]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Indented code.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 28 Jun 2010 16:51:29 +0000 (18:51 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Mon, 28 Jun 2010 16:51:29 +0000 (18:51 +0200)
lib/gnutls_privkey.c
lib/gnutls_pubkey.c
lib/pkcs11.c
lib/pkcs11_int.h
lib/pkcs11_privkey.c
lib/pkcs11_write.c

index 185a1e966edfdf54d63673570d6ed9c676523ce8..c61567b0731cd04058c13162e60a761c8914fdf0 100644 (file)
 struct gnutls_privkey_st {
        gnutls_privkey_type_t type;
        gnutls_pk_algorithm_t pk_algorithm;
-       
+
        union {
                gnutls_x509_privkey_t x509;
                gnutls_pkcs11_privkey_t pkcs11;
                gnutls_openpgp_privkey_t openpgp;
        } key;
-       
+
        unsigned int flags;
 };
 
@@ -58,7 +58,7 @@ struct gnutls_privkey_st {
  * Returns: a member of the #gnutls_privkey_type_t enumeration on
  *   success, or a negative value on error.
  **/
-gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key)
+gnutls_privkey_type_t gnutls_privkey_get_type(gnutls_privkey_t key)
 {
        return key->type;
 }
@@ -75,20 +75,27 @@ gnutls_privkey_type_t gnutls_privkey_get_type (gnutls_privkey_t key)
  * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
  *   success, or a negative value on error.
  **/
-int gnutls_privkey_get_pk_algorithm (gnutls_privkey_t key, unsigned int* bits)
+int gnutls_privkey_get_pk_algorithm(gnutls_privkey_t key,
+                                   unsigned int *bits)
 {
-       switch(key->type) {
-               case GNUTLS_PRIVKEY_OPENPGP:
-                       return gnutls_openpgp_privkey_get_pk_algorithm(key->key.openpgp, bits);
-               case GNUTLS_PRIVKEY_PKCS11:
-                       return gnutls_pkcs11_privkey_get_pk_algorithm(key->key.pkcs11, bits);
-               case GNUTLS_PRIVKEY_X509:
-                        if (bits)
-                                *bits = _gnutls_mpi_get_nbits (key->key.x509->params[0]);
-                       return gnutls_x509_privkey_get_pk_algorithm(key->key.x509);
-               default:
-                       gnutls_assert();
-                       return GNUTLS_E_INVALID_REQUEST;
+       switch (key->type) {
+       case GNUTLS_PRIVKEY_OPENPGP:
+               return gnutls_openpgp_privkey_get_pk_algorithm(key->key.
+                                                              openpgp,
+                                                              bits);
+       case GNUTLS_PRIVKEY_PKCS11:
+               return gnutls_pkcs11_privkey_get_pk_algorithm(key->key.
+                                                             pkcs11,
+                                                             bits);
+       case GNUTLS_PRIVKEY_X509:
+               if (bits)
+                       *bits =
+                           _gnutls_mpi_get_nbits(key->key.x509->
+                                                 params[0]);
+               return gnutls_x509_privkey_get_pk_algorithm(key->key.x509);
+       default:
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
        }
 
 }
@@ -109,7 +116,7 @@ int gnutls_privkey_init(gnutls_privkey_t * key)
                gnutls_assert();
                return GNUTLS_E_MEMORY_ERROR;
        }
-       
+
        return 0;
 }
 
@@ -122,13 +129,15 @@ int gnutls_privkey_init(gnutls_privkey_t * key)
 void gnutls_privkey_deinit(gnutls_privkey_t key)
 {
        if (key->flags & GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE)
-               switch(key->type) {
-                       case GNUTLS_PRIVKEY_OPENPGP:
-                               return gnutls_openpgp_privkey_deinit(key->key.openpgp);
-                       case GNUTLS_PRIVKEY_PKCS11:
-                               return gnutls_pkcs11_privkey_deinit(key->key.pkcs11);
-                       case GNUTLS_PRIVKEY_X509:
-                               return gnutls_x509_privkey_deinit(key->key.x509);
+               switch (key->type) {
+               case GNUTLS_PRIVKEY_OPENPGP:
+                       return gnutls_openpgp_privkey_deinit(key->key.
+                                                            openpgp);
+               case GNUTLS_PRIVKEY_PKCS11:
+                       return gnutls_pkcs11_privkey_deinit(key->key.
+                                                           pkcs11);
+               case GNUTLS_PRIVKEY_X509:
+                       return gnutls_x509_privkey_deinit(key->key.x509);
                }
        gnutls_free(key);
 }
@@ -145,11 +154,14 @@ void gnutls_privkey_deinit(gnutls_privkey_t key)
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey, gnutls_pkcs11_privkey_t key, unsigned int flags)
+int gnutls_privkey_import_pkcs11(gnutls_privkey_t pkey,
+                                gnutls_pkcs11_privkey_t key,
+                                unsigned int flags)
 {
        pkey->key.pkcs11 = key;
        pkey->type = GNUTLS_PRIVKEY_PKCS11;
-       pkey->pk_algorithm = gnutls_pkcs11_privkey_get_pk_algorithm(key, NULL);
+       pkey->pk_algorithm =
+           gnutls_pkcs11_privkey_get_pk_algorithm(key, NULL);
        pkey->flags = flags;
 
