summaryrefslogtreecommitdiff
path: root/libextra/gnutls_openpgp.c
diff options
context:
space:
mode:
Diffstat (limited to 'libextra/gnutls_openpgp.c')
-rw-r--r--libextra/gnutls_openpgp.c1214
1 files changed, 616 insertions, 598 deletions
diff --git a/libextra/gnutls_openpgp.c b/libextra/gnutls_openpgp.c
index 64aa0ccb21..c861e4dd48 100644
--- a/libextra/gnutls_openpgp.c
+++ b/libextra/gnutls_openpgp.c
@@ -40,144 +40,149 @@
-static void
-release_mpi_array( GNUTLS_MPI *arr, size_t n )
+static void release_mpi_array(GNUTLS_MPI * arr, size_t n)
{
GNUTLS_MPI x;
-
- while( arr && n-- ) {
- x = *arr;
- _gnutls_mpi_release( &x );
- *arr = NULL; arr++;
+
+ while (arr && n--) {
+ x = *arr;
+ _gnutls_mpi_release(&x);
+ *arr = NULL;
+ arr++;
}
}
-int
-_gnutls_map_cdk_rc( int rc )
+int _gnutls_map_cdk_rc(int rc)
{
- switch( rc ) {
- case CDK_Success: return 0;
- case CDK_Too_Short: return GNUTLS_E_SHORT_MEMORY_BUFFER;
- case CDK_General_Error: return GNUTLS_E_INTERNAL_ERROR;
- case CDK_File_Error: return GNUTLS_E_FILE_ERROR;
- case CDK_MPI_Error: return GNUTLS_E_MPI_SCAN_FAILED;
- case CDK_Error_No_Key: return GNUTLS_E_OPENPGP_GETKEY_FAILED;
- case CDK_Wrong_Format: return GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED;
- case CDK_Armor_Error: return GNUTLS_E_BASE64_DECODING_ERROR;
- case CDK_Inv_Value: return GNUTLS_E_INVALID_REQUEST;
- default: return GNUTLS_E_INTERNAL_ERROR;
+ switch (rc) {
+ case CDK_Success:
+ return 0;
+ case CDK_Too_Short:
+ return GNUTLS_E_SHORT_MEMORY_BUFFER;
+ case CDK_General_Error:
+ return GNUTLS_E_INTERNAL_ERROR;
+ case CDK_File_Error:
+ return GNUTLS_E_FILE_ERROR;
+ case CDK_MPI_Error:
+ return GNUTLS_E_MPI_SCAN_FAILED;
+ case CDK_Error_No_Key:
+ return GNUTLS_E_OPENPGP_GETKEY_FAILED;
+ case CDK_Wrong_Format:
+ return GNUTLS_E_OPENPGP_TRUSTDB_VERSION_UNSUPPORTED;
+ case CDK_Armor_Error:
+ return GNUTLS_E_BASE64_DECODING_ERROR;
+ case CDK_Inv_Value:
+ return GNUTLS_E_INVALID_REQUEST;
+ default:
+ return GNUTLS_E_INTERNAL_ERROR;
}
}
-static unsigned long
-buftou32( const uint8 *buf )
+static unsigned long buftou32(const uint8 * buf)
{
unsigned a;
- a = buf[0] << 24;
+ a = buf[0] << 24;
a |= buf[1] << 16;
- a |= buf[2] << 8;
+ a |= buf[2] << 8;
a |= buf[3];
return a;
}
-static int
-kbx_blob_new( keybox_blob **r_ctx )
+static int kbx_blob_new(keybox_blob ** r_ctx)
{
keybox_blob *c;
-
- if( !r_ctx ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!r_ctx) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
-
- c = cdk_calloc( 1, sizeof * c );
- if( !c ) {
- gnutls_assert( );
- return GNUTLS_E_MEMORY_ERROR;
+
+ c = cdk_calloc(1, sizeof *c);
+ if (!c) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
}
*r_ctx = c;
-
+
return 0;
}
-void
-kbx_blob_release( keybox_blob *ctx )
+void kbx_blob_release(keybox_blob * ctx)
{
- if( ctx ) {
- cdk_free( ctx->data );
- cdk_free( ctx );
+ if (ctx) {
+ cdk_free(ctx->data);
+ cdk_free(ctx);
}
}
-cdk_keydb_hd_t
-kbx_to_keydb( keybox_blob *blob )
+cdk_keydb_hd_t kbx_to_keydb(keybox_blob * blob)
{
cdk_keydb_hd_t hd;
int rc;
- if( !blob ) {
- gnutls_assert( );
- return NULL;
+ if (!blob) {
+ gnutls_assert();
+ return NULL;
}
-
- switch( blob->type ) {
+
+ switch (blob->type) {
case KBX_BLOB_FILE:
- rc = cdk_keydb_new( &hd, CDK_DBTYPE_PK_KEYRING, blob->data, blob->size );
- break;
-
+ rc = cdk_keydb_new(&hd, CDK_DBTYPE_PK_KEYRING, blob->data,
+ blob->size);
+ break;
+
case KBX_BLOB_DATA:
- rc = cdk_keydb_new( &hd, CDK_DBTYPE_DATA, blob->data, blob->size );
- break;
+ rc = cdk_keydb_new(&hd, CDK_DBTYPE_DATA, blob->data, blob->size);
+ break;
default:
- rc = GNUTLS_E_INTERNAL_ERROR;
- gnutls_assert( );
- break;
+ rc = GNUTLS_E_INTERNAL_ERROR;
+ gnutls_assert();
+ break;
}
- if( rc )
- hd = NULL;
+ if (rc)
+ hd = NULL;
return hd;
}
/* Extract a keybox blob from the given position. */
-keybox_blob*
-kbx_read_blob( const gnutls_datum* keyring, size_t pos )
+keybox_blob *kbx_read_blob(const gnutls_datum * keyring, size_t pos)
{
keybox_blob *blob = NULL;
int rc;
-
- if( !keyring || !keyring->data || pos > keyring->size ) {
- gnutls_assert( );
- return NULL;
- }
-
- rc = kbx_blob_new( &blob );
- if( rc )
- return NULL;
-
+
+ if (!keyring || !keyring->data || pos > keyring->size) {
+ gnutls_assert();
+ return NULL;
+ }
+
+ rc = kbx_blob_new(&blob);
+ if (rc)
+ return NULL;
+
blob->type = keyring->data[pos];
- if( blob->type != KBX_BLOB_FILE && blob->type != KBX_BLOB_DATA ) {
- kbx_blob_release( blob );
- return NULL;
+ if (blob->type != KBX_BLOB_FILE && blob->type != KBX_BLOB_DATA) {
