - if(SAFE_FD_ISSET(handle_slot_to_fd[i], rfds)) - { - FD_SET(handle_slot_to_fd[i], &aread); - } - - if(SAFE_FD_ISSET(handle_slot_to_fd[i], wfds)) - FD_SET(handle_slot_to_fd[i], &awrite); - - if(SAFE_FD_ISSET(handle_slot_to_fd[i], efds)) - FD_SET(handle_slot_to_fd[i], &aexcept); - - retcode++; - } - } - } - } + if (sock_max_fd >= 0) + { + /* overwrite the zero'd sets here; the select call + * will clear those that are not active */ + aread = sock_read; + awrite = sock_write; + aexcept = sock_except; - /* Poll Pipes */ - for(i = 0; i < iPipes; i++) - { - DWORD dwBytes; - if(SAFE_FD_ISSET(hPipes[i], rfds)) - { - if (! PeekNamedPipe(hPipes[i], NULL, 0, NULL, &dwBytes, NULL)) + tvslice.tv_sec = 0; + tvslice.tv_usec = 100000; + + if ((retcode = select (sock_max_fd + 1, &aread, &awrite, &aexcept, + &tvslice)) == SOCKET_ERROR) + { + SetErrnoFromWinsockError (WSAGetLastError ()); + + return -1; + } + } + + if (n_handles > 0) + { + /* check handles */ + DWORD wret; + + wret = + MsgWaitForMultipleObjects (n_handles, handles, FALSE, + retcode > 0 ? 0 : 100, QS_ALLEVENTS); + + if (wret == WAIT_TIMEOUT) + { + /* set retcode to 0; this is the default. + * select() may have set it to something else, + * in which case we leave it alone, so this branch + * does nothing */ + ; + } + else if (wret == WAIT_FAILED) + { + SetErrnoFromWinError (GetLastError ()); + + return -1; + } + else + { + for (i = 0; i < n_handles; i++) + { + if (WAIT_OBJECT_0 == WaitForSingleObject (handles[i], 0)) + { + if (SAFE_FD_ISSET (handle_slot_to_fd[i], rfds)) + { + FD_SET (handle_slot_to_fd[i], &aread); + } + + if (SAFE_FD_ISSET (handle_slot_to_fd[i], wfds)) + FD_SET (handle_slot_to_fd[i], &awrite); + + if (SAFE_FD_ISSET (handle_slot_to_fd[i], efds)) + FD_SET (handle_slot_to_fd[i], &aexcept); + + retcode++; + } + } + } + } + + /* Poll Pipes */ + for (i = 0; i < iPipes; i++) + { + DWORD dwBytes; + if (SAFE_FD_ISSET (hPipes[i], rfds)) { - retcode = -1; - SetErrnoFromWinError(GetLastError()); + if (!PeekNamedPipe (hPipes[i], NULL, 0, NULL, &dwBytes, NULL)) + { + retcode = -1; + SetErrnoFromWinError (GetLastError ()); + } + else if (dwBytes) + { + FD_SET ((int) hPipes[i], &aread); + retcode++; + } } - else if (dwBytes) + else if (SAFE_FD_ISSET (hPipes[i], wfds) + || SAFE_FD_ISSET (hPipes[i], efds)) { - FD_SET((int) hPipes[i], &aread); - retcode++; + errno = ENOSYS; + return -1; /* Not implemented */ } - } - else if (SAFE_FD_ISSET(hPipes[i], wfds) || SAFE_FD_ISSET(hPipes[i], efds)) - { - errno = ENOSYS; - return -1; /* Not implemented */ - } + } } - } - while(retcode == 0 && (ms_total == INFINITE || GetTickCount() < limit)); + while (retcode == 0 && (ms_total == INFINITE || GetTickCount () < limit)); - if(rfds) + if (rfds) *rfds = aread; - if(wfds) + if (wfds) *wfds = awrite; - if(efds) + if (efds) *efds = aexcept; return retcode; diff --git a/src/serv.c b/src/serv.c index c03c191fc5..e765a07a05 100644 --- a/src/serv.c +++ b/src/serv.c @@ -39,8 +39,8 @@ #include <list.h> #if defined _WIN32 || defined __WIN32__ -int _win_select(int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, - const struct timeval *tv); +int _win_select (int max_fd, fd_set * rfds, fd_set * wfds, fd_set * efds, + const struct timeval *tv); #define select _win_select #endif @@ -132,11 +132,12 @@ static int wrap_db_delete (void *dbf, gnutls_datum_t key); #define HTTP_STATE_RESPONSE 2 #define HTTP_STATE_CLOSING 3 -LIST_TYPE_DECLARE (listener_item, char *http_request; - char *http_response; int request_length; - int response_length; int response_written; - int http_state; - int fd; gnutls_session_t tls_session; int handshake_ok;); +LIST_TYPE_DECLARE (listener_item, char *http_request; char *http_response; + int request_length; int response_length; + int response_written; int http_state; int fd; + gnutls_session_t tls_session; + int handshake_ok; + ); static const char * safe_strerror (int value) @@ -265,7 +266,8 @@ static_dh_params (void) exit (1); } - ret = gnutls_dh_params_import_pkcs3 (dh_params, ¶ms, GNUTLS_X509_FMT_PEM); + ret = + gnutls_dh_params_import_pkcs3 (dh_params, ¶ms, GNUTLS_X509_FMT_PEM); if (ret < 0) { @@ -344,8 +346,7 @@ int oprfi_callback (gnutls_session_t session, void *userdata, size_t oprfi_len, - const unsigned char *in_oprfi, - unsigned char *out_oprfi) + const unsigned char *in_oprfi, unsigned char *out_oprfi) { size_t ourlen = strlen (info.opaque_prf_input); size_t i; @@ -356,7 +357,7 @@ oprfi_callback (gnutls_session_t session, printf ("%02x", in_oprfi[i]); printf ("\n"); - memset(out_oprfi, 0, oprfi_len); + memset (out_oprfi, 0, oprfi_len); strncpy (out_oprfi, info.opaque_prf_input, oprfi_len); return 0; @@ -385,8 +386,8 @@ initialize_session (void) if (gnutls_priority_set_direct (session, info.priorities, &err) < 0) { - fprintf(stderr, "Syntax error at: %s\n", err); - exit(1); + fprintf (stderr, "Syntax error at: %s\n", err); + exit (1); } if (cipher_priority[0]) @@ -415,17 +416,18 @@ initialize_session (void) if (disable_client_cert) gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); - else { - if (require_cert) - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE); - else - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - } + else + { + if (require_cert) + gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE); + else + gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); + } /* Set maximum compatibility mode. This is only suggested on public webservers * that need to trade security for compatibility */ - gnutls_session_enable_compatibility_mode( session); + gnutls_session_enable_compatibility_mode (session); #ifdef ENABLE_OPRFI if (info.opaque_prf_input) @@ -446,7 +448,8 @@ static const char DEFAULT_DATA[] = */ #define tmp2 &http_buffer[strlen(http_buffer)] char * -peer_print_info (gnutls_session_t session, int *ret_length, const char *header) +peer_print_info (gnutls_session_t session, int *ret_length, + const char *header) { const char *tmp; unsigned char sesid[32]; @@ -661,34 +664,36 @@ listen_socket (const char *name, int listen_port) for (ptr = res; (ptr != NULL) && (s == -1); ptr = ptr->ai_next) { - if ((s = socket (ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol)) < 0) - { - perror ("socket() failed"); - continue; - } + if ((s = + socket (ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol)) < 0) + { + perror ("socket() failed"); + continue; + } yes = 1; if (setsockopt - (s, SOL_SOCKET, SO_REUSEADDR, (const void *) &yes, sizeof (yes)) < 0) - { - perror ("setsockopt() failed"); - failed: - close (s); - s = -1; - continue; - } + (s, SOL_SOCKET, SO_REUSEADDR, (const void *) &yes, + sizeof (yes)) < 0) + { + perror ("setsockopt() failed"); + failed: + close (s); + s = -1; + continue; + } if (bind (s, res->ai_addr, res->ai_addrlen) < 0) - { - perror ("bind() failed"); - goto failed; - } + { + perror ("bind() failed"); + goto failed; + } if (listen (s, 10) < 0) - { - perror ("listen() failed"); - goto failed; - } + { + perror ("listen() failed"); + goto failed; + } } freeaddrinfo (res); @@ -774,20 +779,22 @@ tls_log_func (int level, const char *str) static void gaa_parser (int argc, char **argv); -static int get_port (const struct sockaddr_storage *addr) +static int +get_port (const struct sockaddr_storage *addr) { switch (addr->ss_family) { - case AF_INET6: - return ntohs (((const struct sockaddr_in6 *)addr)->sin6_port); - case AF_INET: - return ntohs (((const struct sockaddr_in *)addr)->sin_port); + case AF_INET6: + return ntohs (((const struct sockaddr_in6 *) addr)->sin6_port); + case AF_INET: + return ntohs (((const struct sockaddr_in *) addr)->sin_port); } return -1; } -static const char *addr_ntop (const struct sockaddr *sa, socklen_t salen, - char *buf, size_t buflen) +static const char * +addr_ntop (const struct sockaddr *sa, socklen_t salen, + char *buf, size_t buflen) { if (getnameinfo (sa, salen, buf, buflen, NULL, 0, NI_NUMERICHOST) == 0) { @@ -899,7 +906,8 @@ main (int argc, char **argv) if (pgp_keyring != NULL) { ret = - gnutls_certificate_set_openpgp_keyring_file (cert_cred, pgp_keyring, GNUTLS_OPENPGP_FMT_BASE64); + gnutls_certificate_set_openpgp_keyring_file (cert_cred, pgp_keyring, + GNUTLS_OPENPGP_FMT_BASE64); if (ret < 0) { fprintf (stderr, "Error setting the OpenPGP keyring file\n"); @@ -911,7 +919,8 @@ main (int argc, char **argv) { if (info.pgp_subkey != NULL) ret = gnutls_certificate_set_openpgp_key_file2 - (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey, GNUTLS_OPENPGP_FMT_BASE64); + (cert_cred, pgp_certfile, pgp_keyfile, info.pgp_subkey, + GNUTLS_OPENPGP_FMT_BASE64); else ret = gnutls_certificate_set_openpgp_key_file (cert_cred, pgp_certfile, pgp_keyfile, GNUTLS_OPENPGP_FMT_BASE64); @@ -1151,8 +1160,9 @@ main (int argc, char **argv) if (verbose == 0) { printf ("\n* connection from %s, port %d\n", - addr_ntop ((struct sockaddr *)&client_address, calen, - topbuf, sizeof (topbuf)), + addr_ntop ((struct sockaddr *) + &client_address, calen, topbuf, + sizeof (topbuf)), get_port (&client_address)); print_info (j->tls_session, NULL, 1); } @@ -1247,8 +1257,9 @@ main (int argc, char **argv) if (verbose == 0) { printf ("- connection from %s, port %d\n", - addr_ntop ((struct sockaddr*) &client_address, calen, - topbuf, sizeof (topbuf)), + addr_ntop ((struct sockaddr *) + &client_address, calen, topbuf, + sizeof (topbuf)), get_port (&client_address)); print_info (j->tls_session, NULL, 1); diff --git a/src/tests.c b/src/tests.c index 844013f26a..0c56328d40 100644 --- a/src/tests.c +++ b/src/tests.c @@ -104,11 +104,13 @@ do_handshake (gnutls_session_t session) } static int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; + static const int kx_priority[16] = { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_ANON_DH, GNUTLS_KX_RSA_EXPORT, 0 }; + static const int cipher_priority[16] = { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, GNUTLS_CIPHER_ARCFOUR_40, 0 @@ -154,7 +156,7 @@ ADD_CIPHER (gnutls_session_t session, int cipher) static void ADD_CIPHER4 (gnutls_session_t session, int cipher1, int cipher2, int cipher3, - int cipher4) + int cipher4) { static int _cipher_priority[] = { 0, 0, 0, 0, 0 }; _cipher_priority[0] = cipher1; @@ -216,8 +218,8 @@ ADD_PROTOCOL3 (gnutls_session_t session, int p1, int p2, int p3) static int srp_detected; int -_test_srp_username_callback (gnutls_session_t session, - char **username, char **password) +_test_srp_username_callback (gnutls_session_t session, + char **username, char **password) { srp_detected = 1; @@ -514,8 +516,8 @@ test_bye (gnutls_session_t session) old = siginterrupt (SIGALRM, 1); alarm (secs); #else - setsockopt ((int)gnutls_transport_get_ptr (session), SOL_SOCKET, SO_RCVTIMEO, - (char *) &secs, sizeof (int)); + setsockopt ((int) gnutls_transport_get_ptr (session), SOL_SOCKET, + SO_RCVTIMEO, (char *) &secs, sizeof (int)); #endif do @@ -604,10 +606,10 @@ test_unknown_ciphersuites (gnutls_session_t session) int ret; #ifdef ENABLE_CAMELLIA ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, - GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); + GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); #else ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, - GNUTLS_CIPHER_ARCFOUR_128, 0); + GNUTLS_CIPHER_ARCFOUR_128, 0); #endif ADD_ALL_COMP (session); ADD_ALL_CERTTYPES (session); diff --git a/src/tls_test.c b/src/tls_test.c index fc2efcca08..7354d19b8d 100644 --- a/src/tls_test.c +++ b/src/tls_test.c @@ -237,26 +237,25 @@ main (int argc, char **argv) sd = -1; for (ptr = res; ptr != NULL; ptr = ptr->ai_next) - { - sd = socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol); - if (sd == -1) - { - continue; - } - - getnameinfo (ptr->ai_addr, ptr->ai_addrlen, buffer, MAX_BUF, - NULL, 0, NI_NUMERICHOST); - if (tt++ == 0) printf("Connecting to '%s:%d'...\n", buffer, port); - if ((err = connect(sd, ptr->ai_addr, ptr->ai_addrlen)) != 0) - { - close (sd); - sd = -1; - continue; - } - } - ERR(err, "connect") - - gnutls_init (&state, GNUTLS_CLIENT); + { + sd = socket (ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol); + if (sd == -1) + { + continue; + } + + getnameinfo (ptr->ai_addr, ptr->ai_addrlen, buffer, MAX_BUF, + NULL, 0, NI_NUMERICHOST); + if (tt++ == 0) + printf ("Connecting to '%s:%d'...\n", buffer, port); + if ((err = connect (sd, ptr->ai_addr, ptr->ai_addrlen)) != 0) + { + close (sd); + sd = -1; + continue; + } + } + ERR (err, "connect") gnutls_init (&state, GNUTLS_CLIENT); gnutls_transport_set_ptr (state, (gnutls_transport_ptr_t) sd); do diff --git a/tests/certificate_set_x509_crl.c b/tests/certificate_set_x509_crl.c index 99bdfde796..fe94e54008 100644 --- a/tests/certificate_set_x509_crl.c +++ b/tests/certificate_set_x509_crl.c @@ -42,8 +42,7 @@ static char crl[] = "elUNpllhhTgXDTA2MTIyNzA4MDIzNFowCwYJKoZIhvcNAQEFA4GBAD0zX+J2hkcc\n" "Nbrq1Dn5IKL8nXLgPGcHv1I/le1MNo9t1ohGQxB5HnFUkRPAY82fR6Epor4aHgVy\n" "b+5y+neKN9Kn2mPF4iiun+a4o26CjJ0pArojCL1p8T0yyi9Xxvyc/ezaZ98HiIyP\n" - "c3DGMNR+oUmSjKZ0jIhAYmeLxaPHfQwR\n" - "-----END X509 CRL-----\n"; + "c3DGMNR+oUmSjKZ0jIhAYmeLxaPHfQwR\n" "-----END X509 CRL-----\n"; /* Test regression of bug reported by Max Kellermann <max@duempel.org> in Message-ID: <20061211075202.GA1517@roonstrasse.net> to the diff --git a/tests/crypto_rng.c b/tests/crypto_rng.c index 663bf9813c..44b79216ce 100644 --- a/tests/crypto_rng.c +++ b/tests/crypto_rng.c @@ -11,54 +11,61 @@ #include <gnutls/crypto.h> #include "../lib/random.h" -void mylogfn( int level, const char*ptr) +void +mylogfn (int level, const char *ptr) { - printf ("Got Logs: "); - if (ptr) - printf ("%s", ptr); + printf ("Got Logs: "); + if (ptr) + printf ("%s", ptr); } -int rng_init( void** ctx) +int +rng_init (void **ctx) { - return 0; + return 0; } -int rng_rnd ( void* ctx, int level, void* data, int datasize) +int +rng_rnd (void *ctx, int level, void *data, int datasize) { - memset(data, 1,datasize); - return 0; + memset (data, 1, datasize); + return 0; } -void rng_deinit( void* ctx) +void +rng_deinit (void *ctx) { } void doit (void) { - int rc; - char buf1[32]; - char buf2[32]; - int failed = 0; - gnutls_crypto_rnd_st rng = { rng_init, rng_rnd, rng_deinit }; + int rc; + char buf1[32]; + char buf2[32]; + int failed = 0; + gnutls_crypto_rnd_st rng = { rng_init, rng_rnd, rng_deinit }; + + rc = gnutls_crypto_rnd_register (0, &rng); - rc = gnutls_crypto_rnd_register (0, &rng); + gnutls_global_init (); - gnutls_global_init (); + memset (buf2, 1, sizeof (buf2)); - memset(buf2, 1, sizeof(buf2)); - - _gnutls_rnd(GNUTLS_RND_RANDOM, buf1, sizeof(buf1)); + _gnutls_rnd (GNUTLS_RND_RANDOM, buf1, sizeof (buf1)); - if (memcmp( buf1, buf2, sizeof(buf1))!