more openpgp related changes.

4 files changed, 85 insertions, 32 deletions

diff --git a/includes/gnutls/pkcs12.h b/includes/gnutls/pkcs12.h
index 49617c81be..fbf2b9f98b 100644
--- a/includes/gnutls/pkcs12.h
+++ b/includes/gnutls/pkcs12.h
@@ -68,6 +68,8 @@ gnutls_pkcs12_bag_type gnutls_pkcs12_bag_get_type(gnutls_pkcs12_bag bag, int ind
 int gnutls_pkcs12_bag_get_data(gnutls_pkcs12_bag bag, int indx, gnutls_const_datum* data);
 int gnutls_pkcs12_bag_set_data(gnutls_pkcs12_bag bag, gnutls_pkcs12_bag_type type,
         const gnutls_datum* data);
+int gnutls_pkcs12_bag_set_crl(gnutls_pkcs12_bag bag, gnutls_x509_crl crl);
+int gnutls_pkcs12_bag_set_crt(gnutls_pkcs12_bag bag, gnutls_x509_crt crt);
 
 int gnutls_pkcs12_bag_init(gnutls_pkcs12_bag * bag);
 void gnutls_pkcs12_bag_deinit(gnutls_pkcs12_bag bag);
diff --git a/libextra/gnutls_openpgp.c b/libextra/gnutls_openpgp.c
index dc10891bfd..016200ef7c 100644
--- a/libextra/gnutls_openpgp.c
+++ b/libextra/gnutls_openpgp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2002 Timo Schulz <twoaday@freakmail.de>
+ * Copyright (C) 2002,2003 Timo Schulz <twoaday@freakmail.de>
  *
  * This file is part of GNUTLS.
  *
@@ -482,6 +482,33 @@ leave:
     return rc;
 }
 
+static int
+stream_to_datum( cdk_stream_t inp, gnutls_datum *raw )
+{
+    uint8 buf[4096];
+    int rc = 0, nread, nbytes = 0;
+  
+    if( !buf || !raw ) {
+        gnutls_assert( );
+        return GNUTLS_E_INVALID_REQUEST;
+    }
+
+    cdk_stream_seek( inp, 0 );
+    while( !cdk_stream_eof( inp ) ) {
+        nread = cdk_stream_read( inp, buf, sizeof buf-1 );
+        if( nread == EOF )
+            break;
+        datum_append( raw, buf, nread );
+        nbytes += nread;
+    }
+    cdk_stream_seek( inp, 0 );
+    if( !nbytes )
+        rc = GNUTLS_E_INTERNAL_ERROR;
+
+    return rc;
+}
+
+
 
 /**
  * gnutls_certificate_set_openpgp_key_mem - Used to set OpenPGP keys
@@ -503,17 +530,21 @@ gnutls_certificate_set_openpgp_key_mem( gnutls_certificate_credentials res,
     CDK_PACKET *pkt;
     int i = 0;
     int rc = 0;
+    cdk_stream_t inp = NULL;
     
     if ( !res || !key || !cert ) {
         gnutls_assert( );
         return GNUTLS_E_INVALID_REQUEST;
     }
 
-    rc = cdk_kbnode_read_from_mem( &knode, cert->data, cert->size );
-    if( (rc = _gnutls_map_cdk_rc( rc )) ) {
-      gnutls_assert();
-      goto leave;
+    inp = cdk_stream_tmp_from_mem( cert->data, cert->size);
+    if (inp == NULL) {
+    	gnutls_assert();
+    	return GNUTLS_E_INTERNAL_ERROR;
     }
+    
+    if( cdk_armor_filter_use( inp ) )
+    	cdk_stream_set_armor_flag( inp, 0 );
 
     res->cert_list = gnutls_realloc_fast(res->cert_list,
                                     (1+res->ncerts)*sizeof(gnutls_cert*));
@@ -536,25 +567,41 @@ gnutls_certificate_set_openpgp_key_mem( gnutls_certificate_credentials res,
     }
 