+ kbx_blob_release(blob);
+ return NULL;
}
blob->armored = keyring->data[pos + 1];
- blob->size = buftou32( keyring->data + pos + 2 );
- if( !blob->size ) {
- kbx_blob_release( blob );
- return NULL;
- }
- blob->data = cdk_calloc( 1, blob->size + 1 );
- if( !blob->data )
- return NULL;
- memcpy( blob->data, keyring->data + (pos + 6), blob->size );
+ blob->size = buftou32(keyring->data + pos + 2);
+ if (!blob->size) {
+ kbx_blob_release(blob);
+ return NULL;
+ }
+ blob->data = cdk_calloc(1, blob->size + 1);
+ if (!blob->data)
+ return NULL;
+ memcpy(blob->data, keyring->data + (pos + 6), blob->size);
blob->data[blob->size] = '\0';
-
+
return blob;
}
@@ -190,91 +195,89 @@ kbx_read_blob( const gnutls_datum* keyring, size_t pos )
* 4 octet size of blob
* n octets data
*/
-static uint8*
-kbx_data_to_keyring( int type, int enc, const char *data,
- size_t size, size_t *r_size )
+static uint8 *kbx_data_to_keyring(int type, int enc, const char *data,
+ size_t size, size_t * r_size)
{
uint8 *p = NULL;
- if( !data )
- return NULL;
-
- p = gnutls_malloc( 1+4+size );
- if( !p )
- return NULL;
- p[0] = type; /* type: {keyring,name} */
- p[1] = enc; /* encoded: {plain, armored} */
+ if (!data)
+ return NULL;
+
+ p = gnutls_malloc(1 + 4 + size);
+ if (!p)
+ return NULL;
+ p[0] = type; /* type: {keyring,name} */
+ p[1] = enc; /* encoded: {plain, armored} */
p[2] = size >> 24;
p[3] = size >> 16;
- p[4] = size >> 8;
- p[5] = size ;
- memcpy( p + 6, data, size );
- if( r_size )
- *r_size = 6 + size;
+ p[4] = size >> 8;
+ p[5] = size;
+ memcpy(p + 6, data, size);
+ if (r_size)
+ *r_size = 6 + size;
return p;
}
-cdk_packet_t search_packet( const gnutls_datum *buf, int pkttype )
+cdk_packet_t search_packet(const gnutls_datum * buf, int pkttype)
{
static cdk_kbnode_t knode = NULL;
cdk_packet_t pkt;
- if( !buf && !pkttype ) {
- cdk_kbnode_release( knode );
- knode = NULL;
- return NULL;
+ if (!buf && !pkttype) {
+ cdk_kbnode_release(knode);
+ knode = NULL;
+ return NULL;
}
- if( cdk_kbnode_read_from_mem( &knode, buf->data, buf->size ) )
- return NULL;
- pkt = cdk_kbnode_find_packet( knode, pkttype );
+ if (cdk_kbnode_read_from_mem(&knode, buf->data, buf->size))
+ return NULL;
+ pkt = cdk_kbnode_find_packet(knode, pkttype);
return pkt;
}
static int
-openpgp_pk_to_gnutls_cert( gnutls_cert *cert, cdk_pkt_pubkey_t pk )
+openpgp_pk_to_gnutls_cert(gnutls_cert * cert, cdk_pkt_pubkey_t pk)
{
uint8 buf[512];
size_t nbytes = 0;
int algo, i;
int rc = 0;
-
- if( !cert || !pk ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!cert || !pk) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
/* GnuTLS OpenPGP doesn't support ELG keys */
- if( is_ELG(pk->pubkey_algo) )
- return GNUTLS_E_UNWANTED_ALGORITHM;
+ if (is_ELG(pk->pubkey_algo))
+ return GNUTLS_E_UNWANTED_ALGORITHM;
- algo = is_DSA( pk->pubkey_algo )? GNUTLS_PK_DSA : GNUTLS_PK_RSA;
+ algo = is_DSA(pk->pubkey_algo) ? GNUTLS_PK_DSA : GNUTLS_PK_RSA;
cert->subject_pk_algorithm = algo;
cert->version = pk->version;
cert->cert_type = GNUTLS_CRT_OPENPGP;
- if( is_DSA(pk->pubkey_algo) || pk->pubkey_algo == GCRY_PK_RSA_S )
- cert->keyUsage = KEY_DIGITAL_SIGNATURE;
- else if( pk->pubkey_algo == GCRY_PK_RSA_E )
- cert->keyUsage = KEY_KEY_ENCIPHERMENT;
- else if( pk->pubkey_algo == GCRY_PK_RSA )
- cert->keyUsage = KEY_DIGITAL_SIGNATURE
- | KEY_KEY_ENCIPHERMENT;
-
- cert->params_size = cdk_pk_get_npkey( pk->pubkey_algo );
- for( i = 0; i < cert->params_size; i++ ) {
- nbytes = sizeof buf-1;
- cdk_pk_get_mpi( pk, i, buf, &nbytes, NULL );
- rc = _gnutls_mpi_scan_pgp( &cert->params[i], buf, &nbytes );
- if( rc ) {
- rc = GNUTLS_E_MPI_SCAN_FAILED;
- break;
- }
- }
-
- if( rc )
- release_mpi_array( cert->params, i-1 );
+ if (is_DSA(pk->pubkey_algo) || pk->pubkey_algo == GCRY_PK_RSA_S)
+ cert->keyUsage = KEY_DIGITAL_SIGNATURE;
+ else if (pk->pubkey_algo == GCRY_PK_RSA_E)
+ cert->keyUsage = KEY_KEY_ENCIPHERMENT;
+ else if (pk->pubkey_algo == GCRY_PK_RSA)
+ cert->keyUsage = KEY_DIGITAL_SIGNATURE | KEY_KEY_ENCIPHERMENT;
+
+ cert->params_size = cdk_pk_get_npkey(pk->pubkey_algo);
+ for (i = 0; i < cert->params_size; i++) {
+ nbytes = sizeof buf - 1;
+ cdk_pk_get_mpi(pk, i, buf, &nbytes, NULL);
+ rc = _gnutls_mpi_scan_pgp(&cert->params[i], buf, &nbytes);
+ if (rc) {
+ rc = GNUTLS_E_MPI_SCAN_FAILED;
+ break;
+ }
+ }
+
+ if (rc)
+ release_mpi_array(cert->params, i - 1);
return rc;
}
@@ -289,8 +292,8 @@ openpgp_pk_to_gnutls_cert( gnutls_cert *cert, cdk_pkt_pubkey_t pk )
* This function can read both BASE64 and RAW keys.