=0) + if (memcmp (buf1, buf2, sizeof (buf1)) != 0) failed = 1; - - gnutls_global_deinit (); - - if (failed == 0) { - success("rng registered ok\n"); - } else { - fail ("rng register test failed: %d\n", rc); - } + + gnutls_global_deinit (); + + if (failed == 0) + { + success ("rng registered ok\n"); + } + else + { + fail ("rng register test failed: %d\n", rc); + } } diff --git a/tests/dhepskself.c b/tests/dhepskself.c index dd0998849f..60abc220fc 100644 --- a/tests/dhepskself.c +++ b/tests/dhepskself.c @@ -156,7 +156,7 @@ client (void) printf ("- Received %d bytes: ", ret); for (ii = 0; ii < ret; ii++) - fputc (buffer[ii], stdout); + fputc (buffer[ii], stdout); fputs ("\n", stdout); gnutls_bye (session, GNUTLS_SHUT_RDWR); diff --git a/tests/dn.c b/tests/dn.c index 47a8d136cf..5528312b98 100644 --- a/tests/dn.c +++ b/tests/dn.c @@ -57,10 +57,10 @@ static char pem[] = "jxL92AgHPzSFy/nyqmZ1ADcnB5fC5WsEYyr9tPM1gpjJEsi95YIBrO7Uyt4tj5U3\n" "dYDvbU+Mg1r0gJi61wciuyAllwKfu9aqkCjJKQGHrTimWzRa6RPygaojWIEmap89\n" "bHarWgDg9CKVP1DggVkcD838s//kE1Vl2DReyfAtEQ1agSXLFncgxL+yOi1o3lcq\n" - "+dmDgpDn168TY1Iug80uVKg7AfkLrA==\n" - "-----END CERTIFICATE-----\n"; + "+dmDgpDn168TY1Iug80uVKg7AfkLrA==\n" "-----END CERTIFICATE-----\n"; -void print_dn (gnutls_x509_dn_t dn) +void +print_dn (gnutls_x509_dn_t dn) { int i, j, ret = 0; gnutls_x509_ava_st ava; @@ -68,7 +68,7 @@ void print_dn (gnutls_x509_dn_t dn) for (i = 0; ret == 0; i++) for (j = 0; ret == 0; j++) { - ret = gnutls_x509_dn_get_rdn_ava(dn, i, j, &ava); + ret = gnutls_x509_dn_get_rdn_ava (dn, i, j, &ava); if (ret == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) { if (j > 0) @@ -80,9 +80,8 @@ void print_dn (gnutls_x509_dn_t dn) } if (ret < 0) fail ("get_rdn_ava %d\n", ret); - printf("dn[%d][%d] OID=%.*s\n\tDATA=%.*s\n", i, j, - ava.oid.size, ava.oid.data, - ava.value.size, ava.value.data); + printf ("dn[%d][%d] OID=%.*s\n\tDATA=%.*s\n", i, j, + ava.oid.size, ava.oid.data, ava.value.size, ava.value.data); } } @@ -90,7 +89,7 @@ void doit (void) { int ret; - gnutls_datum_t derCert = { pem, sizeof(pem) }; + gnutls_datum_t derCert = { pem, sizeof (pem) }; gnutls_x509_crt_t cert; gnutls_x509_dn_t xdn; @@ -106,14 +105,14 @@ doit (void) if (ret < 0) fail ("crt_import %d\n", ret); - ret = gnutls_x509_crt_get_issuer(cert, &xdn); + ret = gnutls_x509_crt_get_issuer (cert, &xdn); if (ret < 0) fail ("get_subject %d\n", ret); printf ("Issuer:\n"); print_dn (xdn); - ret = gnutls_x509_crt_get_subject(cert, &xdn); + ret = gnutls_x509_crt_get_subject (cert, &xdn); if (ret < 0) fail ("get_subject %d\n", ret); diff --git a/tests/gc.c b/tests/gc.c index c9839fadec..777a4a8992 100644 --- a/tests/gc.c +++ b/tests/gc.c @@ -45,9 +45,10 @@ doit (void) int err; /* XXX: We need this to fix secure memory. */ - gnutls_global_init(); + gnutls_global_init (); - err = _gnutls_hmac_fast (GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, digest); + err = + _gnutls_hmac_fast (GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, digest); if (err < 0) fail ("_gnutls_hmac_fast(MD5) failed: %d\n", err); else @@ -62,7 +63,9 @@ doit (void) } } - err = _gnutls_hmac_fast (GNUTLS_MAC_SHA1, "keykeykey", 9, "abcdefgh", 8, digest); + err = + _gnutls_hmac_fast (GNUTLS_MAC_SHA1, "keykeykey", 9, "abcdefgh", 8, + digest); if (err < 0) fail ("_gnutls_hmac_fast(SHA1) failed: %d\n", err); else @@ -93,5 +96,5 @@ doit (void) } } - gnutls_global_deinit(); + gnutls_global_deinit (); } diff --git a/tests/hostname-check/hostname-check.c b/tests/hostname-check/hostname-check.c index 33ccd41c50..22c7987cdf 100644 --- a/tests/hostname-check/hostname-check.c +++ b/tests/hostname-check/hostname-check.c @@ -86,8 +86,7 @@ char pem1[] = "6Twc+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBAHvoEWwVP/kBoPEo\n" "DGJQWPiSRPu/qyCKO4HK5Whgcd8r6FBYgjLv+25KcizJN0+IHdcbaFvbgxsa87SO\n" "4IgD4kORvtixyvJi7KH9GshBjP5TG74DyaE99K5X/ESmNLssLqdWFB+J6TrsH6Pa\n" - "16GUO3IdEnG5ZaGFokw60Szp6eoc\n" - "-----END CERTIFICATE-----\n"; + "16GUO3IdEnG5ZaGFokw60Szp6eoc\n" "-----END CERTIFICATE-----\n"; /* Certificate with CN but no SAN. */ char pem2[] = @@ -208,8 +207,7 @@ char pem3[] = "FOk8HPutkm7mBqRWLKLhwFMnyPKVMAsGCSqGSIb3DQEBBQOBgQChMLwBsw+Yf452\n" "fSOHNBV/pq6h+4d14+ga5V4DXb9EdUZP0qEoUIRJbTvgvE7eeYX64Qe3bgwUBEqC\n" "ufMiaryZFCA7SR/kl9nq63Oag6bMuFX7Uo5fhnyd+q8Ddq6X4GRQWXMimVXP2lkx\n" - "CuhtoFO8OWMurJJK6Yse0APfM7tOiA==\n" - "-----END CERTIFICATE-----\n"; + "CuhtoFO8OWMurJJK6Yse0APfM7tOiA==\n" "-----END CERTIFICATE-----\n"; /* Certificate with wildcard SAN but no CN. */ char pem4[] = @@ -382,8 +380,7 @@ char pem6[] = "FFST5lmbKDtFKTeIGK75pKu/TZkYMAsGCSqGSIb3DQEBBQOBgQAQ9PStleVvfmlK\n" "wRs8RE/oOO+ouC3qLdnumNEITMRFh8Q12/X4yMLD3CH0aQ/hvHcP26PxAWzpNutk\n" "swNx7AzsCu6pN1t1aI3jLgo8e4/zZi57e8QcRuXZPDJxtJxVhJZX/C4pSz802WhS\n" - "64NgtpHEMu9JUHFhtRwPcvVGYqPUUA==\n" - "-----END CERTIFICATE-----\n"; + "64NgtpHEMu9JUHFhtRwPcvVGYqPUUA==\n" "-----END CERTIFICATE-----\n"; /* Certificate with prefixed and suffixed wildcard SAN but no CN. */ char pem7[] = @@ -431,8 +428,7 @@ char pem7[] = "DgQWBBRUk+ZZmyg7RSk3iBiu+aSrv02ZGDALBgkqhkiG9w0BAQUDgYEAPPNe38jc\n" "8NsZQVKKLYc1Y4y8LRPhvnxkSnlcGa1RzYZY1s12BZ6OVIfyxD1Z9BcNdqRSq7bQ\n" "kEicsGp5ugGQTNq6aSlzYOUD9/fUP3jDsH7HVb36aCF3waGCQWj+pLqK0LYcW2p/\n" - "xnr5+z4YevFBhn7l/fMhg8TzKejxYm7TECg=\n" - "-----END CERTIFICATE-----\n"; + "xnr5+z4YevFBhn7l/fMhg8TzKejxYm7TECg=\n" "-----END CERTIFICATE-----\n"; /* Certificate with ending wildcard SAN but no CN. */ char pem8[] = @@ -480,8 +476,7 @@ char pem8[] = "k+ZZmyg7RSk3iBiu+aSrv02ZGDALBgkqhkiG9w0BAQUDgYEAZ7gLXtXwFW61dSAM\n" "0Qt6IN68WBH7LCzetSF8ofG1WVUImCUU3pqXhXYtPGTrswOh2AavWTRbzVTtrFvf\n" "WJg09Z7H6I70RPvAYGsK9t9qJ/4TPoYTGYQgsTbVpkv13O54O6jzemd8Zws/xMH5\n" - "7/q6C7P5OUmGOtfVe7UVDY0taQM=\n" - "-----END CERTIFICATE-----\n"; + "7/q6C7P5OUmGOtfVe7UVDY0taQM=\n" "-----END CERTIFICATE-----\n"; void diff --git a/tests/mini.c b/tests/mini.c index 0a638e075d..2d64fb3c62 100644 --- a/tests/mini.c +++ b/tests/mini.c @@ -179,21 +179,23 @@ doit (void) gnutls_transport_set_push_function (client, client_push); gnutls_transport_set_pull_function (client, client_pull); - do { - if (cret == GNUTLS_E_AGAIN) - { - success ("loop invoking client:\n"); - cret = gnutls_handshake (client); - success ("client %d: %s\n", cret, gnutls_strerror (cret)); - } - - if (sret == GNUTLS_E_AGAIN) - { - success ("loop invoking server:\n"); - sret = gnutls_handshake (server); - success ("server %d: %s\n", sret, gnutls_strerror (sret)); - } - } while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN); + do + { + if (cret == GNUTLS_E_AGAIN) + { + success ("loop invoking client:\n"); + cret = gnutls_handshake (client); + success ("client %d: %s\n", cret, gnutls_strerror (cret)); + } + + if (sret == GNUTLS_E_AGAIN) + { + success ("loop invoking server:\n"); + sret = gnutls_handshake (server); + success ("server %d: %s\n", sret, gnutls_strerror (sret)); + } + } + while (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN); success ("Handshake established\n"); diff --git a/tests/moredn.c b/tests/moredn.c index c98153f28b..630db7ca5e 100644 --- a/tests/moredn.c +++ b/tests/moredn.c @@ -50,10 +50,10 @@ static const char cert_pem[] = "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" - "-----END CERTIFICATE-----\n"; -static const gnutls_datum_t cert_datum = { (char *)cert_pem, - sizeof (cert_pem) }; + "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; +static const gnutls_datum_t cert_datum = { (char *) cert_pem, + sizeof (cert_pem) +}; void doit (void) @@ -67,7 +67,7 @@ doit (void) gnutls_global_init (); - if (gnutls_x509_crt_init(&cert) == 0) + if (gnutls_x509_crt_init (&cert) == 0) success ("success: cert init\n"); else fail ("cert init failure\n"); @@ -87,8 +87,7 @@ doit (void) if (rv == 0) success ("success: exported subject DN.