diff options
author | Daiki Ueno <ueno@gnu.org> | 2020-05-30 10:22:18 +0000 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2020-05-30 10:22:18 +0000 |
commit | 0023cf81f50d1c7e85083cf4398bfa6edf30d639 (patch) | |
tree | 0185f8c419e82fc9dcd60c9653eaf44d14830cee /lib/cert-cred-rawpk.c | |
parent | 2f28cf6e7304a0f8b3c08823846752a2b55aabcf (diff) | |
parent | 14e2203ce5d7a6bbe050861a1206873a040674e3 (diff) | |
download | gnutls-0023cf81f50d1c7e85083cf4398bfa6edf30d639.tar.gz |
Merge branch 'tmp-fileio' into 'master'
lib: improve external file loading
See merge request gnutls/gnutls!1261
Diffstat (limited to 'lib/cert-cred-rawpk.c')
-rw-r--r-- | lib/cert-cred-rawpk.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/lib/cert-cred-rawpk.c b/lib/cert-cred-rawpk.c index cfa65eb318..56bc5f6584 100644 --- a/lib/cert-cred-rawpk.c +++ b/lib/cert-cred-rawpk.c @@ -239,8 +239,6 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, gnutls_privkey_t privkey; gnutls_pubkey_t pubkey; gnutls_pcert_st* pcert; - gnutls_datum_t rawpubkey = { NULL, 0 }; // to hold rawpk data from file - size_t key_size; gnutls_str_array_t str_names; unsigned int i; @@ -291,8 +289,13 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, } } else { + gnutls_datum_t rawpubkey; // to hold rawpk data from file + size_t key_size; + /* Read our raw public-key into memory from file */ - rawpubkey.data = (void*) read_binary_file(rawpkfile, &key_size); + rawpubkey.data = (void*) read_file(rawpkfile, + RF_BINARY | RF_SENSITIVE, + &key_size); if (rawpubkey.data == NULL) { gnutls_privkey_deinit(privkey); @@ -307,7 +310,9 @@ int gnutls_certificate_set_rawpk_key_file(gnutls_certificate_credentials_t cred, ret = gnutls_pcert_import_rawpk_raw(pcert, &rawpubkey, format, key_usage, 0); - _gnutls_free_datum(&rawpubkey); + zeroize_key(rawpubkey.data, rawpubkey.size); + free(rawpubkey.data); + rawpubkey.size = 0; if (ret < 0) { gnutls_privkey_deinit(privkey); |