-*/
int
-_gnutls_openpgp_raw_privkey_to_gkey( gnutls_privkey *pkey,
- const gnutls_datum *raw_key)
+_gnutls_openpgp_raw_privkey_to_gkey(gnutls_privkey * pkey,
+ const gnutls_datum * raw_key)
{
cdk_kbnode_t snode;
cdk_packet_t pkt;
@@ -301,64 +304,64 @@ _gnutls_openpgp_raw_privkey_to_gkey( gnutls_privkey *pkey,
uint8 buf[512];
int rc = 0;
- if( !pkey || raw_key->size <= 0 ) {
- gnutls_assert( );
- return GNUTLS_E_CERTIFICATE_ERROR;
+ if (!pkey || raw_key->size <= 0) {
+ gnutls_assert();
+ return GNUTLS_E_CERTIFICATE_ERROR;
}
- out = cdk_stream_tmp( );
- if( !out )
- return GNUTLS_E_CERTIFICATE_ERROR;
+ out = cdk_stream_tmp();
+ if (!out)
+ return GNUTLS_E_CERTIFICATE_ERROR;
- cdk_stream_write( out, raw_key->data, raw_key->size );
- cdk_stream_seek( out, 0 );
+ cdk_stream_write(out, raw_key->data, raw_key->size);
+ cdk_stream_seek(out, 0);
- cdk_keydb_get_keyblock( out, &snode );
- if( !snode ) {
- rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
- goto leave;
+ cdk_keydb_get_keyblock(out, &snode);
+ if (!snode) {
+ rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
+ goto leave;
}
- pkt = cdk_kbnode_find_packet( snode, CDK_PKT_SECRET_KEY );
- if( !pkt ) {
- rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
- goto leave;
+ pkt = cdk_kbnode_find_packet(snode, CDK_PKT_SECRET_KEY);
+ if (!pkt) {
+ rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
+ goto leave;
}
sk = pkt->pkt.secret_key;
pke_algo = sk->pk->pubkey_algo;
- pkey->params_size = cdk_pk_get_npkey( pke_algo );
- for( i = 0; i < pkey->params_size; i++ ) {
- nbytes = sizeof buf -1;
- cdk_pk_get_mpi( sk->pk, i, buf, &nbytes, NULL );
- rc = _gnutls_mpi_scan_pgp( &pkey->params[i], buf, &nbytes );
- if( rc ) {
- rc = GNUTLS_E_MPI_SCAN_FAILED;
- release_mpi_array( pkey->params, i-1 );
- goto leave;
- }
- }
- pkey->params_size += cdk_pk_get_nskey( pke_algo );
- for( j = 0; j < cdk_pk_get_nskey( pke_algo ); j++, i++ ) {
- nbytes = sizeof buf-1;
- cdk_sk_get_mpi( sk, j, buf, &nbytes, NULL );
- rc = _gnutls_mpi_scan_pgp( &pkey->params[i], buf, &nbytes );
- if ( rc ) {
- rc = GNUTLS_E_MPI_SCAN_FAILED;
- release_mpi_array( pkey->params, i-1 );
- goto leave;
- }
- }
-
- if( is_ELG(pke_algo) )
- return GNUTLS_E_UNWANTED_ALGORITHM;
- else if( is_DSA(pke_algo) )
- pkey->pk_algorithm = GNUTLS_PK_DSA;
- else if( is_RSA(pke_algo) )
- pkey->pk_algorithm = GNUTLS_PK_RSA;
-
-leave:
- cdk_stream_close( out );
- cdk_kbnode_release( snode );
+ pkey->params_size = cdk_pk_get_npkey(pke_algo);
+ for (i = 0; i < pkey->params_size; i++) {
+ nbytes = sizeof buf - 1;
+ cdk_pk_get_mpi(sk->pk, i, buf, &nbytes, NULL);
+ rc = _gnutls_mpi_scan_pgp(&pkey->params[i], buf, &nbytes);
+ if (rc) {
+ rc = GNUTLS_E_MPI_SCAN_FAILED;
+ release_mpi_array(pkey->params, i - 1);
+ goto leave;
+ }
+ }
+ pkey->params_size += cdk_pk_get_nskey(pke_algo);
+ for (j = 0; j < cdk_pk_get_nskey(pke_algo); j++, i++) {
+ nbytes = sizeof buf - 1;
+ cdk_sk_get_mpi(sk, j, buf, &nbytes, NULL);
+ rc = _gnutls_mpi_scan_pgp(&pkey->params[i], buf, &nbytes);
+ if (rc) {
+ rc = GNUTLS_E_MPI_SCAN_FAILED;
+ release_mpi_array(pkey->params, i - 1);
+ goto leave;
+ }
+ }
+
+ if (is_ELG(pke_algo))
+ return GNUTLS_E_UNWANTED_ALGORITHM;
+ else if (is_DSA(pke_algo))
+ pkey->pk_algorithm = GNUTLS_PK_DSA;
+ else if (is_RSA(pke_algo))
+ pkey->pk_algorithm = GNUTLS_PK_RSA;
+
+ leave:
+ cdk_stream_close(out);
+ cdk_kbnode_release(snode);
return rc;
}
@@ -372,32 +375,33 @@ leave:
* specific certificate.