\n"); else - fail ("FAIL: could not export subject DN: %s\n", - gnutls_strerror (rv)); + fail ("FAIL: could not export subject DN: %s\n", gnutls_strerror (rv)); if (gnutls_x509_dn_init (&dn2) == 0) success ("success: init DN.\n"); @@ -108,8 +107,7 @@ doit (void) if (rv == 0) success ("success: exported subject DN.\n"); else - fail ("FAIL: could not export subject DN: %s\n", - gnutls_strerror (rv)); + fail ("FAIL: could not export subject DN: %s\n", gnutls_strerror (rv)); if (buflen == buf2len && memcmp (buf, buf2, buflen) == 0) success ("success: export/import/export match.\n"); diff --git a/tests/mpi.c b/tests/mpi.c index c33b446e0a..ba47377d91 100644 --- a/tests/mpi.c +++ b/tests/mpi.c @@ -37,43 +37,43 @@ tls_log_func (int level, const char *str) fprintf (stderr, "|<%d>| %s", level, str); } -#define RND_BITS 510 /* not multiple of 8 */ +#define RND_BITS 510 /* not multiple of 8 */ void doit (void) { int rc; bigint_t n1, n2, n3, n4; - gnutls_global_init(); + gnutls_global_init (); gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (99); - - n1 = _gnutls_mpi_new(1000); + + n1 = _gnutls_mpi_new (1000); if (n1 == NULL) fail ("mpi_new failed\n"); - n2 = _gnutls_mpi_set_ui( NULL, 2); + n2 = _gnutls_mpi_set_ui (NULL, 2); if (n2 == NULL) fail ("mpi_set_ui failed\n"); - n3 = _gnutls_mpi_set_ui( NULL, 5); + n3 = _gnutls_mpi_set_ui (NULL, 5); if (n3 == NULL) fail ("mpi_set_ui failed\n"); - _gnutls_mpi_randomize(n1, RND_BITS, GNUTLS_RND_NONCE); - - _gnutls_dump_mpi ( "rand:", n1); - - rc = _gnutls_mpi_get_nbits(n1); + _gnutls_mpi_randomize (n1, RND_BITS, GNUTLS_RND_NONCE); + + _gnutls_dump_mpi ("rand:", n1); + + rc = _gnutls_mpi_get_nbits (n1); if (rc > RND_BITS) fail ("mpi_get_nbits failed... returned %d\n", rc); - - n4 = _gnutls_mpi_addm( NULL, n1, n3, n2); + + n4 = _gnutls_mpi_addm (NULL, n1, n3, n2); if (n4 == NULL) fail ("mpi_set_ui failed\n"); - if (_gnutls_mpi_cmp_ui(n4, 0)!=0 && _gnutls_mpi_cmp_ui(n4, 1)!=0) + if (_gnutls_mpi_cmp_ui (n4, 0) != 0 && _gnutls_mpi_cmp_ui (n4, 1) != 0) fail ("mpi_cmp_ui failed\n"); success ("mpi ops ok\n"); diff --git a/tests/openpgp/keyring.c b/tests/openpgp/keyring.c index 1edef2337b..8b5e259e4f 100644 --- a/tests/openpgp/keyring.c +++ b/tests/openpgp/keyring.c @@ -34,149 +34,153 @@ /* A hex-encoded raw OpenPGP keyring. This is a copy of (`sha1sum' output): 5fdce61bff528070dfabdd237d91be618c353b4e src/openpgp/cli_ring.gpg */ static unsigned char raw_keyring[] = { -0x99, 0x01, 0xA2, 0x04, 0x3C, 0x67, 0x95, 0x8D, 0x11, 0x04, 0x00, 0x80, -0xB1, 0x65, 0x21, 0x8B, 0xF8, 0x28, 0x06, 0xFA, 0x6F, 0x4C, 0x18, 0x0B, -0xF1, 0xF1, 0x4F, 0xC0, 0x10, 0x2E, 0x0F, 0x4E, 0x15, 0x60, 0x51, 0x2D, -0x0B, 0xBF, 0xB8, 0xA4, 0x1A, 0x7A, 0x90, 0x5B, 0x07, 0x8D, 0x44, 0x7B, -0x4D, 0x35, 0x24, 0x06, 0xC3, 0xA4, 0xD8, 0xFB, 0xCC, 0x1E, 0xB0, 0xDD, -0xBF, 0x4F, 0x82, 0xE3, 0x1D, 0x82, 0x1F, 0xC6, 0x06, 0x3F, 0x57, 0xBE, -0x3B, 0x47, 0xF6, 0xC8, 0xB5, 0xA4, 0xF1, 0x4B, 0xBE, 0x92, 0x41, 0x75, -0xDB, 0x28, 0xAA, 0x6D, 0xBB, 0xC3, 0x12, 0x20, 0x9D, 0x78, 0x94, 0xFA, -0x73, 0x7B, 0xC8, 0xB2, 0xD6, 0x3C, 0xBC, 0x9F, 0x49, 0xB2, 0x8E, 0x60, -0xFC, 0xB0, 0x7C, 0x5E, 0x08, 0x2A, 0xF3, 0xC4, 0x7B, 0x8D, 0x71, 0x52, -0xDE, 0x11, 0xFE, 0x58, 0x2E, 0x6F, 0xFF, 0xA3, 0xFA, 0x48, 0x04, 0x5F, -0xCD, 0x79, 0x78, 0xE7, 0xB7, 0x15, 0x7B, 0x00, 0xA0, 0xBF, 0x14, 0x9F, -0x1A, 0xC9, 0xBD, 0x98, 0x5A, 0x2C, 0xA4, 0x9D, 0x01, 0xDD, 0x11, 0xB2, -0x83, 0x93, 0x01, 0xD1, 0xDF, 0x03, 0xFD, 0x14, 0x10, 0xAF, 0x22, 0x42, -0x19, 0xD4, 0x76, 0x9C, 0xB7, 0xB8, 0x55, 0xF7, 0x2D, 0x3C, 0xBD, 0x90, -0x04, 0x3F, 0xF5, 0x5E, 0x1B, 0x6E, 0x6E, 0xA1, 0x1B, 0x7A, 0xD6, 0x95, -0x3F, 0x1B, 0x2C, 0xAA, 0xB2, 0x5D, 0x03, 0xE7, 0xA9, 0x94, 0x14, 0x53, -0xED, 0x41, 0xE8, 0x91, 0x20, 0x5A, 0x84, 0xCF, 0x20, 0x99, 0x29, 0x8D, -0xB9, 0x2A, 0xCB, 0x0E, 0xE8, 0xCF, 0x7C, 0x4B, 0x5A, 0x32, 0x0E, 0x98, -0x22, 0x40, 0x7E, 0x2A, 0xAD, 0x15, 0x78, 0x92, 0xC4, 0xD1, 0xC5, 0xD3, -0x64, 0x81, 0xF6, 0xF4, 0xA2, 0x65, 0x23, 0xFA, 0xA4, 0xD7, 0x11, 0xB8, -0x2B, 0xB0, 0xFA, 0x07, 0x47, 0x0A, 0x68, 0x70, 0xBF, 0x2F, 0x80, 0x48, -0xA0, 0xA7, 0x10, 0x2C, 0x9C, 0xDF, 0x4C, 0x83, 0xF0, 0xDD, 0xFA, 0xD2, -0xE2, 0x35, 0x5E, 0x35, 0xA4, 0x19, 0x34, 0x74, 0x95, 0xA9, 0x9F, 0x3F, -0x56, 0x63, 0x8C, 0x03, 0xFF, 0x6B, 0x90, 0xDB, 0x5C, 0x71, 0x0E, 0x11, -0x55, 0xDF, 0x56, 0x4C, 0x5A, 0x07, 0x2A, 0xF4, 0xF8, 0xBD, 0xF8, 0x88, -0x48, 0x43, 0x88, 0xCC, 0xA1, 0xA6, 0x70, 0x16, 0x3D, 0x1F, 0x29, 0xAA, -0xEC, 0xC0, 0x9C, 0x8B, 0x79, 0x8D, 0x7B, 0x80, 0x83, 0x22, 0x69, 0x2F, -0x66, 0x09, 0xE3, 0x0E, 0x52, 0x40, 0x33, 0xDD, 0x42, 0x5F, 0x53, 0x83, -0xB6, 0x13, 0xCB, 0x06, 0xAB, 0xF2, 0x86, 0x73, 0x21, 0x87, 0x10, 0xE7, -0x68, 0x39, 0x78, 0x36, 0x1E, 0x36, 0xB8, 0xF3, 0x12, 0xAF, 0xD2, 0x44, -0x5B, 0x62, 0x30, 0xA0, 0x86, 0xC5, 0x9D, 0xED, 0x74, 0x8A, 0x11, 0x93, -0x3B, 0x89, 0x41, 0x4B, 0x50, 0xB6, 0xF1, 0x47, 0xD2, 0x18, 0x43, 0x26, -0xFF, 0xC2, 0x41, 0x32, 0xDC, 0x40, 0x8D, 0xB6, 0x32, 0xDC, 0x16, 0x33, -0x52, 0xD0, 0x8C, 0x03, 0xE6, 0xC6, 0x04, 0x6E, 0x95, 0xA1, 0xEE, 0x62, -0xE4, 0xB4, 0x25, 0x44, 0x72, 0x2E, 0x20, 0x57, 0x68, 0x6F, 0x20, 0x28, -0x4E, 0x6F, 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x73, 0x29, -0x20, 0x3C, 0x77, 0x68, 0x6F, 0x40, 0x77, 0x68, 0x6F, 0x69, 0x73, 0x2E, -0x6F, 0x72, 0x67, 0x3E, 0x88, 0x5D, 0x04, 0x13, 0x11, 0x02, 0x00, 0x1D, -0x05, 0x02, 0x3C, 0x67, 0x95, 0x8D, 0x05, 0x09, 0x03, 0xC2, 0x67, 0x00, -0x05, 0x0B, 0x07, 0x0A, 0x03, 0x04, 0x03, 0x15, 0x03, 0x02, 0x03, 0x16, -0x02, 0x01, 0x02, 0x17, 0x80, 0x00, 0x0A, 0x09, 0x10, 0x35, 0x14, 0x5C, -0xEA, 0xA7, 0xD9, 0x3C, 0x3F, 0x96, 0x58, 0x00, 0x9F, 0x78, 0x99, 0xCB, -0xC9, 0xF6, 0xE9, 0x4C, 0x30, 0x7B, 0x98, 0x38, 0x77, 0x68, 0x04, 0xDB, -0xFB, 0x43, 0xD7, 0xCF, 0x6F, 0x00, 0xA0, 0xA4, 0x5D, 0x02, 0x90, 0x55, -0x33, 0xA0, 0x6D, 0xCB, 0xEB, 0xD6, 0xC9, 0x71, 0xFA, 0x1D, 0xF1, 0x7A, -0x65, 0x38, 0xFE, 0x99, 0x01, 0xA2, 0x04, 0x3C, 0x4A, 0xC5, 0x6C, 0x11, -0x04, 0x00, 0xE7, 0x2E, 0x76, 0xB6, 0x2E, 0xEF, 0xA9, 0xA3, 0xBD, 0x59, -0x40, 0x93, 0x29, 0x24, 0x18, 0x05, 0x0C, 0x02, 0xD7, 0x02, 0x9D, 0x6C, -0xA2, 0x06, 0x6E, 0xFC, 0x34, 0xC8, 0x60, 0x38, 0x62, 0x7C, 0x64, 0x3E, -0xB1, 0xA6, 0x52, 0xA7, 0xAF, 0x1D, 0x37, 0xCF, 0x46, 0xFC, 0x50, 0x5A, -0xC1, 0xE0, 0xC6, 0x99, 0xB3, 0x78, 0x95, 0xB4, 0xBC, 0xB3, 0xE5, 0x35, -0x41, 0xFF, 0xDA, 0x47, 0x66, 0xD6, 0x16, 0x8C, 0x2B, 0x8A, 0xAF, 0xD6, -0xAB, 0x22, 0x46, 0x6D, 0x06, 0xD1, 0x80, 0x34, 0xD5, 0xDA, 0xC6, 0x98, -0xE6, 0x99, 0x3B, 0xA5, 0xB3, 0x50, 0xFF, 0x82, 0x2E, 0x1C, 0xD8, 0x70, -0x2A, 0x75, 0x11, 0x4E, 0x8B, 0x73, 0xA6, 0xB0, 0x9C, 0xB3, 0xB9, 0x3C, -0xE4, 0x4D, 0xBB, 0x51, 0x6C, 0x9B, 0xB5, 0xF9, 0x5B, 0xB6, 0x66, 0x18, -0x86, 0x02, 0xA0, 0xA1, 0x44, 0x72, 0x36, 0xC0, 0x65, 0x8F, 0x00, 0xA0, -0x8F, 0x5B, 0x5E, 0x78, 0xD8, 0x5F, 0x79, 0x2C, 0xC2, 0x07, 0x2F, 0x94, -0x74, 0x64, 0x57, 0x26, 0xFB, 0x4D, 0x93, 0x73, 0x03, 0xFE, 0x35, 0x78, -0xD6, 0x89, 0xD6, 0x60, 0x6E, 0x91, 0x18, 0xE9, 0xF9, 0xA7, 0x04, 0x2B, -0x96, 0x3C, 0xF2, 0x3F, 0x3D, 0x8F, 0x13, 0x77, 0xA2, 0x73, 0xC0, 0xF0, -0x97, 