diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-02-09 09:37:35 +0000 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-02-09 09:37:35 +0000 |
| commit | e25325c312e339bd1a3624de4b877c73960b58c7 (patch) | |
| tree | 30c5ab7919ace214d2c4f7e5773538ffdb127cf2 /libextra | |
| parent | a72c0ee5e22684e8e995e1fc4871fa06e1edc30f (diff) | |
| download | gnutls-e25325c312e339bd1a3624de4b877c73960b58c7.tar.gz | |
Several internal changes to use the new certificate API. CRL support is complete.
Diffstat (limited to 'libextra')
| -rw-r--r-- | libextra/auth_srp_rsa.c | 6 | ||||
| -rw-r--r-- | libextra/gnutls_extra.h | 2 | ||||
| -rw-r--r-- | libextra/gnutls_openpgp.c | 63 | ||||
| -rw-r--r-- | libextra/gnutls_openpgp.h | 2 |
4 files changed, 8 insertions, 65 deletions
diff --git a/libextra/auth_srp_rsa.c b/libextra/auth_srp_rsa.c index af453777f3..d5937baf1f 100644 --- a/libextra/auth_srp_rsa.c +++ b/libextra/auth_srp_rsa.c @@ -175,7 +175,7 @@ opaque* p; case GNUTLS_CRT_X509: if ((ret = _gnutls_x509_cert2gnutls_cert( &peer_cert, - info->raw_certificate_list[0], CERT_NO_COPY)) < 0) { + &info->raw_certificate_list[0], CERT_NO_COPY)) < 0) { gnutls_assert(); return ret; } @@ -188,7 +188,7 @@ opaque* p; } if ((ret = _E_gnutls_openpgp_cert2gnutls_cert( &peer_cert, - info->raw_certificate_list[0])) < 0) { + &info->raw_certificate_list[0])) < 0) { gnutls_assert(); return ret; } @@ -204,7 +204,7 @@ opaque* p; &peer_cert, &vparams, &signature); - _gnutls_free_cert( peer_cert); + _gnutls_free_cert( &peer_cert); if (ret < 0) { gnutls_assert(); return ret; diff --git a/libextra/gnutls_extra.h b/libextra/gnutls_extra.h index 51676ed806..a458512b9d 100644 --- a/libextra/gnutls_extra.h +++ b/libextra/gnutls_extra.h @@ -7,4 +7,4 @@ typedef time_t (*OPENPGP_KEY_EXPIRATION_TIME_FUNC)( const gnutls_datum*); typedef int (*OPENPGP_KEY_REQUEST)(gnutls_session, gnutls_datum*, const gnutls_certificate_credentials, opaque*,int); typedef int (*OPENPGP_FINGERPRINT)(const gnutls_datum*, unsigned char*, size_t*); -typedef int (*OPENPGP_CERT2GNUTLS_CERT)(gnutls_cert*, gnutls_datum); +typedef int (*OPENPGP_CERT2GNUTLS_CERT)(gnutls_cert*, const gnutls_datum*); diff --git a/libextra/gnutls_openpgp.c b/libextra/gnutls_openpgp.c index 67321f182f..8a17e44b06 100644 --- a/libextra/gnutls_openpgp.c +++ b/libextra/gnutls_openpgp.c @@ -319,59 +319,12 @@ openpgp_pk_to_gnutls_cert( gnutls_cert *cert, cdkPKT_public_key *pk ) break; } } - if( !rc ) { - cert->expiration_time = pk->expiredate; - cert->activation_time = pk->timestamp; - } if( rc ) release_mpi_array( cert->params, i-1 ); return rc; } - -static int -openpgp_sig_to_gnutls_cert( gnutls_cert *cert, cdkPKT_signature *sig ) -{ - CDK_STREAM tmp; - CDK_PACKET pkt; - uint8 buf[4096]; - int