-*/
int
-_gnutls_openpgp_raw_key_to_gcert( gnutls_cert *cert, const gnutls_datum *raw )
+_gnutls_openpgp_raw_key_to_gcert(gnutls_cert * cert,
+ const gnutls_datum * raw)
{
cdk_kbnode_t knode = NULL;
cdk_packet_t pkt = NULL;
int rc;
-
- if( !cert ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!cert) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- memset( cert, 0, sizeof *cert );
+ memset(cert, 0, sizeof *cert);
- rc = cdk_kbnode_read_from_mem( &knode, raw->data, raw->size );
- if( !(rc = _gnutls_map_cdk_rc( rc )) )
- pkt = cdk_kbnode_find_packet( knode, CDK_PKT_PUBLIC_KEY );
- if( !pkt ) {
- gnutls_assert();
- rc = _gnutls_map_cdk_rc( rc);
+ rc = cdk_kbnode_read_from_mem(&knode, raw->data, raw->size);
+ if (!(rc = _gnutls_map_cdk_rc(rc)))
+ pkt = cdk_kbnode_find_packet(knode, CDK_PKT_PUBLIC_KEY);
+ if (!pkt) {
+ gnutls_assert();
+ rc = _gnutls_map_cdk_rc(rc);
}
- if( !rc )
- rc = _gnutls_set_datum( &cert->raw, raw->data, raw->size );
- if( !rc )
- rc = openpgp_pk_to_gnutls_cert( cert, pkt->pkt.public_key );
+ if (!rc)
+ rc = _gnutls_set_datum(&cert->raw, raw->data, raw->size);
+ if (!rc)
+ rc = openpgp_pk_to_gnutls_cert(cert, pkt->pkt.public_key);
- cdk_kbnode_release( knode );
+ cdk_kbnode_release(knode);
return rc;
}
@@ -413,93 +417,90 @@ _gnutls_openpgp_raw_key_to_gcert( gnutls_cert *cert, const gnutls_datum *raw )
* from a binary or a file keyring.
-*/
int
-gnutls_openpgp_get_key( gnutls_datum *key, const gnutls_datum *keyring,
- key_attr_t by, opaque *pattern )
+gnutls_openpgp_get_key(gnutls_datum * key, const gnutls_datum * keyring,
+ key_attr_t by, opaque * pattern)
{
keybox_blob *blob = NULL;
cdk_keydb_hd_t hd = NULL;
cdk_kbnode_t knode = NULL;
unsigned long keyid[2];
unsigned char *buf;
- void * desc;
+ void *desc;
size_t len;
int rc = 0;
-
- if( !key || !keyring || by == KEY_ATTR_NONE ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
- }
- memset( key, 0, sizeof *key );
- blob = kbx_read_blob( keyring, 0 );
- if( !blob )
- return GNUTLS_E_MEMORY_ERROR;
- hd = kbx_to_keydb( blob );
-
- if( by == KEY_ATTR_SHORT_KEYID ) {
- keyid[0] = buftou32( pattern );
- desc = keyid;
+ if (!key || !keyring || by == KEY_ATTR_NONE) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- else if( by == KEY_ATTR_KEYID ) {
- keyid[0] = buftou32( pattern );
- keyid[1] = buftou32( pattern + 4 );
- desc = keyid;
+
+ memset(key, 0, sizeof *key);
+ blob = kbx_read_blob(keyring, 0);
+ if (!blob)
+ return GNUTLS_E_MEMORY_ERROR;
+ hd = kbx_to_keydb(blob);
+
+ if (by == KEY_ATTR_SHORT_KEYID) {
+ keyid[0] = buftou32(pattern);
+ desc = keyid;
+ } else if (by == KEY_ATTR_KEYID) {
+ keyid[0] = buftou32(pattern);
+ keyid[1] = buftou32(pattern + 4);
+ desc = keyid;
+ } else
+ desc = pattern;
+ rc = cdk_keydb_search_start(hd, by, desc);
+ if (rc) {
+ rc = _gnutls_map_cdk_rc(rc);
+ goto leave;
}
- else
- desc = pattern;
- rc = cdk_keydb_search_start( hd, by, desc );
- if( rc ) {
- rc = _gnutls_map_cdk_rc( rc );
- goto leave;
+
+ rc = cdk_keydb_search(hd, &knode);
+ if (rc) {
+ rc = _gnutls_map_cdk_rc(rc);
+ goto leave;
}
-
- rc = cdk_keydb_search( hd, &knode );
- if( rc ) {
- rc = _gnutls_map_cdk_rc( rc );
- goto leave;
- }
- if( !cdk_kbnode_find( knode, CDK_PKT_PUBLIC_KEY ) ) {
- rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
- goto leave;
+ if (!cdk_kbnode_find(knode, CDK_PKT_PUBLIC_KEY)) {
+ rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
+ goto leave;
}
len = 20000;
- buf = cdk_calloc (1, len + 1);
- rc = cdk_kbnode_write_to_mem( knode, buf, &len );
- if( !rc )
- datum_append( key, buf, len );
- cdk_free( buf );
-
-leave:
- cdk_free( hd );
- cdk_kbnode_release( knode );
- kbx_blob_release( blob );
+ buf = cdk_calloc(1, len + 1);
+ rc = cdk_kbnode_write_to_mem(knode, buf, &len);
+ if (!rc)
+ datum_append(key, buf, len);
+ cdk_free(buf);
+
+ leave:
+ cdk_free(hd);
+ cdk_kbnode_release(knode);
+ kbx_blob_release(blob);
return rc;
}
-static int
-stream_to_datum( cdk_stream_t inp, gnutls_datum *raw )
+static int stream_to_datum(cdk_stream_t inp, gnutls_datum * raw)
{
uint8 buf[4096];
int rc = 0, nread, nbytes = 0;
-
- if( !buf || !raw ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!buf || !raw) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- cdk_stream_seek( inp, 0 );
- while( !cdk_stream_eof( inp ) ) {
- nread = cdk_stream_read( inp, buf, sizeof buf-1 );
- if( nread == EOF )
- break;
- datum_append( raw, buf, nread );
- nbytes += nread;
+ cdk_stream_seek(inp, 0);
+ while (!cdk_stream_eof(inp)) {
+ nread = cdk_stream_read(inp, buf, sizeof buf - 1);
+ if (nread == EOF)
+ break;
+ datum_append(raw, buf, nread);
+ nbytes += nread;
}
- cdk_stream_seek( inp, 0 );
- if( !nbytes )
- rc = GNUTLS_E_INTERNAL_ERROR;
+ cdk_stream_seek(inp, 0);
+ if (!nbytes)
+ rc = GNUTLS_E_INTERNAL_ERROR;
return rc;
}
@@ -517,8 +518,9 @@ stream_to_datum( cdk_stream_t inp, gnutls_datum *raw )
* should only contain one key which should not be encrypted.