0x4D, 0xBF, 0x44, 0xB3, 0xCA, 0xBC, 0xBE, 0x14, 0xDD, 0x64, 0x41, -0x25, 0x55, 0x86, 0x3E, 0x39, 0xA9, 0xC6, 0x27, 0x66, 0x2D, 0x77, 0xAC, -0x36, 0x66, 0x2A, 0xE4, 0x49, 0x79, 0x2C, 0x32, 0x62, 0xD3, 0xF1, 0x2E, -0x98, 0x32, 0xA7, 0x56, 0x53, 0x09, 0xD6, 0x7B, 0xA0, 0xAE, 0x4D, 0xF2, -0x5F, 0x5E, 0xDA, 0x09, 0x37, 0x05, 0x6A, 0xD5, 0xBE, 0x89, 0xF4, 0x06, -0x9E, 0xBD, 0x7E, 0xC7, 0x6C, 0xE4, 0x32, 0x44, 0x1D, 0xF5, 0xD5, 0x2F, -0xFF, 0xD0, 0x6D, 0x39, 0xE5, 0xF6, 0x1E, 0x36, 0x94, 0x7B, 0x69, 0x8A, -0x77, 0xCB, 0x62, 0xAB, 0x81, 0xE4, 0xA4, 0x12, 0x2B, 0xF9, 0x05, 0x06, -0x71, 0xD9, 0x94, 0x6C, 0x86, 0x5E, 0x04, 0x00, 0xD0, 0x61, 0x43, 0x7A, -0x96, 0x4D, 0xDE, 0x31, 0x88, 0x18, 0xC2, 0xB2, 0x4D, 0xE0, 0x08, 0xE6, -0x00, 0x96, 0xB6, 0x0D, 0xB8, 0xA6, 0x84, 0xB8, 0x5A, 0x83, 0x8D, 0x11, -0x9F, 0xC9, 0x30, 0x31, 0x18, 0x89, 0xAD, 0x57, 0xA3, 0xB9, 0x27, 0xF4, -0x48, 0xF8, 0x4E, 0xB2, 0x53, 0xC6, 0x23, 0xED, 0xA7, 0x3B, 0x42, 0xFF, -0x78, 0xBC, 0xE6, 0x3A, 0x6A, 0x53, 0x1D, 0x75, 0xA6, 0x4C, 0xE8, 0x54, -0x05, 0x13, 0x80, 0x8E, 0x9F, 0x5B, 0x10, 0xCE, 0x07, 0x5D, 0x34, 0x17, -0xB8, 0x01, 0x16, 0x49, 0x18, 0xB1, 0x31, 0xD3, 0x54, 0x4C, 0x87, 0x65, -0xA8, 0xEC, 0xB9, 0x97, 0x1F, 0x61, 0xA0, 0x9F, 0xC7, 0x3D, 0x50, 0x98, -0x06, 0x10, 0x6B, 0x59, 0x77, 0xD2, 0x11, 0xCB, 0x0E, 0x1D, 0x04, 0xD0, -0xED, 0x96, 0xBC, 0xE8, 0x9B, 0xAE, 0x8F, 0x73, 0xD8, 0x00, 0xB0, 0x52, -0x13, 0x9C, 0xBF, 0x8D, 0xB4, 0x49, 0x4F, 0x70, 0x65, 0x6E, 0x43, 0x44, -0x4B, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x6B, 0x65, 0x79, 0x20, 0x28, -0x4F, 0x6E, 0x6C, 0x79, 0x20, 0x69, 0x6E, 0x74, 0x65, 0x6E, 0x64, 0x65, -0x64, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x70, -0x75, 0x72, 0x70, 0x6F, 0x73, 0x65, 0x73, 0x21, 0x29, 0x20, 0x3C, 0x6F, -0x70, 0x65, 0x6E, 0x63, 0x64, 0x6B, 0x40, 0x66, 0x6F, 0x6F, 0x2D, 0x62, -0x61, 0x72, 0x2E, 0x6F, 0x72, 0x67, 0x3E, 0x88, 0x62, 0x04, 0x13, 0x11, -0x02, 0x00, 0x1A, 0x05, 0x02, 0x3C, 0x4A, 0xC5, 0x6C, 0x05, 0x0B, 0x07, -0x0A, 0x03, 0x04, 0x03, 0x15, 0x03, 0x02, 0x03, 0x16, 0x02, 0x01, 0x02, -0x1E, 0x01, 0x02, 0x17, 0x80, 0x00, 0x12, 0x09, 0x10, 0xBD, 0x57, 0x2C, -0xDC, 0xCC, 0xC0, 0x7C, 0x35, 0x07, 0x65, 0x47, 0x50, 0x47, 0x00, 0x01, -0x01, 0x81, 0xC1, 0x00, 0x9C, 0x0E, 0x12, 0x8D, 0x8E, 0xD4, 0x44, 0x7C, -0x6D, 0xCB, 0xCE, 0x61, 0x50, 0xD9, 0xCD, 0x86, 0xE2, 0x0D, 0x84, 0x59, -0xA5, 0x00, 0x9F, 0x66, 0x81, 0x66, 0x2C, 0x80, 0xC6, 0xAA, 0xCF, 0x1D, -0x2D, 0x2B, 0xC2, 0x04, 0xF0, 0x82, 0xFE, 0x80, 0xD3, 0xDB, 0xA4, 0xB9, -0x01, 0x0D, 0x04, 0x3C, 0x4A, 0xC5, 0x6F, 0x10, 0x04, 0x00, 0xE2, 0x01, -0x56, 0x52, 0x60, 0x69, 0xD0, 0x67, 0xD2, 0x4F, 0x4D, 0x71, 0xE6, 0xD3, -0x86, 0x58, 0xE0, 0x8B, 0xE3, 0xBF, 0x24, 0x6C, 0x1A, 0xDC, 0xE0, 0x8D, -0xB6, 0x9C, 0xD8, 0xD4, 0x59, 0xC1, 0xED, 0x33, 0x57, 0x38, 0x41, 0x07, -0x98, 0x75, 0x5A, 0xFD, 0xB7, 0x9F, 0x17, 0x97, 0xCF, 0x02, 0x2E, 0x70, -0xC7, 0x96, 0x0F, 0x12, 0xCA, 0x68, 0x96, 0xD2, 0x7C, 0xFD, 0x24, 0xA1, -0x1C, 0xD3, 0x16, 0xDD, 0xE1, 0xFB, 0xCC, 0x1E, 0xA6, 0x15, 0xC5, 0xC3, -0x1F, 0xEC, 0x65, 0x6E, 0x46, 0x70, 0x78, 0xC8, 0x75, 0xFC, 0x50, 0x9B, -0x1E, 0xCB, 0x99, 0xC8, 0xB5, 0x6C, 0x2D, 0x87, 0x5C, 0x50, 0xE2, 0x01, -0x8B, 0x5B, 0x0F, 0xA3, 0x78, 0x60, 0x6E, 0xB6, 0x42, 0x5A, 0x25, 0x33, -0x83, 0x0F, 0x55, 0xFD, 0x21, 0xD6, 0x49, 0x01, 0x56, 0x15, 0xD4, 0x9A, -0x1D, 0x09, 0xE9, 0x51, 0x0F, 0x5F, 0x00, 0x03, 0x05, 0x04, 0x00, 0xD0, -0xBD, 0xAD, 0xE4, 0x04, 0x32, 0x75, 0x86, 0x75, 0xC8, 0x7D, 0x07, 0x30, -0xC3, 0x60, 0x98, 0x14, 0x67, 0xBA, 0xE1, 0xBE, 0xB6, 0xCC, 0x10, 0x5A, -0x3C, 0x1F, 0x36, 0x6B, 0xFD, 0xBE, 0xA1, 0x2E, 0x37, 0x84, 0x56, 0x51, -0x32, 0x38, 0xB8, 0xAD, 0x41, 0x4E, 0x52, 0xA2, 0xA9, 0x66, 0x1D, 0x1D, -0xF1, 0xDB, 0x6B, 0xB5, 0xF3, 0x3F, 0x69, 0x06, 0x16, 0x61, 0x07, 0x55, -0x6C, 0x81, 0x32, 0x24, 0x33, 0x0B, 0x30, 0x93, 0x2D, 0xB7, 0xC8, 0xCC, -0x82, 0x25, 0x67, 0x2D, 0x7A, 0xE2, 0x4A, 0xF2, 0x46, 0x97, 0x50, 0xE5, -0x39, 0xB6, 0x61, 0xEA, 0x64, 0x75, 0xD2, 0xE0, 0x3C, 0xD8, 0xD3, 0x83, -0x8D, 0xC4, 0xA8, 0xAC, 0x4A, 0xFD, 0x21, 0x35, 0x36, 0xFE, 0x3E, 0x96, -0xEC, 0x9D, 0x0A, 0xEA, 0x65, 0x16, 0x4B, 0x57, 0x6E, 0x01, 0xB3, 0x7A, -0x8D, 0xCA, 0x89, 0xF2, 0xB2, 0x57, 0xD0, 0x88, 0x4E, 0x04, 0x18, 0x11, -0x02, 0x00, 0x06, 0x05, 0x02, 0x3C, 0x4A, 0xC5, 0x6F, 0x00, 0x12, 0x09, -0x10, 0xBD, 0x57, 0x2C, 0xDC, 0xCC, 0xC0, 0x7C, 0x35, 0x07, 0x65, 0x47, -0x50, 0x47, 0x00, 0x01, 0x01, 0x75, 0x66, 0x00, 0x9F, 0x60, 0x1E, 0x1F, -0x99, 0xE0, 0xB0, 0x7C, 0x77, 0xE6, 0x7F, 0x3E, 0xEC, 0xA1, 0xE1, 0x9F, -0x94, 0x63, 0xD3, 0x73, 0x67, 0x00, 0x9F, 0x6A, 0xC6, 0x9E, 0xB4, 0x11, -0x9A, 0x6F, 0xFB, 0xF4, 0x49, 0xE7, 0xD1, 0x54, 0xD8, 0x2E, 0x05, 0xD4, -0x08, 0x61, 0xDB }; + 0x99, 0x01, 0xA2, 0x04, 0x3C, 0x67, 0x95, 0x8D, 0x11, 0x04, 0x00, 0x80, + 0xB1, 0x65, 0x21, 0x8B, 0xF8, 0x28, 0x06, 0xFA, 0x6F, 0x4C, 0x18, 0x0B, + 0xF1, 0xF1, 0x4F, 0xC0, 0x10, 0x2E, 0x0F, 0x4E, 0x15, 0x60, 0x51, 0x2D, + 0x0B, 0xBF, 0xB8, 0xA4, 0x1A, 0x7A, 0x90, 0x5B, 0x07, 0x8D, 0x44, 0x7B, + 0x4D, 0x35, 0x24, 0x06, 0xC3, 0xA4, 0xD8, 0xFB, 0xCC, 0x1E, 0xB0, 0xDD, + 0xBF, 0x4F, 0x82, 0xE3, 0x1D, 0x82, 0x1F, 0xC6, 0x06, 0x3F, 0x57, 0xBE, + 0x3B, 0x47, 0xF6, 0xC8, 0xB5, 0xA4, 0xF1, 0x4B, 0xBE, 0x92, 0x41, 0x75, + 0xDB, 0x28, 0xAA, 0x6D, 0xBB, 0xC3, 0x12, 0x20, 0x9D, 0x78, 0x94, 0xFA, + 0x73, 0x7B, 0xC8, 0xB2, 0xD6, 0x3C, 0xBC, 0x9F, 0x49, 0xB2, 0x8E, 0x60, + 0xFC, 0xB0, 0x7C, 0x5E, 0x08, 0x2A, 0xF3, 0xC4, 0x7B, 0x8D, 0x71, 0x52, + 0xDE, 0x11, 0xFE, 0x58, 0x2E, 0x6F, 0xFF, 0xA3, 0xFA, 0x48, 0x04, 0x5F, + 0xCD, 0x79, 0x78, 0xE7, 0xB7, 0x15, 0x7B, 0x00, 0xA0, 0xBF, 0x14, 0x9F, + 0x1A, 0xC9, 0xBD, 0x98, 0x5A, 0x2C, 0xA4, 0x9D, 0x01, 0xDD, 0x11, 0xB2, + 0x83, 0x93, 0x01, 0xD1, 0xDF, 0x03, 0xFD, 0x14, 0x10, 0xAF, 0x22, 0x42, + 0x19, 0xD4, 0x76, 0x9C, 0xB7, 0xB8, 0x55, 0xF7, 0x2D, 0x3C, 0xBD, 0x90, + 0x04, 0x3F, 0xF5, 0x5E, 0x1B, 0x6E, 0x6E, 0xA1, 0x1B, 0x7A, 0xD6, 0x95, + 0x3F, 0x1B, 0x2C, 0xAA, 0xB2, 0x5D, 0x03, 0xE7, 0xA9, 0x94, 0x14, 0x53, + 0xED, 0x41, 0xE8, 0x91, 0x20, 0x5A, 0x84, 0xCF, 0x20, 0x99, 0x29, 0x8D, + 0xB9, 0x2A, 0xCB, 0x0E, 0xE8, 0xCF, 0x7C, 0x4B, 0x5A, 0x32, 0x0E, 0x98, + 0x22, 0x40, 0x7E, 0x2A, 0xAD, 0x15, 0x78, 0x92, 0xC4, 0xD1, 0xC5, 0xD3, + 0x64, 0x81, 0xF6, 0xF4, 0xA2, 0x65, 0x23, 0xFA, 0xA4, 0xD7, 0x11, 0xB8, + 0x2B, 0xB0, 0xFA, 0x07, 0x47, 0x0A, 0x68, 0x70, 0xBF, 0x2F, 0x80, 0x48, + 0xA0, 0xA7, 0x10, 0x2C, 0x9C, 0xDF, 0x4C, 0x83, 0xF0, 0xDD, 0xFA, 0xD2, + 0xE2, 0x35, 0x5E, 0x35, 0xA4, 0x19, 0x34, 0x74, 0x95, 0xA9, 0x9F, 0x3F, + 0x56, 0x63, 0x8C, 0x03, 0xFF, 0x6B, 0x90, 0xDB, 0x5C, 0x71, 0x0E, 0x11, + 0x55, 0xDF, 0x56, 0x4C, 0x5A, 0x07, 0x2A, 0xF4, 0xF8, 0xBD, 0xF8, 0x88, + 0x48, 0x43, 0x88, 0xCC, 0xA1, 0xA6, 0x70, 0x16, 0x3D, 0x1F, 0x29, 0xAA, + 0xEC, 0xC0, 0x9C, 0x8B, 0x79, 0x8D, 0x7B, 0x80, 0x83, 0x22, 0x69, 0x2F, + 0x66, 0x09, 0xE3, 0x0E, 0x52, 0x40, 0x33, 0xDD, 0x42, 0x5F, 0x53, 0x83, + 0xB6, 0x13, 0xCB, 0x06, 0xAB, 0xF2, 0x86, 0x73, 0x21, 0x87, 0x10, 0xE7, + 0x68, 0x39, 0x78, 0x36, 0x1E, 0x36, 0xB8, 0xF3, 0x12, 0xAF, 0xD2, 0x44, + 0x5B, 0x62, 0x30, 0xA0, 0x86, 0xC5, 0x9D, 0xED, 0x74, 0x8A, 0x11, 0x93, + 0x3B, 0x89, 0x41, 0x4B, 0x50, 0xB6, 0xF1, 0x47, 0xD2, 0x18, 0x43, 0x26, + 0xFF, 0xC2, 0x41, 0x32, 0xDC, 0x40, 0x8D, 0xB6, 0x32, 0xDC, 0x16, 0x33, + 0x52, 0xD0, 0x8C, 0x03, 0xE6, 0xC6, 0x04, 0x6E, 0x95, 0xA1, 0xEE, 0x62, + 0xE4, 0xB4, 0x25, 0x44, 0x72, 0x2E, 0x20, 0x57, 0x68, 0x6F, 0x20, 0x28, + 0x4E, 0x6F, 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x73, 