diff options
author | Dan Winship <danw@redhat.com> | 2014-12-01 14:13:06 -0500 |
---|---|---|
committer | Dan Winship <danw@redhat.com> | 2014-12-04 08:39:54 -0500 |
commit | bddc0de51e519e7b4622beb1db8d0a3af2da166e (patch) | |
tree | a05a7bd07577ecda78f8c7f4608a37bf5d7af12f /libnm-core/crypto_gnutls.c | |
parent | 48ff21b5bc42daa8b6f72db8d82fd9b21fde842e (diff) | |
download | NetworkManager-bddc0de51e519e7b4622beb1db8d0a3af2da166e.tar.gz |
libnm-core: call crypto_init() on the fly
Rather than requiring crypto_init() to have been called beforehand,
just have every method that depends on it call it itself.
This required adding a GError argument to crypto_is_pkcs12_data(),
which in turn required a few other changes elsewhere.
Diffstat (limited to 'libnm-core/crypto_gnutls.c')
-rw-r--r-- | libnm-core/crypto_gnutls.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/libnm-core/crypto_gnutls.c b/libnm-core/crypto_gnutls.c index 03923f6307..96dddb9029 100644 --- a/libnm-core/crypto_gnutls.c +++ b/libnm-core/crypto_gnutls.c @@ -75,6 +75,9 @@ crypto_decrypt (const char *cipher, gboolean success = FALSE; gsize pad_len, real_iv_len; + if (!crypto_init (error)) + return NULL; + if (!strcmp (cipher, CIPHER_DES_EDE3_CBC)) { cipher_mech = GCRY_CIPHER_3DES; real_iv_len = SALT_LEN; @@ -196,6 +199,9 @@ crypto_encrypt (const char *cipher, guint32 i; gsize salt_len; + if (!crypto_init (error)) + return NULL; + if (!strcmp (cipher, CIPHER_DES_EDE3_CBC)) { cipher_mech = GCRY_CIPHER_3DES; salt_len = SALT_LEN; @@ -291,6 +297,9 @@ crypto_verify_cert (const unsigned char *data, gnutls_datum_t dt; int err; + if (!crypto_init (error)) + return NM_CRYPTO_FILE_FORMAT_UNKNOWN; + err = gnutls_x509_crt_init (&der); if (err < 0) { g_set_error (error, NM_CRYPTO_ERROR, @@ -335,6 +344,9 @@ crypto_verify_pkcs12 (const guint8 *data, g_return_val_if_fail (data != NULL, FALSE); + if (!crypto_init (error)) + return FALSE; + dt.data = (unsigned char *) data; dt.size = data_len; @@ -389,6 +401,9 @@ crypto_verify_pkcs8 (const guint8 *data, g_return_val_if_fail (data != NULL, FALSE); + if (!crypto_init (error)) + return FALSE; + dt.data = (unsigned char *) data; dt.size = data_len; @@ -431,6 +446,9 @@ crypto_verify_pkcs8 (const guint8 *data, gboolean crypto_randomize (void *buffer, gsize buffer_len, GError **error) { + if (!crypto_init (error)) + return FALSE; + gcry_randomize (buffer, buffer_len, GCRY_STRONG_RANDOM); return TRUE; } |