**/
int
-gnutls_certificate_set_openpgp_key_mem( gnutls_certificate_credentials res,
- const gnutls_datum *cert, const gnutls_datum *key )
+gnutls_certificate_set_openpgp_key_mem(gnutls_certificate_credentials res,
+ const gnutls_datum * cert,
+ const gnutls_datum * key)
{
gnutls_datum raw;
cdk_kbnode_t knode = NULL, ctx = NULL, p;
@@ -526,115 +528,121 @@ gnutls_certificate_set_openpgp_key_mem( gnutls_certificate_credentials res,
int i = 0;
int rc = 0;
cdk_stream_t inp = NULL;
-
- if ( !res || !key || !cert ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!res || !key || !cert) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- inp = cdk_stream_tmp_from_mem( cert->data, cert->size);
+ inp = cdk_stream_tmp_from_mem(cert->data, cert->size);
if (inp == NULL) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ gnutls_assert();
+ return GNUTLS_E_INTERNAL_ERROR;
}
-
- if( cdk_armor_filter_use( inp ) ) {
- cdk_stream_set_armor_flag( inp, 0 );
+
+ if (cdk_armor_filter_use(inp)) {
+ cdk_stream_set_armor_flag(inp, 0);
}
res->cert_list = gnutls_realloc_fast(res->cert_list,
- (1+res->ncerts)*sizeof(gnutls_cert*));
+ (1 +
+ res->ncerts) *
+ sizeof(gnutls_cert *));
if (res->cert_list == NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
}
res->cert_list_length = gnutls_realloc_fast(res->cert_list_length,
- (1+res->ncerts)*sizeof(int));
+ (1 +
+ res->ncerts) *
+ sizeof(int));
if (res->cert_list_length == NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
}
res->cert_list[res->ncerts] = gnutls_calloc(1, sizeof(gnutls_cert));
if (res->cert_list[res->ncerts] == NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
}
i = 1;
- rc = cdk_keydb_get_keyblock( inp, &knode );
-
- while( knode && (p = cdk_kbnode_walk( knode, &ctx, 0 )) ) {
- pkt = cdk_kbnode_get_packet( p );
- if( i > MAX_PUBLIC_PARAMS_SIZE ) {
- gnutls_assert();
- break;
- }
- if( pkt->pkttype == CDK_PKT_PUBLIC_KEY ) {
- int n = res->ncerts;
-
- cdk_pkt_pubkey_t pk = pkt->pkt.public_key;
- res->cert_list_length[n] = 1;
-
- if (stream_to_datum( inp, &res->cert_list[n][0].raw )) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
- openpgp_pk_to_gnutls_cert( &res->cert_list[n][0], pk );
- i++;
- }
- }
-
- if( rc == CDK_EOF && i > 1)
- rc = 0;
-
- cdk_stream_close( inp );
-
+ rc = cdk_keydb_get_keyblock(inp, &knode);
+
+ while (knode && (p = cdk_kbnode_walk(knode, &ctx, 0))) {
+ pkt = cdk_kbnode_get_packet(p);
+ if (i > MAX_PUBLIC_PARAMS_SIZE) {
+ gnutls_assert();
+ break;
+ }
+ if (pkt->pkttype == CDK_PKT_PUBLIC_KEY) {
+ int n = res->ncerts;
+
+ cdk_pkt_pubkey_t pk = pkt->pkt.public_key;
+ res->cert_list_length[n] = 1;
+
+ if (stream_to_datum(inp, &res->cert_list[n][0].raw)) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ openpgp_pk_to_gnutls_cert(&res->cert_list[n][0], pk);
+ i++;
+ }
+ }
+
+ if (rc == CDK_EOF && i > 1)
+ rc = 0;
+
+ cdk_stream_close(inp);
+
if (rc) {
- cdk_kbnode_release( knode );
- gnutls_assert();
- rc = _gnutls_map_cdk_rc( rc );
- goto leave;
- }
-
+ cdk_kbnode_release(knode);
+ gnutls_assert();
+ rc = _gnutls_map_cdk_rc(rc);
+ goto leave;
+ }
+
res->ncerts++;
res->pkey = gnutls_realloc_fast(res->pkey,
- (res->ncerts)*sizeof(gnutls_privkey));
- if( !res->pkey ) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ (res->ncerts) *
+ sizeof(gnutls_privkey));
+ if (!res->pkey) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
}
/* ncerts has been incremented before */
- inp = cdk_stream_tmp_from_mem( key->data, key->size);
+ inp = cdk_stream_tmp_from_mem(key->data, key->size);
if (inp == NULL) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
- }
-
- if( cdk_armor_filter_use( inp ) )
- cdk_stream_set_armor_flag( inp, 0 );
-
- memset( &raw, 0, sizeof raw );
-
- if (stream_to_datum( inp, &raw )) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
- }
- cdk_stream_close( inp );
-
- rc = _gnutls_openpgp_raw_privkey_to_gkey( &res->pkey[res->ncerts-1], &raw);
+ gnutls_assert();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ if (cdk_armor_filter_use(inp))
+ cdk_stream_set_armor_flag(inp, 0);
+
+ memset(&raw, 0, sizeof raw);
+
+ if (stream_to_datum(inp, &raw)) {
+ gnutls_assert();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+ cdk_stream_close(inp);
+
+ rc = _gnutls_openpgp_raw_privkey_to_gkey(&res->pkey[res->ncerts - 1],
+ &raw);
if (rc) {
- gnutls_assert();
+ gnutls_assert();
}
_gnutls_free_datum(&raw);
-leave:
- cdk_kbnode_release( knode );
-
+ leave:
+ cdk_kbnode_release(knode);
+
return rc;
}
@@ -650,80 +658,78 @@ leave:
* should only contain one key which should not be encrypted.