rc, nread; - - if( !cert || !sig ) { - gnutls_assert( ); - return GNUTLS_E_INVALID_REQUEST; - } - - tmp = cdk_stream_tmp( ); - if( !tmp ) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; - } - - memset( &pkt, 0, sizeof pkt ); - pkt.pkttype = CDK_PKT_SIGNATURE; - pkt.pkt.signature = sig; - rc = cdk_pkt_build( tmp, &pkt ); - if( !rc ) { - cdk_stream_seek( tmp, 0 ); - nread = cdk_stream_read( tmp, buf, 4095 ); - if( nread ) { - rc = datum_append( &cert->signature, buf, nread ); - if( rc < 0 ) { - gnutls_assert( ); - rc = GNUTLS_E_MEMORY_ERROR; - } - } - } - else - rc = map_cdk_rc( rc ); - - cdk_stream_close( tmp ); - return rc; -} - - /*- * _gnutls_openpgp_key2gnutls_key - Converts an OpenPGP secret key to GnuTLS * @pkey: the GnuTLS private key context to store the key. @@ -463,7 +416,7 @@ leave: * specific certificate. -*/ int -_gnutls_openpgp_cert2gnutls_cert( gnutls_cert *cert, gnutls_datum raw ) +_gnutls_openpgp_cert2gnutls_cert( gnutls_cert *cert, const gnutls_datum *raw ) { CDK_KBNODE knode = NULL; CDK_PACKET *pkt = NULL; @@ -476,13 +429,13 @@ _gnutls_openpgp_cert2gnutls_cert( gnutls_cert *cert, gnutls_datum raw ) memset( cert, 0, sizeof *cert ); - rc = cdk_kbnode_read_from_mem( &knode, raw.data, raw.size ); + rc = cdk_kbnode_read_from_mem( &knode, raw->data, raw->size ); if( !(rc = map_cdk_rc( rc )) ) pkt = cdk_kbnode_find_packet( knode, CDK_PKT_PUBLIC_KEY ); if( !pkt ) rc = GNUTLS_E_INTERNAL_ERROR; if( !rc ) - rc = _gnutls_set_datum( &cert->raw, raw.data, raw.size ); + rc = _gnutls_set_datum( &cert->raw, raw->data, raw->size ); if( !rc ) rc = openpgp_pk_to_gnutls_cert( cert, pkt->pkt.public_key ); @@ -628,11 +581,6 @@ gnutls_certificate_set_openpgp_key_mem( gnutls_certificate_credentials res, openpgp_pk_to_gnutls_cert( &res->cert_list[n][0], pk ); i++; } - else if( pkt->pkttype == CDK_PKT_SIGNATURE ) { - int n = res->ncerts; - cdkPKT_signature *sig = pkt->pkt.signature; - openpgp_sig_to_gnutls_cert( &res->cert_list[n][0], sig ); - } } res->ncerts++; @@ -735,11 +683,6 @@ gnutls_certificate_set_openpgp_key_file( gnutls_certificate_credentials res, openpgp_pk_to_gnutls_cert( &res->cert_list[n][0], pk ); i++; } - else if( pkt->pkttype == CDK_PKT_SIGNATURE ) { - int n = res->ncerts; - cdkPKT_signature *sig = pkt->pkt.signature; - openpgp_sig_to_gnutls_cert( &res->cert_list[n][0], sig ); - } } } if( rc == CDK_EOF && i > 1 ) diff --git a/libextra/gnutls_openpgp.h b/libextra/gnutls_openpgp.h index 4260cb9411..c23c1d6d0b 100644 --- a/libextra/gnutls_openpgp.h +++ b/libextra/gnutls_openpgp.h @@ -93,7 +93,7 @@ int gnutls_openpgp_key_to_xml( /* internal */ int _gnutls_openpgp_cert2gnutls_cert( gnutls_cert *cert, - gnutls_datum raw ); + const gnutls_datum *raw ); int _gnutls_openpgp_request_key( |