0x29, + 0x20, 0x3C, 0x77, 0x68, 0x6F, 0x40, 0x77, 0x68, 0x6F, 0x69, 0x73, 0x2E, + 0x6F, 0x72, 0x67, 0x3E, 0x88, 0x5D, 0x04, 0x13, 0x11, 0x02, 0x00, 0x1D, + 0x05, 0x02, 0x3C, 0x67, 0x95, 0x8D, 0x05, 0x09, 0x03, 0xC2, 0x67, 0x00, + 0x05, 0x0B, 0x07, 0x0A, 0x03, 0x04, 0x03, 0x15, 0x03, 0x02, 0x03, 0x16, + 0x02, 0x01, 0x02, 0x17, 0x80, 0x00, 0x0A, 0x09, 0x10, 0x35, 0x14, 0x5C, + 0xEA, 0xA7, 0xD9, 0x3C, 0x3F, 0x96, 0x58, 0x00, 0x9F, 0x78, 0x99, 0xCB, + 0xC9, 0xF6, 0xE9, 0x4C, 0x30, 0x7B, 0x98, 0x38, 0x77, 0x68, 0x04, 0xDB, + 0xFB, 0x43, 0xD7, 0xCF, 0x6F, 0x00, 0xA0, 0xA4, 0x5D, 0x02, 0x90, 0x55, + 0x33, 0xA0, 0x6D, 0xCB, 0xEB, 0xD6, 0xC9, 0x71, 0xFA, 0x1D, 0xF1, 0x7A, + 0x65, 0x38, 0xFE, 0x99, 0x01, 0xA2, 0x04, 0x3C, 0x4A, 0xC5, 0x6C, 0x11, + 0x04, 0x00, 0xE7, 0x2E, 0x76, 0xB6, 0x2E, 0xEF, 0xA9, 0xA3, 0xBD, 0x59, + 0x40, 0x93, 0x29, 0x24, 0x18, 0x05, 0x0C, 0x02, 0xD7, 0x02, 0x9D, 0x6C, + 0xA2, 0x06, 0x6E, 0xFC, 0x34, 0xC8, 0x60, 0x38, 0x62, 0x7C, 0x64, 0x3E, + 0xB1, 0xA6, 0x52, 0xA7, 0xAF, 0x1D, 0x37, 0xCF, 0x46, 0xFC, 0x50, 0x5A, + 0xC1, 0xE0, 0xC6, 0x99, 0xB3, 0x78, 0x95, 0xB4, 0xBC, 0xB3, 0xE5, 0x35, + 0x41, 0xFF, 0xDA, 0x47, 0x66, 0xD6, 0x16, 0x8C, 0x2B, 0x8A, 0xAF, 0xD6, + 0xAB, 0x22, 0x46, 0x6D, 0x06, 0xD1, 0x80, 0x34, 0xD5, 0xDA, 0xC6, 0x98, + 0xE6, 0x99, 0x3B, 0xA5, 0xB3, 0x50, 0xFF, 0x82, 0x2E, 0x1C, 0xD8, 0x70, + 0x2A, 0x75, 0x11, 0x4E, 0x8B, 0x73, 0xA6, 0xB0, 0x9C, 0xB3, 0xB9, 0x3C, + 0xE4, 0x4D, 0xBB, 0x51, 0x6C, 0x9B, 0xB5, 0xF9, 0x5B, 0xB6, 0x66, 0x18, + 0x86, 0x02, 0xA0, 0xA1, 0x44, 0x72, 0x36, 0xC0, 0x65, 0x8F, 0x00, 0xA0, + 0x8F, 0x5B, 0x5E, 0x78, 0xD8, 0x5F, 0x79, 0x2C, 0xC2, 0x07, 0x2F, 0x94, + 0x74, 0x64, 0x57, 0x26, 0xFB, 0x4D, 0x93, 0x73, 0x03, 0xFE, 0x35, 0x78, + 0xD6, 0x89, 0xD6, 0x60, 0x6E, 0x91, 0x18, 0xE9, 0xF9, 0xA7, 0x04, 0x2B, + 0x96, 0x3C, 0xF2, 0x3F, 0x3D, 0x8F, 0x13, 0x77, 0xA2, 0x73, 0xC0, 0xF0, + 0x97, 0x4D, 0xBF, 0x44, 0xB3, 0xCA, 0xBC, 0xBE, 0x14, 0xDD, 0x64, 0x41, + 0x25, 0x55, 0x86, 0x3E, 0x39, 0xA9, 0xC6, 0x27, 0x66, 0x2D, 0x77, 0xAC, + 0x36, 0x66, 0x2A, 0xE4, 0x49, 0x79, 0x2C, 0x32, 0x62, 0xD3, 0xF1, 0x2E, + 0x98, 0x32, 0xA7, 0x56, 0x53, 0x09, 0xD6, 0x7B, 0xA0, 0xAE, 0x4D, 0xF2, + 0x5F, 0x5E, 0xDA, 0x09, 0x37, 0x05, 0x6A, 0xD5, 0xBE, 0x89, 0xF4, 0x06, + 0x9E, 0xBD, 0x7E, 0xC7, 0x6C, 0xE4, 0x32, 0x44, 0x1D, 0xF5, 0xD5, 0x2F, + 0xFF, 0xD0, 0x6D, 0x39, 0xE5, 0xF6, 0x1E, 0x36, 0x94, 0x7B, 0x69, 0x8A, + 0x77, 0xCB, 0x62, 0xAB, 0x81, 0xE4, 0xA4, 0x12, 0x2B, 0xF9, 0x05, 0x06, + 0x71, 0xD9, 0x94, 0x6C, 0x86, 0x5E, 0x04, 0x00, 0xD0, 0x61, 0x43, 0x7A, + 0x96, 0x4D, 0xDE, 0x31, 0x88, 0x18, 0xC2, 0xB2, 0x4D, 0xE0, 0x08, 0xE6, + 0x00, 0x96, 0xB6, 0x0D, 0xB8, 0xA6, 0x84, 0xB8, 0x5A, 0x83, 0x8D, 0x11, + 0x9F, 0xC9, 0x30, 0x31, 0x18, 0x89, 0xAD, 0x57, 0xA3, 0xB9, 0x27, 0xF4, + 0x48, 0xF8, 0x4E, 0xB2, 0x53, 0xC6, 0x23, 0xED, 0xA7, 0x3B, 0x42, 0xFF, + 0x78, 0xBC, 0xE6, 0x3A, 0x6A, 0x53, 0x1D, 0x75, 0xA6, 0x4C, 0xE8, 0x54, + 0x05, 0x13, 0x80, 0x8E, 0x9F, 0x5B, 0x10, 0xCE, 0x07, 0x5D, 0x34, 0x17, + 0xB8, 0x01, 0x16, 0x49, 0x18, 0xB1, 0x31, 0xD3, 0x54, 0x4C, 0x87, 0x65, + 0xA8, 0xEC, 0xB9, 0x97, 0x1F, 0x61, 0xA0, 0x9F, 0xC7, 0x3D, 0x50, 0x98, + 0x06, 0x10, 0x6B, 0x59, 0x77, 0xD2, 0x11, 0xCB, 0x0E, 0x1D, 0x04, 0xD0, + 0xED, 0x96, 0xBC, 0xE8, 0x9B, 0xAE, 0x8F, 0x73, 0xD8, 0x00, 0xB0, 0x52, + 0x13, 0x9C, 0xBF, 0x8D, 0xB4, 0x49, 0x4F, 0x70, 0x65, 0x6E, 0x43, 0x44, + 0x4B, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x6B, 0x65, 0x79, 0x20, 0x28, + 0x4F, 0x6E, 0x6C, 0x79, 0x20, 0x69, 0x6E, 0x74, 0x65, 0x6E, 0x64, 0x65, + 0x64, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x70, + 0x75, 0x72, 0x70, 0x6F, 0x73, 0x65, 0x73, 0x21, 0x29, 0x20, 0x3C, 0x6F, + 0x70, 0x65, 0x6E, 0x63, 0x64, 0x6B, 0x40, 0x66, 0x6F, 0x6F, 0x2D, 0x62, + 0x61, 0x72, 0x2E, 0x6F, 0x72, 0x67, 0x3E, 0x88, 0x62, 0x04, 0x13, 0x11, + 0x02, 0x00, 0x1A, 0x05, 0x02, 0x3C, 0x4A, 0xC5, 0x6C, 0x05, 0x0B, 0x07, + 0x0A, 0x03, 0x04, 0x03, 0x15, 0x03, 0x02, 0x03, 0x16, 0x02, 0x01, 0x02, + 0x1E, 0x01, 0x02, 0x17, 0x80, 0x00, 0x12, 0x09, 0x10, 0xBD, 0x57, 0x2C, + 0xDC, 0xCC, 0xC0, 0x7C, 0x35, 0x07, 0x65, 0x47, 0x50, 0x47, 0x00, 0x01, + 0x01, 0x81, 0xC1, 0x00, 0x9C, 0x0E, 0x12, 0x8D, 0x8E, 0xD4, 0x44, 0x7C, + 0x6D, 0xCB, 0xCE, 0x61, 0x50, 0xD9, 0xCD, 0x86, 0xE2, 0x0D, 0x84, 0x59, + 0xA5, 0x00, 0x9F, 0x66, 0x81, 0x66, 0x2C, 0x80, 0xC6, 0xAA, 0xCF, 0x1D, + 0x2D, 0x2B, 0xC2, 0x04, 0xF0, 0x82, 0xFE, 0x80, 0xD3, 0xDB, 0xA4, 0xB9, + 0x01, 0x0D, 0x04, 0x3C, 0x4A, 0xC5, 0x6F, 0x10, 0x04, 0x00, 0xE2, 0x01, + 0x56, 0x52, 0x60, 0x69, 0xD0, 0x67, 0xD2, 0x4F, 0x4D, 0x71, 0xE6, 0xD3, + 0x86, 0x58, 0xE0, 0x8B, 0xE3, 0xBF, 0x24, 0x6C, 0x1A, 0xDC, 0xE0, 0x8D, + 0xB6, 0x9C, 0xD8, 0xD4, 0x59, 0xC1, 0xED, 0x33, 0x57, 0x38, 0x41, 0x07, + 0x98, 0x75, 0x5A, 0xFD, 0xB7, 0x9F, 0x17, 0x97, 0xCF, 0x02, 0x2E, 0x70, + 0xC7, 0x96, 0x0F, 0x12, 0xCA, 0x68, 0x96, 0xD2, 0x7C, 0xFD, 0x24, 0xA1, + 0x1C, 0xD3, 0x16, 0xDD, 0xE1, 0xFB, 0xCC, 0x1E, 0xA6, 0x15, 0xC5, 0xC3, + 0x1F, 0xEC, 0x65, 0x6E, 0x46, 0x70, 0x78, 0xC8, 0x75, 0xFC, 0x50, 0x9B, + 0x1E, 0xCB, 0x99, 0xC8, 0xB5, 0x6C, 0x2D, 0x87, 0x5C, 0x50, 0xE2, 0x01, + 0x8B, 0x5B, 0x0F, 0xA3, 0x78, 0x60, 0x6E, 0xB6, 0x42, 0x5A, 0x25, 0x33, + 0x83, 0x0F, 0x55, 0xFD, 0x21, 0xD6, 0x49, 0x01, 0x56, 0x15, 0xD4, 0x9A, + 0x1D, 0x09, 0xE9, 0x51, 0x0F, 0x5F, 0x00, 0x03, 0x05, 0x04, 0x00, 0xD0, + 0xBD, 0xAD, 0xE4, 0x04, 0x32, 0x75, 0x86, 0x75, 0xC8, 0x7D, 0x07, 0x30, + 0xC3, 0x60, 0x98, 0x14, 0x67, 0xBA, 0xE1, 0xBE, 0xB6, 0xCC, 0x10, 0x5A, + 0x3C, 0x1F, 0x36, 0x6B, 0xFD, 0xBE, 0xA1, 0x2E, 0x37, 0x84, 0x56, 0x51, + 0x32, 0x38, 0xB8, 0xAD, 0x41, 0x4E, 0x52, 0xA2, 0xA9, 0x66, 0x1D, 0x1D, + 0xF1, 0xDB, 0x6B, 0xB5, 0xF3, 0x3F, 0x69, 0x06, 0x16, 0x61, 0x07, 0x55, + 0x6C, 0x81, 0x32, 0x24, 0x33, 0x0B, 0x30, 0x93, 0x2D, 0xB7, 0xC8, 0xCC, + 0x82, 0x25, 0x67, 0x2D, 0x7A, 0xE2, 0x4A, 0xF2, 0x46, 0x97, 0x50, 0xE5, + 0x39, 0xB6, 0x61, 0xEA, 0x64, 0x75, 0xD2, 0xE0, 0x3C, 0xD8, 0xD3, 0x83, + 0x8D, 0xC4, 0xA8, 0xAC, 0x4A, 0xFD, 0x21, 0x35, 0x36, 0xFE, 0x3E, 0x96, + 0xEC, 0x9D, 0x0A, 0xEA, 0x65, 0x16, 0x4B, 0x57, 0x6E, 0x01, 0xB3, 0x7A, + 0x8D, 0xCA, 0x89, 0xF2, 0xB2, 0x57, 0xD0, 0x88, 0x4E, 0x04, 0x18, 0x11, + 0x02, 0x00, 0x06, 0x05, 0x02, 0x3C, 0x4A, 0xC5, 0x6F, 0x00, 0x12, 0x09, + 0x10, 0xBD, 0x57, 0x2C, 0xDC, 0xCC, 0xC0, 0x7C, 0x35, 0x07, 0x65, 0x47, + 0x50, 0x47, 0x00, 0x01, 0x01, 0x75, 0x66, 0x00, 0x9F, 0x60, 0x1E, 0x1F, + 0x99, 0xE0, 0xB0, 0x7C, 0x77, 0xE6, 0x7F, 0x3E, 0xEC, 0xA1, 0xE1, 0x9F, + 0x94, 0x63, 0xD3, 0x73, 0x67, 0x00, 0x9F, 0x6A, 0xC6, 0x9E, 0xB4, 0x11, + 0x9A, 0x6F, 0xFB, 0xF4, 0x49, 0xE7, 0xD1, 0x54, 0xD8, 0x2E, 0x05, 0xD4, + 0x08, 0x61, 0xDB +}; /* The ID of a key known to be in the above keyring. */ static const gnutls_openpgp_keyid_t id_in_keyring = /* "Dr. Who", first key in the keyring */ - { 0x35, 0x14, 0x5c, 0xea, - 0xa7, 0xd9, 0x3c, 0x3f }; +{ 0x35, 0x14, 0x5c, 0xea, + 0xa7, 0xd9, 0x3c, 0x3f +}; static const gnutls_openpgp_keyid_t id2_in_keyring = /* OpenCDK test key, second key in the keyring */ - { 0xbd, 0x57, 0x2c, 0xdc, - 0xcc, 0xc0, 0x7c, 0x35 }; +{ 0xbd, 0x57, 0x2c, 0xdc, + 0xcc, 0xc0, 0x7c, 0x35 +}; static const gnutls_openpgp_keyid_t id_not_in_keyring = { 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00 }; - + 0x00, 0x00, 0x00, 0x00 +}; + static void tls_log_func (int level, const char *str) { @@ -204,14 +208,14 @@ doit (void) ret = gnutls_openpgp_keyring_init (&keyring); if (ret < 