        return 0;
@@ -167,9 +179,11 @@ int gnutls_privkey_import_pkcs11 (gnutls_privkey_t pkey, gnutls_pkcs11_privkey_t
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_privkey_import_x509 (gnutls_privkey_t pkey, gnutls_x509_privkey_t key, unsigned int flags)
+int gnutls_privkey_import_x509(gnutls_privkey_t pkey,
+                              gnutls_x509_privkey_t key,
+                              unsigned int flags)
 {
-        pkey->key.x509 = key;
+       pkey->key.x509 = key;
        pkey->type = GNUTLS_PRIVKEY_X509;
        pkey->pk_algorithm = gnutls_x509_privkey_get_pk_algorithm(key);
        pkey->flags = flags;
@@ -189,13 +203,16 @@ int gnutls_privkey_import_x509 (gnutls_privkey_t pkey, gnutls_x509_privkey_t key
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey, gnutls_openpgp_privkey_t key, unsigned int flags)
+int gnutls_privkey_import_openpgp(gnutls_privkey_t pkey,
+                                 gnutls_openpgp_privkey_t key,
+                                 unsigned int flags)
 {
        pkey->key.openpgp = key;
        pkey->type = GNUTLS_PRIVKEY_OPENPGP;
-       pkey->pk_algorithm = gnutls_openpgp_privkey_get_pk_algorithm(key, NULL);
+       pkey->pk_algorithm =
+           gnutls_openpgp_privkey_get_pk_algorithm(key, NULL);
        pkey->flags = flags;
-       
+
        return 0;
 }
 
@@ -217,10 +234,10 @@ int gnutls_privkey_import_openpgp (gnutls_privkey_t pkey, gnutls_openpgp_privkey
  **/
 int
 gnutls_privkey_sign_data(gnutls_privkey_t signer,
-                               gnutls_digest_algorithm_t hash,
-                               unsigned int flags,
-                               const gnutls_datum_t * data,
-                               gnutls_datum_t * signature)
+                        gnutls_digest_algorithm_t hash,
+                        unsigned int flags,
+                        const gnutls_datum_t * data,
+                        gnutls_datum_t * signature)
 {
        int ret;
        gnutls_datum_t digest;
@@ -269,20 +286,23 @@ gnutls_privkey_sign_data(gnutls_privkey_t signer,
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  * negative error value.
  **/
-int gnutls_privkey_sign_hash (gnutls_privkey_t key,
-                       const gnutls_datum_t * hash,
-                       gnutls_datum_t * signature)
+int gnutls_privkey_sign_hash(gnutls_privkey_t key,
+                            const gnutls_datum_t * hash,
+                            gnutls_datum_t * signature)
 {
-       switch(key->type) {
-               case GNUTLS_PRIVKEY_OPENPGP:
-                       return gnutls_openpgp_privkey_sign_hash(key->key.openpgp, hash, signature);
-               case GNUTLS_PRIVKEY_PKCS11:
-                       return gnutls_pkcs11_privkey_sign_hash(key->key.pkcs11, hash, signature);
-               case GNUTLS_PRIVKEY_X509:
-                       return gnutls_x509_privkey_sign_hash(key->key.x509, hash, signature);
-               default:
-                       gnutls_assert();
-                       return GNUTLS_E_INVALID_REQUEST;
+       switch (key->type) {
+       case GNUTLS_PRIVKEY_OPENPGP:
+               return gnutls_openpgp_privkey_sign_hash(key->key.openpgp,
+                                                       hash, signature);
+       case GNUTLS_PRIVKEY_PKCS11:
+               return gnutls_pkcs11_privkey_sign_hash(key->key.pkcs11,
+                                                      hash, signature);
+       case GNUTLS_PRIVKEY_X509:
+               return gnutls_x509_privkey_sign_hash(key->key.x509, hash,
+                                                    signature);
+       default:
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
        }
 }
 