**/
int
-gnutls_certificate_set_openpgp_key_file( gnutls_certificate_credentials res,
- const char* certfile,
- const char* keyfile )
+gnutls_certificate_set_openpgp_key_file(gnutls_certificate_credentials res,
+ const char *certfile,
+ const char *keyfile)
{
struct stat statbuf;
int rc = 0;
gnutls_datum key, cert;
strfile xcert, xkey;
- if( !res || !keyfile || !certfile ) {
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ if (!res || !keyfile || !certfile) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- if( stat( certfile, &statbuf ) || stat( keyfile, &statbuf ) ) {
- gnutls_assert();
- return GNUTLS_E_FILE_ERROR;
+ if (stat(certfile, &statbuf) || stat(keyfile, &statbuf)) {
+ gnutls_assert();
+ return GNUTLS_E_FILE_ERROR;
}
- xcert = _gnutls_file_to_str( certfile);
+ xcert = _gnutls_file_to_str(certfile);
if (xcert.data == NULL) {
- gnutls_assert();
- return GNUTLS_E_FILE_ERROR;
+ gnutls_assert();
+ return GNUTLS_E_FILE_ERROR;
}
- xkey = _gnutls_file_to_str( keyfile);
+ xkey = _gnutls_file_to_str(keyfile);
if (xkey.data == NULL) {
- gnutls_assert();
- _gnutls_strfile_free(&xcert);
- return GNUTLS_E_FILE_ERROR;
+ gnutls_assert();
+ _gnutls_strfile_free(&xcert);
+ return GNUTLS_E_FILE_ERROR;
}
-
+
key.data = xkey.data;
key.size = xkey.size;
-
+
cert.data = xcert.data;
cert.size = xcert.size;
- rc = gnutls_certificate_set_openpgp_key_mem( res,
- &cert, &key);
+ rc = gnutls_certificate_set_openpgp_key_mem(res, &cert, &key);
_gnutls_strfile_free(&xcert);
_gnutls_strfile_free(&xkey);
-
+
if (rc < 0) {
- gnutls_assert();
- return rc;
+ gnutls_assert();
+ return rc;
}
return 0;
}
-int
-gnutls_openpgp_count_key_names( const gnutls_datum *cert )
+int gnutls_openpgp_count_key_names(const gnutls_datum * cert)
{
cdk_kbnode_t knode, p, ctx = NULL;
cdk_packet_t pkt;
int nuids = 0;
- if( cert == NULL ) {
- gnutls_assert();
- return 0;
+ if (cert == NULL) {
+ gnutls_assert();
+ return 0;
}
- if( cdk_kbnode_read_from_mem( &knode, cert->data, cert->size ) ) {
- gnutls_assert();
- return 0;
+ if (cdk_kbnode_read_from_mem(&knode, cert->data, cert->size)) {
+ gnutls_assert();
+ return 0;
}
- while( (p = cdk_kbnode_walk( knode, &ctx, 0 )) ) {
- pkt = cdk_kbnode_get_packet( p );
- if( pkt->pkttype == CDK_PKT_USER_ID )
- nuids++;
+ while ((p = cdk_kbnode_walk(knode, &ctx, 0))) {
+ pkt = cdk_kbnode_get_packet(p);
+ if (pkt->pkttype == CDK_PKT_USER_ID)
+ nuids++;
}
-
+
return nuids;
}
@@ -741,33 +747,33 @@ gnutls_openpgp_count_key_names( const gnutls_datum *cert )
* is needed for an operations.
-*/
int
-gnutls_openpgp_add_keyring_file(gnutls_datum *keyring, const char *name)
+gnutls_openpgp_add_keyring_file(gnutls_datum * keyring, const char *name)
{
cdk_stream_t inp = NULL;
uint8 *blob;
size_t nbytes;
int enc = 0;
int rc = 0;
-
- if( !keyring || !name ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- rc = cdk_stream_open( name, &inp );
- if( rc )
- return _gnutls_map_cdk_rc( rc );
- enc = cdk_armor_filter_use( inp );
- cdk_stream_close( inp );
-
- blob = kbx_data_to_keyring( KBX_BLOB_FILE, enc, name,
- strlen( name ), &nbytes);
- if( blob && nbytes ) {
- if ( datum_append( keyring, blob, nbytes ) < 0 ) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
- gnutls_free( blob );
+
+ if (!keyring || !name) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ rc = cdk_stream_open(name, &inp);
+ if (rc)
+ return _gnutls_map_cdk_rc(rc);
+ enc = cdk_armor_filter_use(inp);
+ cdk_stream_close(inp);
+
+ blob = kbx_data_to_keyring(KBX_BLOB_FILE, enc, name,
+ strlen(name), &nbytes);
+ if (blob && nbytes) {
+ if (datum_append(keyring, blob, nbytes) < 0) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ gnutls_free(blob);
}
return 0;
}
@@ -783,26 +789,26 @@ gnutls_openpgp_add_keyring_file(gnutls_datum *keyring, const char *name)
* data instead of the filename.
-*/
int
-gnutls_openpgp_add_keyring_mem(gnutls_datum *keyring,
- const void *data, size_t len)
+gnutls_openpgp_add_keyring_mem(gnutls_datum * keyring,
+ const void *data, size_t len)
{
uint8 *blob;
size_t nbytes = 0;
-
- if( !keyring || !data || !len ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- blob = kbx_data_to_keyring( KBX_BLOB_DATA, 0, data, len, &nbytes );
- if( blob && nbytes ) {
- if ( datum_append( keyring, blob, nbytes ) < 0 ) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
- gnutls_free( blob );
- }
-
+
+ if (!keyring || !data || !len) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ blob = kbx_data_to_keyring(KBX_BLOB_DATA, 0, data, len, &nbytes);
+ if (blob && nbytes) {
+ if (datum_append(keyring, blob, nbytes) < 0) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ gnutls_free(blob);
+ }
+
return 0;
}
@@ -818,60 +824,61 @@ gnutls_openpgp_add_keyring_mem(gnutls_datum *keyring,
*
**/
int
-gnutls_certificate_set_openpgp_keyring_file( gnutls_certificate_credentials c,
- const char *file )
+gnutls_certificate_set_openpgp_keyring_file(gnutls_certificate_credentials
+ c, const char *file)
{
struct stat statbuf;
-
- if( !c || !file ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!c || !file) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- if( stat( file, &statbuf ) )
- return GNUTLS_E_FILE_ERROR;
+ if (stat(file, &statbuf))
+ return GNUTLS_E_FILE_ERROR;
- return gnutls_openpgp_add_keyring_file( &c->keyring, file );
+ return gnutls_openpgp_add_keyring_file(&c->keyring, file);
}
int
-gnutls_certificate_set_openpgp_keyring_mem( gnutls_certificate_credentials c,
- const opaque *data, size_t dlen )
+gnutls_certificate_set_openpgp_keyring_mem(gnutls_certificate_credentials
+ c, const opaque * data,
+ size_t dlen)
{
cdk_stream_t inp;
size_t count;
uint8 *buf;
int rc = 0;
-
- if( !c || !data || !dlen ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+
+ if (!c || !data || !dlen) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
- inp = cdk_stream_tmp_from_mem( data, dlen );
- if( !inp )
- return GNUTLS_E_FILE_ERROR;
-
+ inp = cdk_stream_tmp_from_mem(data, dlen);
+ if (!inp)
+ return GNUTLS_E_FILE_ERROR;
+
/* Maybe it's a little confusing that we check the output..