0) fail ("keyring-init %d\n", ret); - + data.data = raw_keyring; data.size = sizeof (raw_keyring) / sizeof (raw_keyring[0]); ret = gnutls_openpgp_keyring_import (keyring, &data, GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) fail ("keyring-import %d\n", ret); - + ret = gnutls_openpgp_keyring_check_id (keyring, id_not_in_keyring, 0); if (ret == 0) fail ("keyring-check-id (not-in-keyring) %d\n", ret); @@ -219,7 +223,7 @@ doit (void) ret = gnutls_openpgp_keyring_check_id (keyring, id_in_keyring, 0); if (ret != 0) fail ("keyring-check-id first key %d\n", ret); - + ret = gnutls_openpgp_keyring_check_id (keyring, id2_in_keyring, 0); if (ret != 0) fail ("keyring-check-id second key %d\n", ret); diff --git a/tests/openpgpself.c b/tests/openpgpself.c index 1c9aceea2b..246bdbeb7e 100644 --- a/tests/openpgpself.c +++ b/tests/openpgpself.c @@ -113,8 +113,7 @@ const char cert_txt[] = "Tm8gY29tbWVudHMpIDx3aG9Ad2hvaXMub3JnPohdBBMRAgAdBQI8Z5WNBQkDwmcA\n" "BQsHCgMEAxUDAgMWAgECF4AACgkQNRRc6qfZPD+WWACfeJnLyfbpTDB7mDh3aATb\n" "+0PXz28AoKRdApBVM6Bty+vWyXH6HfF6ZTj+\n" - "=m8dH\n" - "-----END PGP PUBLIC KEY BLOCK-----\n"; + "=m8dH\n" "-----END PGP PUBLIC KEY BLOCK-----\n"; const gnutls_datum_t cert = { cert_txt, sizeof (cert_txt) }; const char key_txt[] = @@ -137,8 +136,7 @@ const char key_txt[] = "KE5vIGNvbW1lbnRzKSA8d2hvQHdob2lzLm9yZz6IXQQTEQIAHQUCPGeVjQUJA8Jn\n" "AAULBwoDBAMVAwIDFgIBAheAAAoJEDUUXOqn2Tw/llgAnjBPQdWxIqBCQGlcI2K/\n" "gLkZR1ARAJ9kaAeJYERc0bV/vlm0ot7UDdr+bQ==\n" - "=4M0W\n" - "-----END PGP PRIVATE KEY BLOCK-----\n"; + "=4M0W\n" "-----END PGP PRIVATE KEY BLOCK-----\n"; const gnutls_datum_t key = { key_txt, sizeof (key_txt) }; void @@ -204,7 +202,7 @@ client (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); @@ -325,8 +323,7 @@ const char server_crt_txt[] = "fZJo+m0Xf8zI57NeQF+hXJhW7lIrWgQVr8IVp/lgo76acLHfL/t1n0Nhg4r2srz2\n" "fpP2w5laQ0qImYLnZhGFHU+rJUyFaHfhD8/svN2LuZkO570pjV/K68EaHnEfk5b8\n" "jWu/euohwcCwf20M1kTo3Bg=\n" - "=Xjon\n" - "-----END PGP PUBLIC KEY BLOCK-----\n"; + "=Xjon\n" "-----END PGP PUBLIC KEY BLOCK-----\n"; const gnutls_datum_t server_crt = { server_crt_txt, sizeof (server_crt_txt) }; const char server_key_txt[] = @@ -372,8 +369,7 @@ const char server_key_txt[] = "uXDDNkpoJwhEJBw5uQuwxWh9kmj6bRd/zMjns15AX6FcmFbuUitaBBWvwhWn+WCj\n" "vppwsd8v+3WfQ2GDivayvPZ+k/bDmVpDSoiZgudmEYUdT6slTIVod+EPz+y83Yu5\n" "mQ7nvSmNX8rrwRoecR+TlvyNa7966iHBwLB/bQzWROjcGA==\n" - "=mZnW\n" - "-----END PGP PRIVATE KEY BLOCK-----\n"; + "=mZnW\n" "-----END PGP PRIVATE KEY BLOCK-----\n"; const gnutls_datum_t server_key = { server_key_txt, sizeof (server_key_txt) }; void @@ -467,7 +463,7 @@ server (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); i = 0; for (;;) diff --git a/tests/oprfi.c b/tests/oprfi.c index 75a1218d12..883530a777 100644 --- a/tests/oprfi.c +++ b/tests/oprfi.c @@ -195,12 +195,11 @@ int oprfi_callback (gnutls_session_t session, void *userdata, size_t oprfi_len, - const unsigned char *in_oprfi, - unsigned char *out_oprfi) + const unsigned char *in_oprfi, unsigned char *out_oprfi) { size_t i; - puts("cb"); + puts ("cb"); for (i = 0; i < oprfi_len; i++) printf ("OPRF[%d]: %02x %03d %c\n", i, in_oprfi[i], diff --git a/tests/parse_ca.c b/tests/parse_ca.c index 7523e08ca5..0a3d370a78 100644 --- a/tests/parse_ca.c +++ b/tests/parse_ca.c @@ -53,8 +53,7 @@ const static char castr[] = "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\r\n" "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\r\n" "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\r\n" - "PfqUpIhz5Bbm7J4=\r\n" - "-----END CERTIFICATE-----\r\n"; + "PfqUpIhz5Bbm7J4=\r\n" "-----END CERTIFICATE-----\r\n"; void doit (void) @@ -63,7 +62,7 @@ doit (void) gnutls_certificate_credentials_t cred; gnutls_datum_t ca = { castr, sizeof (castr) }; - gnutls_global_init(); + gnutls_global_init (); rc = gnutls_certificate_allocate_credentials (&cred); if (rc) @@ -75,7 +74,7 @@ doit (void) gnutls_certificate_free_credentials (cred); - gnutls_global_deinit(); + gnutls_global_deinit (); success ("import ok\n"); } diff --git a/tests/pkcs12-decode/pkcs12_s2k.c b/tests/pkcs12-decode/pkcs12_s2k.c index 6ff1887da2..31729e261c 100644 --- a/tests/pkcs12-decode/pkcs12_s2k.c +++ b/tests/pkcs12-decode/pkcs12_s2k.c @@ -41,15 +41,23 @@ char *salt[3] = { "salt1", "ltsa22", "balt33" }; char *pw[3] = { "secret1", "verysecret2", "veryverysecret3" }; char *values[] = { -/* 1.0 */ "85a3c676a66f0960f4807144a28c8d61a0001b81846f301a1ac164289879972f", -/* 1.2 */ "e659da7d5989733a3d268e0bf7752c35c116e5c75919449a98f6812f82a15b16", -/* 1.2 */"878b8a88bf6166ce803b7498822205b1ac82870d3aec20807148779375a61f1e", -/* 2.0 */"1c845be764371d633c7fd1056967a9940385e110e85b58f826d39ae8561a0019", -/* 2.1 */"de8dd3ffd59b65d3d5f59a1f71d7add582741f7752a786c045953e727e4465c0", -/* 2.2 */"9dd7f19e5e6aee5c5008b5deefd35889ab7519356f13478ecdee593c5ed689b1", -/* 3.0 */"1c165e5a291a1539f3dbcf82a3e6ed566eb9d50ad4b0b3b57b599b08f0531236", -/* 3.1 */"5c9abee3cde31656eedfc131b7c2f8061032a3c705961ee2306a826c8b4b1a76", -/* 3.2 */"a9c94e0acdaeaea54d1b1b681c3b64916396a352dea7ffe635fb2c11d8502e98" +/* 1.0 */ + "85a3c676a66f0960f4807144a28c8d61a0001b81846f301a1ac164289879972f", +/* 1.2 */ + "e659da7d5989733a3d268e0bf7752c35c116e5c75919449a98f6812f82a15b16", +/* 1.2 */ + "878b8a88bf6166ce803b7498822205b1ac82870d3aec20807148779375a61f1e", +/* 2.0 */ + "1c845be764371d633c7fd1056967a9940385e110e85b58f826d39ae8561a0019", +/* 2.1 */ + "de8dd3ffd59b65d3d5f59a1f71d7add582741f7752a786c045953e727e4465c0", +/* 2.2 */ + "9dd7f19e5e6aee5c5008b5deefd35889ab7519356f13478ecdee593c5ed689b1", +/* 3.0 */ + "1c165e5a291a1539f3dbcf82a3e6ed566eb9d50ad4b0b3b57b599b08f0531236", +/* 3.1 */ + "5c9abee3cde31656eedfc131b7c2f8061032a3c705961ee2306a826c8b4b1a76", +/* 3.2 */ "a9c94e0acdaeaea54d1b1b681c3b64916396a352dea7ffe635fb2c11d8502e98" }; void @@ -58,27 +66,35 @@ doit (void) int rc, i, j, x; char key[32]; char tmp[1024]; - - gnutls_global_init(); + + gnutls_global_init (); gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (99); - + x = 0; - for (i=1;i<4;i++) { - for (j=0;j<3;j++) { - rc = _gnutls_pkcs12_string_to_key(i, salt[j], strlen(salt[j]), j+i+15, pw[j], sizeof(key), key); - if (rc < 0) - fail ("_gnutls_pkcs12_string_to_key failed[0]\n"); - - if (strcmp( _gnutls_bin2hex( key, sizeof(key), tmp, sizeof(tmp)), values[x]) != 0) - fail ("_gnutls_pkcs12_string_to_key failed[1]\n"); + for (i = 1; i < 4; i++) + { + for (j = 0; j < 3; j++) + { + rc = + _gnutls_pkcs12_string_to_key (i, salt[j], strlen (salt[j]), + j + i + 15, pw[j], sizeof (key), + key); + if (rc < 0) + fail ("_gnutls_pkcs12_string_to_key failed[0]\n"); + + if (strcmp + (_gnutls_bin2hex (key, sizeof (key), tmp, sizeof (tmp)), + values[x]) != 0) + fail ("_gnutls_pkcs12_string_to_key failed[1]\n"); - printf("ij: %d.%d: %s\n", i, j, _gnutls_bin2hex( key, sizeof(key), tmp, sizeof(tmp))); - x++; + printf ("ij: %d.