diff options
author | Nikos <nmav@crystal.(none)> | 2008-01-13 15:21:24 +0200 |
---|---|---|
committer | Nikos <nmav@crystal.(none)> | 2008-01-13 15:21:24 +0200 |
commit | a0b2d269d69a25b2611380c85377197d03092283 (patch) | |
tree | 0ae919209178f08a82a5b1818b6c71e9ff07598d /lib/gnutls_cert.c | |
parent | a3e4759117cee5d756475215437a440dc12fcc6c (diff) | |
download | gnutls-a0b2d269d69a25b2611380c85377197d03092283.tar.gz |
merged the openpgp branch to head\!
Diffstat (limited to 'lib/gnutls_cert.c')
-rw-r--r-- | lib/gnutls_cert.c | 65 |
1 files changed, 19 insertions, 46 deletions
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index f33b538802..669deb33cc 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -40,9 +40,11 @@ #include <gnutls_state.h> #include <gnutls_auth_int.h> #include <gnutls_x509.h> -#include <gnutls_extra_hooks.h> #include "x509/x509.h" #include "x509/mpi.h" +#ifdef ENABLE_OPENPGP +# include "openpgp/gnutls_openpgp.h" +#endif /** * gnutls_certificate_free_keys - Used to free all the keys from a gnutls_certificate_credentials_t structure @@ -191,12 +193,14 @@ gnutls_certificate_free_credentials (gnutls_certificate_credentials_t sc) gnutls_certificate_free_crls (sc); #endif +#ifdef ENABLE_OPENPGP #ifndef KEYRING_HACK if (_E_gnutls_openpgp_keyring_deinit) _E_gnutls_openpgp_keyring_deinit( sc->keyring); #else _gnutls_free_datum( &sc->keyring); #endif +#endif gnutls_free (sc); } @@ -436,6 +440,7 @@ _gnutls_x509_get_raw_crt_expiration_time (const gnutls_datum_t * cert) return result; } +#ifdef ENABLE_OPENPGP /*- * _gnutls_openpgp_crt_verify_peers - This function returns the peer's certificate status * @session: is a gnutls session @@ -485,13 +490,8 @@ _gnutls_openpgp_crt_verify_peers (gnutls_session_t session, /* Verify certificate */ - if (_E_gnutls_openpgp_verify_key == NULL) - { - gnutls_assert (); - return GNUTLS_E_INIT_LIBEXTRA; - } ret = - _E_gnutls_openpgp_verify_key (cred, &info->raw_certificate_list[0], + _gnutls_openpgp_verify_key (cred, &info->raw_certificate_list[0], peer_certificate_list_size, status); if (ret < 0) @@ -502,7 +502,7 @@ _gnutls_openpgp_crt_verify_peers (gnutls_session_t session, return 0; } - +#endif /** * gnutls_certificate_verify_peers2 - This function returns the peer's certificate verification status @@ -551,8 +551,10 @@ gnutls_certificate_verify_peers2 (gnutls_session_t session, { case GNUTLS_CRT_X509: return _gnutls_x509_cert_verify_peers (session, status); +#ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: return _gnutls_openpgp_crt_verify_peers (session, status); +#endif default: return GNUTLS_E_INVALID_REQUEST; } @@ -625,12 +627,12 @@ gnutls_certificate_expiration_time_peers (gnutls_session_t session) return _gnutls_x509_get_raw_crt_expiration_time (&info-> raw_certificate_list [0]); +#ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: - if (_E_gnutls_openpgp_get_raw_key_expiration_time == NULL) - return (time_t) - 1; - return _E_gnutls_openpgp_get_raw_key_expiration_time (&info-> + return _gnutls_openpgp_get_raw_key_expiration_time (&info-> raw_certificate_list [0]); +#endif default: return (time_t) - 1; } @@ -670,12 +672,12 @@ gnutls_certificate_activation_time_peers (gnutls_session_t session) return _gnutls_x509_get_raw_crt_activation_time (&info-> raw_certificate_list [0]); +#ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: - if (_E_gnutls_openpgp_get_raw_key_creation_time == NULL) - return (time_t) - 1; - return _E_gnutls_openpgp_get_raw_key_creation_time (&info-> + return _gnutls_openpgp_get_raw_key_creation_time (&info-> raw_certificate_list [0]); +#endif default: return (time_t) - 1; } @@ -691,45 +693,16 @@ _gnutls_raw_cert_to_gcert (gnutls_cert * gcert, { case GNUTLS_CRT_X509: return _gnutls_x509_raw_cert_to_gcert (gcert, raw_cert, flags); +#ifdef ENABLE_OPENPGP case GNUTLS_CRT_OPENPGP: - if (_E_gnutls_openpgp_raw_key_to_gcert == NULL) - { - gnutls_assert (); - return GNUTLS_E_INIT_LIBEXTRA; - } - return _E_gnutls_openpgp_raw_key_to_gcert (gcert, raw_cert); - default: - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } -} - -int -_gnutls_raw_privkey_to_gkey (gnutls_privkey * key, - gnutls_certificate_type_t type, - const gnutls_datum_t * raw_key, - int key_enc /* DER or PEM */ ) -{ - switch (type) - { - case GNUTLS_CRT_X509: - return _gnutls_x509_raw_privkey_to_gkey (key, raw_key, key_enc); - case GNUTLS_CRT_OPENPGP: - if (_E_gnutls_openpgp_raw_privkey_to_gkey == NULL) - { - gnutls_assert (); - return GNUTLS_E_INIT_LIBEXTRA; - } - return _E_gnutls_openpgp_raw_privkey_to_gkey (key, raw_key, - (gnutls_openpgp_crt_fmt_t) - key_enc); + return _gnutls_openpgp_raw_crt_to_gcert (gcert, raw_cert); +#endif default: gnutls_assert (); return GNUTLS_E_INTERNAL_ERROR; } } - /* This function will convert a der certificate to a format * (structure) that gnutls can understand and use. Actually the * important thing on this function is that it extracts the |