but it's possible, that the data we want to add, is armored
and we only want to store plaintext keyring data. */
- if( cdk_armor_filter_use( inp ) )
- cdk_stream_set_armor_flag( inp, 0 );
+ if (cdk_armor_filter_use(inp))
+ cdk_stream_set_armor_flag(inp, 0);
/* fixme: this is possible the armored length. */
- count = cdk_stream_get_length( inp );
- buf = gnutls_malloc( count + 1 );
- if( !buf ) {
- gnutls_assert();
- cdk_stream_close( inp );
- return GNUTLS_E_MEMORY_ERROR;
+ count = cdk_stream_get_length(inp);
+ buf = gnutls_malloc(count + 1);
+ if (!buf) {
+ gnutls_assert();
+ cdk_stream_close(inp);
+ return GNUTLS_E_MEMORY_ERROR;
}
- count = cdk_stream_read( inp, buf, count );
- buf[count] = '\0';
- rc = gnutls_openpgp_add_keyring_mem( &c->keyring, buf, count );
- cdk_stream_close( inp );
+ count = cdk_stream_read(inp, buf, count);
+ buf[count] = '\0';
+ rc = gnutls_openpgp_add_keyring_mem(&c->keyring, buf, count);
+ cdk_stream_close(inp);
return rc;
}
@@ -888,36 +895,36 @@ gnutls_certificate_set_openpgp_keyring_mem( gnutls_certificate_credentials c,
*
-*/
int
-_gnutls_openpgp_request_key( gnutls_session session, gnutls_datum* ret,
- const gnutls_certificate_credentials cred,
- opaque* key_fpr,
- int key_fpr_size)
+_gnutls_openpgp_request_key(gnutls_session session, gnutls_datum * ret,
+ const gnutls_certificate_credentials cred,
+ opaque * key_fpr, int key_fpr_size)
{
int rc = 0;
- if( !ret || !cred || !key_fpr ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+ if (!ret || !cred || !key_fpr) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
-
- if( key_fpr_size != 16 && key_fpr_size != 20 )
- return GNUTLS_E_HASH_FAILED; /* only MD5 and SHA1 are supported */
-
- rc = gnutls_openpgp_get_key( ret, &cred->keyring, KEY_ATTR_FPR, key_fpr );
- if( rc >= 0 ) /* key was found */
- return rc;
- else rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
+
+ if (key_fpr_size != 16 && key_fpr_size != 20)
+ return GNUTLS_E_HASH_FAILED; /* only MD5 and SHA1 are supported */
+
+ rc = gnutls_openpgp_get_key(ret, &cred->keyring, KEY_ATTR_FPR,
+ key_fpr);
+ if (rc >= 0) /* key was found */
+ return rc;
+ else
+ rc = GNUTLS_E_OPENPGP_GETKEY_FAILED;
/* If the callback function was set, then try this one.
*/
- if( session->internals.openpgp_recv_key_func != NULL ) {
- rc = session->internals.openpgp_recv_key_func( session,
- key_fpr,
- key_fpr_size,
- ret);
- if( rc < 0 ) {
- gnutls_assert();
- return GNUTLS_E_OPENPGP_GETKEY_FAILED;
+ if (session->internals.openpgp_recv_key_func != NULL) {
+ rc = session->internals.openpgp_recv_key_func(session,
+ key_fpr,
+ key_fpr_size, ret);
+ if (rc < 0) {
+ gnutls_assert();
+ return GNUTLS_E_OPENPGP_GETKEY_FAILED;
}
}
@@ -938,25 +945,25 @@ _gnutls_openpgp_request_key( gnutls_session session, gnutls_datum* ret,
*
**/
int
-gnutls_certificate_set_openpgp_keyserver(gnutls_certificate_credentials res,
- const char* keyserver,
- int port)
+gnutls_certificate_set_openpgp_keyserver(gnutls_certificate_credentials
+ res, const char *keyserver,
+ int port)
{
- if( !res || !keyserver ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- if( !port )
- port = 11371;
-
- gnutls_free( res->pgp_key_server);
- res->pgp_key_server = gnutls_strdup( keyserver );
- if( !res->pgp_key_server )
- return GNUTLS_E_MEMORY_ERROR;
+ if (!res || !keyserver) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ if (!port)
+ port = 11371;
+
+ gnutls_free(res->pgp_key_server);
+ res->pgp_key_server = gnutls_strdup(keyserver);
+ if (!res->pgp_key_server)
+ return GNUTLS_E_MEMORY_ERROR;
res->pgp_key_server_port = port;
- return 0;
+ return 0;
}
@@ -970,24 +977,24 @@ gnutls_certificate_set_openpgp_keyserver(gnutls_certificate_credentials res,
*
**/
int
-gnutls_certificate_set_openpgp_trustdb( gnutls_certificate_credentials res,
- const char* trustdb )
+gnutls_certificate_set_openpgp_trustdb(gnutls_certificate_credentials res,
+ const char *trustdb)
{
- if( !res || !trustdb ) {
- gnutls_assert( );
- return GNUTLS_E_INVALID_REQUEST;
+ if (!res || !trustdb) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
}
/* the old v2 format was used with 1.0.6, do we still need to check
it now because GPG 1.0.7, 1.2.0, 1.2.1 and even 1.3.0 is out? */
-
- gnutls_free( res->pgp_trustdb);
- res->pgp_trustdb = gnutls_strdup( trustdb );
- if( res->pgp_trustdb==NULL )
- return GNUTLS_E_MEMORY_ERROR;
-
+
+ gnutls_free(res->pgp_trustdb);
+ res->pgp_trustdb = gnutls_strdup(trustdb);
+ if (res->pgp_trustdb == NULL)
+ return GNUTLS_E_MEMORY_ERROR;
+
return 0;
-}
+}
/**
* gnutls_openpgp_set_recv_key_function - Used to set a key retrieval callback for PGP keys
@@ -999,81 +1006,88 @@ gnutls_certificate_set_openpgp_trustdb( gnutls_certificate_credentials res,
* sent a key fingerprint instead of a full key.
*
**/
-void gnutls_openpgp_set_recv_key_function( gnutls_session session,
- gnutls_openpgp_recv_key_func func )
+void gnutls_openpgp_set_recv_key_function(gnutls_session session,
+ gnutls_openpgp_recv_key_func
+ func)
{
session->internals.openpgp_recv_key_func = func;
}
/* Copies a gnutls_openpgp_privkey to a gnutls_privkey structure.
