summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2011-07-23 16:23:43 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2011-07-23 16:23:43 +0200
commit0aaf521bf4cbede8b2604fbc45c9bdc01084b8ea (patch)
tree9351f25afe4b675eecf4b8d3b08d83f3d18b9958
parent6c0ce6ba706c2582428da000f4bf861303b3407a (diff)
downloadgnutls-0aaf521bf4cbede8b2604fbc45c9bdc01084b8ea.tar.gz
Crippled status of gnutls_x509_privkey_t was removed to avoid thread safety issues.
Diffstat
-rw-r--r--lib/gnutls_rsa_export.c2
-rw-r--r--lib/x509/privkey.c87
-rw-r--r--lib/x509/privkey_pkcs8.c11
-rw-r--r--lib/x509/x509_int.h6
4 files changed, 26 insertions, 80 deletions
diff --git a/lib/gnutls_rsa_export.c b/lib/gnutls_rsa_export.c
index e867927c56..a0bf568b05 100644
--- a/lib/gnutls_rsa_export.c
+++ b/lib/gnutls_rsa_export.c
@@ -96,8 +96,6 @@ gnutls_rsa_params_init (gnutls_rsa_params_t * rsa_params)
return ret;
}
- (*rsa_params)->crippled = 1;
-
return 0;
}
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 66f3290489..f48b17b68c 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -113,12 +113,9 @@ gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst, gnutls_x509_privkey_t src)
dst->params_size = src->params_size;
dst->pk_algorithm = src->pk_algorithm;
- dst->crippled = src->crippled;
- if (!src->crippled)
+ switch (dst->pk_algorithm)
{
- switch (dst->pk_algorithm)
- {
case GNUTLS_PK_DSA:
ret = _gnutls_asn1_encode_dsa (&dst->key, dst->params);
if (ret < 0)
@@ -138,7 +135,6 @@ gnutls_x509_privkey_cpy (gnutls_x509_privkey_t dst, gnutls_x509_privkey_t src)
default:
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
- }
}
return 0;
@@ -638,15 +634,12 @@ gnutls_x509_privkey_import_rsa_raw2 (gnutls_x509_privkey_t key,
}
key->params_size = pk_params.params_nr;
- if (!key->crippled)
+ ret = _gnutls_asn1_encode_rsa (&key->key, key->params);
+ if (ret < 0)
{
- ret = _gnutls_asn1_encode_rsa (&key->key, key->params);
- if (ret < 0)
- {
- gnutls_assert ();
- FREE_RSA_PRIVATE_PARAMS;
- return ret;
- }
+ gnutls_assert ();
+ FREE_RSA_PRIVATE_PARAMS;
+ return ret;
}
key->params_size = RSA_PRIVATE_PARAMS;
@@ -729,15 +722,12 @@ gnutls_x509_privkey_import_dsa_raw (gnutls_x509_privkey_t key,
return GNUTLS_E_MPI_SCAN_FAILED;
}
- if (!key->crippled)
+ ret = _gnutls_asn1_encode_dsa (&key->key, key->params);
+ if (ret < 0)
{
- ret = _gnutls_asn1_encode_dsa (&key->key, key->params);
- if (ret < 0)
- {
- gnutls_assert ();
- FREE_DSA_PRIVATE_PARAMS;
- return ret;
- }
+ gnutls_assert ();
+ FREE_DSA_PRIVATE_PARAMS;
+ return ret;
}
key->params_size = DSA_PRIVATE_PARAMS;
@@ -813,33 +803,6 @@ gnutls_x509_privkey_export (gnutls_x509_privkey_t key,
else
msg = NULL;
- if (key->crippled)
- { /* encode the parameters on the fly.
- */
- switch (key->pk_algorithm)
- {
- case GNUTLS_PK_DSA:
- ret = _gnutls_asn1_encode_dsa (&key->key, key->params);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
- break;
- case GNUTLS_PK_RSA:
- ret = _gnutls_asn1_encode_rsa (&key->key, key->params);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
- break;
- default:
- gnutls_assert ();
- return GNUTLS_E_INVALID_REQUEST;
- }
- }
-
return _gnutls_x509_export_int (key->key, format, msg,
output_data, output_data_size);
}
@@ -1512,14 +1475,11 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
return ret;
}
- if (!key->crippled)
+ ret = _gnutls_asn1_encode_dsa (&key->key, key->params);
+ if (ret < 0)
{
- ret = _gnutls_asn1_encode_dsa (&key->key, key->params);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
+ gnutls_assert ();
+ goto cleanup;
}
key->params_size = params_len;
key->pk_algorithm = GNUTLS_PK_DSA;
@@ -1538,14 +1498,11 @@ gnutls_x509_privkey_generate (gnutls_x509_privkey_t key,
return ret;
}
- if (!key->crippled)
+ ret = _gnutls_asn1_encode_rsa (&key->key, key->params);
+ if (ret < 0)
{
- ret = _gnutls_asn1_encode_rsa (&key->key, key->params);
- if (ret < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
+ gnutls_assert ();
+ goto cleanup;
}
key->params_size = params_len;
@@ -1598,7 +1555,7 @@ gnutls_x509_privkey_get_key_id (gnutls_x509_privkey_t key,
digest_hd_st hd;
gnutls_datum_t der = { NULL, 0 };
- if (key == NULL || key->crippled)
+ if (key == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
@@ -1900,8 +1857,8 @@ gnutls_x509_privkey_fix (gnutls_x509_privkey_t key)
return GNUTLS_E_INVALID_REQUEST;
}
- if (!key->crippled)
- asn1_delete_structure (&key->key);
+ asn1_delete_structure (&key->key);
+
switch (key->pk_algorithm)
{
case GNUTLS_PK_DSA:
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 09c01cd211..d58471bf15 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -1038,14 +1038,11 @@ _decode_pkcs8_dsa_key (ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey)
_gnutls_mpi_powm (pkey->params[3], pkey->params[2], pkey->params[4],
pkey->params[0]);
- if (!pkey->crippled)
+ ret = _gnutls_asn1_encode_dsa (&pkey->key, pkey->params);
+ if (ret < 0)
{
- ret = _gnutls_asn1_encode_dsa (&pkey->key, pkey->params);
- if (ret < 0)
- {
- gnutls_assert ();
- goto error;
- }
+ gnutls_assert ();
+ goto error;
}
pkey->params_size = DSA_PRIVATE_PARAMS;
diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h
index 61d2245f1a..1b3cfe5bd3 100644
--- a/lib/x509/x509_int.h
+++ b/lib/x509/x509_int.h
@@ -119,12 +119,6 @@ typedef struct gnutls_x509_privkey_int
gnutls_pk_algorithm_t pk_algorithm;
- /* The crippled keys will not use the ASN1_TYPE key. The encoding
- * will only be performed at the export phase, to optimize copying
- * etc. Cannot be used with the exported API (used internally only).
- */
- int crippled;
-
ASN1_TYPE key;
} gnutls_x509_privkey_int;
View Lorry Controller Status