%d: %s\n", i, j, + _gnutls_bin2hex (key, sizeof (key), tmp, sizeof (tmp))); + x++; + } } - } - printf("\n"); + printf ("\n"); success ("_gnutls_pkcs12_string_to_key ok\n"); } diff --git a/tests/x509dn.c b/tests/x509dn.c index 2d57793418..91e1949bfe 100644 --- a/tests/x509dn.c +++ b/tests/x509dn.c @@ -107,8 +107,7 @@ const char ca_pem[] = "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" - "PfqUpIhz5Bbm7J4=\n" - "-----END CERTIFICATE-----\n"; + "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca = { ca_pem, sizeof (ca_pem) }; const char cert_pem[] = @@ -124,8 +123,7 @@ const char cert_pem[] = "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" - "-----END CERTIFICATE-----\n"; + "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof (cert_pem) }; const char key_pem[] = @@ -150,9 +148,9 @@ const gnutls_datum_t key = { key_pem, sizeof (key_pem) }; static int cert_callback (gnutls_session session, - const gnutls_datum *req_ca_rdn, int nreqs, - const gnutls_pk_algorithm *sign_algos, - int sign_algos_length, gnutls_retr_st *st) + const gnutls_datum * req_ca_rdn, int nreqs, + const gnutls_pk_algorithm * sign_algos, + int sign_algos_length, gnutls_retr_st * st) { int result; gnutls_x509_dn_t dn; @@ -165,7 +163,7 @@ cert_callback (gnutls_session session, success ("client: invoked to provide client cert.\n"); - result = gnutls_x509_dn_init( &dn); + result = gnutls_x509_dn_init (&dn); if (result < 0) { fail ("client: could not initialize DN.\n"); @@ -176,38 +174,38 @@ cert_callback (gnutls_session session, if (result == 0) { gnutls_x509_ava_st val; - + success ("client: imported DN.\n"); - + if (gnutls_x509_dn_get_rdn_ava (dn, 0, 0, &val) == 0) - { - success ("client: got RDN 0.\n"); - - if (val.value.size == strlen(EXPECT_RDN0) - && strncmp(val.value.data, EXPECT_RDN0, val.value.size) == 0) - { - success ("client: RND 0 correct.\n"); - } - else - { - fail ("client: RND 0 bad: %.*s\n", - val.value.size, val.value.data); - return -1; - } - } + { + success ("client: got RDN 0.\n"); + + if (val.value.size == strlen (EXPECT_RDN0) + && strncmp (val.value.data, EXPECT_RDN0, val.value.size) == 0) + { + success ("client: RND 0 correct.\n"); + } + else + { + fail ("client: RND 0 bad: %.*s\n", + val.value.size, val.value.data); + return -1; + } + } else - { - fail ("client: could not retrieve RDN 0.\n"); - return -1; - } - + { + fail ("client: could not retrieve RDN 0.\n"); + return -1; + } + gnutls_x509_dn_deinit (dn); } else { fail ("client: failed to parse RDN: %s\n", gnutls_strerror (result)); } - + return 0; } @@ -270,7 +268,7 @@ client (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); @@ -380,11 +378,11 @@ const char server_cert_pem[] = "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" - "-----END CERTIFICATE-----\n"; + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t server_cert = { server_cert_pem, - sizeof (server_cert_pem) }; + sizeof (server_cert_pem) +}; const char server_key_pem[] = "-----BEGIN RSA PRIVATE KEY-----\n" @@ -404,7 +402,8 @@ const char server_key_pem[] = "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server_key = { server_key_pem, - sizeof (server_key_pem) }; + sizeof (server_key_pem) +}; void server_start (void) @@ -493,7 +492,7 @@ server (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); i = 0; for (;;) @@ -558,18 +557,20 @@ doit (void) /* parent */ server (); wait (&status); - + #if defined(WIFEXITED) && defined(WEXITSTATUS) if (WIFEXITED (status) && WEXITSTATUS (status)) - { - fail ("server: client failed with exit status %d\n", WEXITSTATUS (status)); - } + { + fail ("server: client failed with exit status %d\n", + WEXITSTATUS (status)); + } #endif #if defined(WIFSIGNALED) && defined(WTERMSIG) if (WIFSIGNALED (status)) - { - fail ("server: client failed with fatal signal %d\n", WTERMSIG (status)); - } + { + fail ("server: client failed with fatal signal %d\n", + WTERMSIG (status)); + } #endif } diff --git a/tests/x509self.c b/tests/x509self.c index a29809b9b7..f3c97d6aa4 100644 --- a/tests/x509self.c +++ b/tests/x509self.c @@ -107,8 +107,7 @@ const char ca_pem[] = "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" - "PfqUpIhz5Bbm7J4=\n" - "-----END CERTIFICATE-----\n"; + "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca = { ca_pem, sizeof (ca_pem) }; const char cert_pem[] = @@ -124,8 +123,7 @@ const char cert_pem[] = "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" - "-----END CERTIFICATE-----\n"; + "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof (cert_pem) }; const char key_pem[] = @@ -204,7 +202,7 @@ client (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); @@ -314,11 +312,11 @@ const char server_cert_pem[] = "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" - "-----END CERTIFICATE-----\n"; + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t server_cert = { server_cert_pem, - sizeof (server_cert_pem) }; + sizeof (server_cert_pem) +}; const char server_key_pem[] = "-----BEGIN RSA PRIVATE KEY-----\n" @@ -338,7 +336,8 @@ const char server_key_pem[] = "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server_key = { server_key_pem, - sizeof (server_key_pem) }; + sizeof (server_key_pem) +}; void server_start (void) @@ -427,7 +426,7 @@ server (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); i = 0; for (;;) diff --git a/tests/x509signself.c b/tests/x509signself.c index 0d17ed1aea..10088e2240 100644 --- a/tests/x509signself.c +++ b/tests/x509signself.c @@ -109,8 +109,7 @@ static char ca_pem[] = "Viyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAiaIRqGfp1jPpNeVhABK60SU0KIAy\n" "njuu7kHq5peUgYn8Jd9zNzExBOEp1VOipGsf6G66oQAhDFp2o8zkz7ZH71zR4HEW\n" "KoX6n5Emn6DvcEH/9pAhnGxNHJAoS7czTKv/JDZJhkqHxyrE1fuLsg5Qv25DTw7+\n" - "PfqUpIhz5Bbm7J4=\n" - "-----END CERTIFICATE-----\n"; + "PfqUpIhz5Bbm7J4=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t ca = { ca_pem, sizeof (ca_pem) }; static char cert_pem[] = @@ -126,8 +125,7 @@ static char cert_pem[] = "+62SbuYGpFYsouHAUyfI8pUwCwYJKoZIhvcNAQEFA4GBALujmBJVZnvaTXr9cFRJ\n" "jpfc/3X7sLUsMvumcDE01ls/cG5mIatmiyEU9qI3jbgUf82z23ON/acwJf875D3/\n" "U7jyOsBJ44SEQITbin2yUeJMIm1tievvdNXBDfW95AM507ShzP12sfiJkJfjjdhy\n" - "dc8Siq5JojruiMizAf0pA7in\n" - "-----END CERTIFICATE-----\n"; + "dc8Siq5JojruiMizAf0pA7in\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t cert = { cert_pem, sizeof (cert_pem) }; int @@ -135,8 +133,7 @@ sign_func (gnutls_session_t session, void *userdata, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, - const gnutls_datum_t * hash, - gnutls_datum_t * signature) + const gnutls_datum_t * hash, gnutls_datum_t * signature) { gnutls_x509_privkey_t key; char key_pem[] = @@ -172,7 +169,7 @@ sign_func (gnutls_session_t session, ret = 0; - done: +done: gnutls_x509_privkey_deinit (key); return ret; } @@ -238,7 +235,7 @@ client (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); gnutls_record_send (session, MSG, strlen (MSG)); @@ -347,11 +344,11 @@ static char server_cert_pem[] = "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" - "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" - "-----END CERTIFICATE-----\n"; + "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; const gnutls_datum_t server_cert = { server_cert_pem, - sizeof (server_cert_pem) }; + sizeof (server_cert_pem) +}; static char server_key_pem[] = "-----BEGIN RSA PRIVATE KEY-----\n" @@ -371,7 +368,8 @@ static char server_key_pem[] = "-----END RSA PRIVATE KEY-----\n"; const gnutls_datum_t server_key = { server_key_pem, - sizeof (server_key_pem) }; + sizeof (server_key_pem) +}; void server_start (void) @@ -460,7 +458,7 @@ server (void) gnutls_protocol_get_name (gnutls_protocol_get_version (session))); /* see the Getting peer's information example */ - print_info(session); + print_info (session); i = 0; for (;;) |