summaryrefslogtreecommitdiff
path: root/lib/cert-cred-rawpk.c
diff options
context:
space:
mode:
authorDaiki Ueno <ueno@gnu.org>2020-05-30 10:22:18 +0000
committerDaiki Ueno <ueno@gnu.org>2020-05-30 10:22:18 +0000
commit0023cf81f50d1c7e85083cf4398bfa6edf30d639 (patch)
tree0185f8c419e82fc9dcd60c9653eaf44d14830cee /lib/cert-cred-rawpk.c
parent2f28cf6e7304a0f8b3c08823846752a2b55aabcf (diff)
parent14e2203ce5d7a6bbe050861a1206873a040674e3 (diff)
downloadgnutls-0023cf81f50d1c7e85083cf4398bfa6edf30d639.tar.gz
Merge branch 'tmp-fileio' into 'master'
lib: improve external file loading See merge request gnutls/gnutls!1261
Diffstat (limited to 'lib/cert-cred-rawpk.c')
-rw-r--r--lib/cert-cred-rawpk.c13
1 files changed, 9 insertions, 4 deletions
diff --git a/lib/cert-cred-rawpk.c b/lib/cert-cred-rawpk.c
index cfa65eb318..56bc5f6584 100644
--- a/lib/cert-cred-rawpk.c
+++ b/lib/cert-cred-rawpk.c
@@ -239,8 +239,6 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred,
gnutls_privkey_t privkey;
gnutls_pubkey_t pubkey;
gnutls_pcert_st* pcert;
- gnutls_datum_t rawpubkey = { NULL, 0 }; // to hold rawpk data from file
- size_t key_size;
gnutls_str_array_t str_names;
unsigned int i;
@@ -291,8 +289,13 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred,
}
} else {
+ gnutls_datum_t rawpubkey; // to hold rawpk data from file
+ size_t key_size;
+
/* Read our raw public-key into memory from file */
- rawpubkey.data = (void*) read_binary_file(rawpkfile, &key_size);
+ rawpubkey.data = (void*) read_file(rawpkfile,
+ RF_BINARY | RF_SENSITIVE,
+ &key_size);
if (rawpubkey.data == NULL) {
gnutls_privkey_deinit(privkey);
@@ -307,7 +310,9 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred,
ret = gnutls_pcert_import_rawpk_raw(pcert, &rawpubkey,
format, key_usage, 0);
- _gnutls_free_datum(&rawpubkey);
+ zeroize_key(rawpubkey.data, rawpubkey.size);
+ free(rawpubkey.data);
+ rawpubkey.size = 0;
if (ret < 0) {
gnutls_privkey_deinit(privkey);