     i = 1;
-    while( (p = cdk_kbnode_walk( knode, &ctx, 0 )) ) {
-        pkt = cdk_kbnode_get_packet( p );
+    rc = cdk_keydb_get_keyblock( inp, &knode );
+#warning FIX THIS
+
+    while( knode && (p = cdk_kbnode_walk( knode, &ctx, 0 )) ) {
+	pkt = cdk_kbnode_get_packet( p );
         if( i > MAX_PUBLIC_PARAMS_SIZE ) {
             gnutls_assert();
             break;
         }
-        if( pkt->pkttype == CDK_PKT_PUBLIC_KEY ) {
+	if( pkt->pkttype == CDK_PKT_PUBLIC_KEY ) {
             int n = res->ncerts;
+            
             cdk_pkt_pubkey_t pk = pkt->pkt.public_key;
             res->cert_list_length[n] = 1;
-            if (_gnutls_set_datum( &res->cert_list[n][0].raw,
-                              cert->data, cert->size ) < 0) {
-                 gnutls_assert();
-                 return GNUTLS_E_MEMORY_ERROR;
+               
+            if (stream_to_datum( inp, &res->cert_list[n][0].raw )) {
+                gnutls_assert();
+                return GNUTLS_E_MEMORY_ERROR;
             }
             openpgp_pk_to_gnutls_cert( &res->cert_list[n][0], pk );
             i++;
         }
     }
+    
+    if( rc == CDK_EOF && i > 1)
+       rc = 0;
+       
+    cdk_stream_close( inp );
+    
+    if (rc) {
+        cdk_kbnode_release( knode );
+        gnutls_assert();
+        rc = _gnutls_map_cdk_rc( rc );
+        goto leave;
+    }       
   
     res->ncerts++;
     res->pkey = gnutls_realloc_fast(res->pkey,
@@ -563,12 +610,26 @@ gnutls_certificate_set_openpgp_key_mem( gnutls_certificate_credentials res,
         gnutls_assert();
         return GNUTLS_E_MEMORY_ERROR;   
     }
+
     /* ncerts has been incremented before */
-    rc = _gnutls_set_datum( &raw, key->data, key->size );
-    if (rc < 0) {
+
+    inp = cdk_stream_tmp_from_mem( key->data, key->size);
+    if (inp == NULL) {
     	gnutls_assert();
-    	return rc;
+    	return GNUTLS_E_INTERNAL_ERROR;
+    }
+    
+    if( cdk_armor_filter_use( inp ) )
+    	cdk_stream_set_armor_flag( inp, 0 );
+
+    memset( &raw, 0, sizeof raw );
+    
+    if (stream_to_datum( inp, &raw )) {
+    	gnutls_assert();
+    	return GNUTLS_E_INTERNAL_ERROR;
     }
+    cdk_stream_close( inp );
+    
     rc = _gnutls_openpgp_key2gnutls_key( &res->pkey[res->ncerts-1], &raw );
     if (rc) {
     	gnutls_assert();
@@ -599,11 +660,6 @@ gnutls_certificate_set_openpgp_key_file( gnutls_certificate_credentials res,
                                          char* keyfile )
 {
     struct stat statbuf;
-    cdk_stream_t inp = NULL;
-    cdk_kbnode_t knode = NULL, ctx = NULL, p;
-    CDK_PACKET *pkt = NULL;
-    gnutls_datum raw;
-    int i = 0, n;
     int rc = 0;
     gnutls_datum key, cert;
     strfile xcert, xkey;
@@ -647,6 +703,8 @@ gnutls_certificate_set_openpgp_key_file( gnutls_certificate_credentials res,
     	gnutls_assert();
     	return rc;
     }
+
+    return 0;
 }
 
 
diff --git a/src/certtool.c b/src/certtool.c
index 68ccaba557..1834960285 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -1437,21 +1437,12 @@ void generate_pkcs12( void)
 	key_id.data = _key_id;
 	key_id.size = size;
 		
-	size = sizeof(buffer);
-	result = gnutls_x509_crt_export( crt, GNUTLS_X509_FMT_DER, buffer, &size);
+	result = gnutls_pkcs12_bag_set_crt( bag, crt);
 	if (result < 0) {
-		fprintf(stderr, "crt_export: %s\n", gnutls_strerror(result));
+		fprintf(stderr, "set_crt: %s\n", gnutls_strerror(result));
 		exit(1);
 	}
 
-	data.data = buffer;
-	data.size = size;
-	result = gnutls_pkcs12_bag_set_data( bag, GNUTLS_BAG_CERTIFICATE, &data);
-	if (result < 0) {
-		fprintf(stderr, "bag_set_data: %s\n", gnutls_strerror(result));
-		exit(1);
-	}
-	
 	index = result;
 
 	result = gnutls_pkcs12_bag_set_friendly_name( bag, index, name);
diff --git a/src/common.c b/src/common.c
index 5ef9832169..fee0bc1618 100644
--- a/src/common.c
+++ b/src/common.c
@@ -1,3 +1,4 @@
+#include <config.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -227,7 +228,7 @@ void print_openpgp_info(gnutls_session session, const char* hostname)
 			fprintf(stderr, "Decoding error: %s\n", str);
 			return;
 		}
-
+#if 0
 		if (print_cert) {
 			size_t size;
 			
@@ -242,6 +243,7 @@ void print_openpgp_info(gnutls_session session, const char* hostname)
 			fputs( buffer, stdout);
 			fputs( "\n", stdout);
 		}
+#endif
 
 		if (hostname != NULL) { /* Check the hostname of the first certificate
 		             * if it matches the name of the host we