*/
-int _gnutls_openpgp_privkey_to_gkey( gnutls_privkey* dest, gnutls_openpgp_privkey src)
+int _gnutls_openpgp_privkey_to_gkey(gnutls_privkey * dest,
+ gnutls_openpgp_privkey src)
{
-int i, ret;
+ int i, ret;
- memset( dest, 0, sizeof(gnutls_privkey));
+ memset(dest, 0, sizeof(gnutls_privkey));
- for(i=0;i<src->pkey.params_size;i++) {
- dest->params[i] = _gnutls_mpi_copy( src->pkey.params[i]);
- if (dest->params[i] == NULL) {
- gnutls_assert();
- ret = GNUTLS_E_MEMORY_ERROR;
- goto cleanup;
- }
+ for (i = 0; i < src->pkey.params_size; i++) {
+ dest->params[i] = _gnutls_mpi_copy(src->pkey.params[i]);
+ if (dest->params[i] == NULL) {
+ gnutls_assert();
+ ret = GNUTLS_E_MEMORY_ERROR;
+ goto cleanup;
}
-
- dest->pk_algorithm = src->pkey.pk_algorithm;
- dest->params_size = src->pkey.params_size;
+ }
- return 0;
-
-cleanup:
- for (i=0;i<src->pkey.params_size;i++) {
- _gnutls_mpi_release( &dest->params[i]);
- }
- return ret;
+ dest->pk_algorithm = src->pkey.pk_algorithm;
+ dest->params_size = src->pkey.params_size;
+
+ return 0;
+
+ cleanup:
+ for (i = 0; i < src->pkey.params_size; i++) {
+ _gnutls_mpi_release(&dest->params[i]);
+ }
+ return ret;
}
/* Converts a parsed gnutls_openpgp_key to a gnutls_cert structure.
*/
-int _gnutls_openpgp_key_to_gcert(gnutls_cert * gcert, gnutls_openpgp_key cert)
+int _gnutls_openpgp_key_to_gcert(gnutls_cert * gcert,
+ gnutls_openpgp_key cert)
{
- int ret = 0;
- opaque* der;
- size_t der_size = 0;
- gnutls_datum raw;
-
- memset(gcert, 0, sizeof(gnutls_cert));
- gcert->cert_type = GNUTLS_CRT_OPENPGP;
-
-
- ret = gnutls_openpgp_key_export( cert, GNUTLS_OPENPGP_FMT_RAW, NULL, &der_size);
- if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
- gnutls_assert();
- return ret;
- }
-
- der = gnutls_malloc( der_size);
- if (der == NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
+ int ret = 0;
+ opaque *der;
+ size_t der_size = 0;
+ gnutls_datum raw;
- ret = gnutls_openpgp_key_export( cert, GNUTLS_OPENPGP_FMT_RAW, der, &der_size);
- if (ret < 0) {
- gnutls_assert();
- gnutls_free(der);
- return ret;
- }
+ memset(gcert, 0, sizeof(gnutls_cert));
+ gcert->cert_type = GNUTLS_CRT_OPENPGP;
- raw.data = der;
- raw.size = der_size;
- ret = _gnutls_openpgp_raw_key_to_gcert( gcert, &raw);
-
+ ret =
+ gnutls_openpgp_key_export(cert, GNUTLS_OPENPGP_FMT_RAW, NULL,
+ &der_size);
+ if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
+ gnutls_assert();
+ return ret;
+ }
+
+ der = gnutls_malloc(der_size);
+ if (der == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ ret =
+ gnutls_openpgp_key_export(cert, GNUTLS_OPENPGP_FMT_RAW, der,
+ &der_size);
+ if (ret < 0) {
+ gnutls_assert();
gnutls_free(der);
-
- return 0;
+ return ret;
+ }
+
+ raw.data = der;
+ raw.size = der_size;
+
+ ret = _gnutls_openpgp_raw_key_to_gcert(gcert, &raw);
+
+ gnutls_free(der);
+
+ return 0;
}
@@ -1089,56 +1103,60 @@ int _gnutls_openpgp_key_to_gcert(gnutls_cert * gcert, gnutls_openpgp_key cert)
* server).
*
**/
-int gnutls_certificate_set_openpgp_key(gnutls_certificate_credentials res,
- gnutls_openpgp_key key,
- gnutls_openpgp_privkey pkey)
+int gnutls_certificate_set_openpgp_key(gnutls_certificate_credentials res,
+ gnutls_openpgp_key key,
+ gnutls_openpgp_privkey pkey)
{
- int ret;
+ int ret;
- /* this should be first
- */
-
- res->pkey = gnutls_realloc_fast( res->pkey, (res->ncerts+1)*sizeof(gnutls_privkey));
- if (res->pkey==NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
+ /* this should be first
+ */
- ret = _gnutls_openpgp_privkey_to_gkey( &res->pkey[res->ncerts], pkey);
- if (ret < 0) {
- gnutls_assert();
- return ret;
- }
+ res->pkey =
+ gnutls_realloc_fast(res->pkey,
+ (res->ncerts + 1) * sizeof(gnutls_privkey));
+ if (res->pkey == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
- res->cert_list = gnutls_realloc_fast( res->cert_list,
- (1+ res->ncerts)*sizeof(gnutls_cert*));
- if ( res->cert_list==NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
+ ret = _gnutls_openpgp_privkey_to_gkey(&res->pkey[res->ncerts], pkey);
+ if (ret < 0) {
+ gnutls_assert();
+ return ret;
+ }
- res->cert_list_length = gnutls_realloc_fast( res->cert_list_length,
- (1+ res->ncerts)*sizeof(int));
- if (res->cert_list_length==NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
+ res->cert_list = gnutls_realloc_fast(res->cert_list,
+ (1 +
+ res->ncerts) *
+ sizeof(gnutls_cert *));
+ if (res->cert_list == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
- res->cert_list[res->ncerts] = NULL; /* for realloc */
- res->cert_list_length[res->ncerts] = 1;
+ res->cert_list_length = gnutls_realloc_fast(res->cert_list_length,
+ (1 +
+ res->ncerts) *
+ sizeof(int));
+ if (res->cert_list_length == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
- ret = _gnutls_openpgp_key_to_gcert( res->cert_list[res->ncerts], key);
- if ( ret < 0) {
- gnutls_assert();
- return ret;
- }
+ res->cert_list[res->ncerts] = NULL; /* for realloc */
+ res->cert_list_length[res->ncerts] = 1;
- res->ncerts++;
-
- /* FIXME: Check if the keys match.
- */
+ ret = _gnutls_openpgp_key_to_gcert(res->cert_list[res->ncerts], key);
+ if (ret < 0) {
+ gnutls_assert();
+ return ret;
+ }
- return 0;
-}
+ res->ncerts++;
+ /* FIXME: Check if the keys match.
+ */
+ return 0;
+}
View Lorry Controller Status