@@ -308,17 +328,25 @@ int gnutls_privkey_decrypt_data(gnutls_privkey_t key,
                gnutls_assert();
                return GNUTLS_E_INVALID_REQUEST;
        }
-       
-       switch(key->type) {
-               case GNUTLS_PRIVKEY_OPENPGP:
-                       return gnutls_openpgp_privkey_decrypt_data(key->key.openpgp, flags, ciphertext, plaintext);
-               case GNUTLS_PRIVKEY_X509:
-                       return _gnutls_pkcs1_rsa_decrypt (plaintext, ciphertext, key->key.x509->params, key->key.x509->params_size, 2);
-               case GNUTLS_PRIVKEY_PKCS11:
-                       return gnutls_pkcs11_privkey_decrypt_data(key->key.pkcs11, flags, ciphertext, plaintext);
-               default:
-                       gnutls_assert();
-                       return GNUTLS_E_INVALID_REQUEST;
+
+       switch (key->type) {
+       case GNUTLS_PRIVKEY_OPENPGP:
+               return gnutls_openpgp_privkey_decrypt_data(key->key.
+                                                          openpgp, flags,
+                                                          ciphertext,
+                                                          plaintext);
+       case GNUTLS_PRIVKEY_X509:
+               return _gnutls_pkcs1_rsa_decrypt(plaintext, ciphertext,
+                                                key->key.x509->params,
+                                                key->key.x509->
+                                                params_size, 2);
+       case GNUTLS_PRIVKEY_PKCS11:
+               return gnutls_pkcs11_privkey_decrypt_data(key->key.pkcs11,
+                                                         flags,
+                                                         ciphertext,
+                                                         plaintext);
+       default:
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
        }
 }
-
index 46d846963a3666dd6d7396a8a213f09a95119fb6..f1740bb63d8adb54ac9c5f044175856156dd7cc8 100644 (file)
@@ -199,21 +199,22 @@ int gnutls_pubkey_import_x509(gnutls_pubkey_t key, gnutls_x509_crt_t crt,
  * Since: 2.11.0
  **/
 int
-gnutls_pubkey_get_preferred_hash_algorithm (gnutls_pubkey_t key,
-                             gnutls_digest_algorithm_t * hash, unsigned int *mand)
+gnutls_pubkey_get_preferred_hash_algorithm(gnutls_pubkey_t key,
+                                          gnutls_digest_algorithm_t *
+                                          hash, unsigned int *mand)
 {
-  int ret;
+       int ret;
 
-  if (key == NULL)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
+       if (key == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
+       }
 
-  ret = _gnutls_pk_get_hash_algorithm(key->pk_algorithm,
-    key->params, key->params_size, hash, mand);
+       ret = _gnutls_pk_get_hash_algorithm(key->pk_algorithm,
+                                           key->params, key->params_size,
+                                           hash, mand);
 
-  return ret;
+       return ret;
 }
 
 
@@ -749,7 +750,7 @@ int gnutls_pubkey_set_key_usage(gnutls_pubkey_t key, unsigned int usage)
  **/
 
 int gnutls_pubkey_import_pkcs11_url(gnutls_pubkey_t key, const char *url,
-       unsigned int flags)
+                                   unsigned int flags)
 {
        gnutls_pkcs11_obj_t pcrt;
        int ret;
@@ -903,23 +904,22 @@ gnutls_pubkey_import_dsa_raw(gnutls_pubkey_t key,
  * success.
  **/
 int
-gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
-                            const gnutls_datum_t * hash,
-                            const gnutls_datum_t * signature)
+gnutls_pubkey_verify_hash(gnutls_pubkey_t key, unsigned int flags,
+                         const gnutls_datum_t * hash,
+                         const gnutls_datum_t * signature)
 {
-  int ret;
+       int ret;
 
-  if (key == NULL)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
+       if (key == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
+       }
 
-   ret =
-    pubkey_verify_sig (NULL, hash, signature, key->pk_algorithm,
-               key->params, key->params_size);
+       ret =
+           pubkey_verify_sig(NULL, hash, signature, key->pk_algorithm,
+                             key->params, key->params_size);
 
-  return ret;
+       return ret;
 }
 
 /**
@@ -935,18 +935,19 @@ gnutls_pubkey_verify_hash (gnutls_pubkey_t key, unsigned int flags,
  * returned on error.
  **/
 int
-gnutls_pubkey_get_verify_algorithm (gnutls_pubkey_t key,
-                                     const gnutls_datum_t * signature,
-                                     gnutls_digest_algorithm_t * hash)
+gnutls_pubkey_get_verify_algorithm(gnutls_pubkey_t key,
+                                  const gnutls_datum_t * signature,
+                                  gnutls_digest_algorithm_t * hash)
 {
-  if (key == NULL)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
-  return _gnutls_x509_verify_algorithm ((gnutls_mac_algorithm_t *) hash,
-                       signature, key->pk_algorithm, key->params,
-                       key->params_size);
+       if (key == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INVALID_REQUEST;
+       }
+
+       return _gnutls_x509_verify_algorithm((gnutls_mac_algorithm_t *)
+                                            hash, signature,
+                                            key->pk_algorithm,
+                                            key->params,
+                                            key->params_size);
 
 }
index ed70073df8437745c25bfa2878d9deb560c5e6b2..f4ae85d02678ad819836f292445e8e35362bf809 100644 (file)
@@ -1991,12 +1991,6 @@ static int find_objs(pakchois_session_t * pks, struct token_info *info,
        memset(&plist, 0, sizeof(plist));
 
        if (find_data->flags == GNUTLS_PKCS11_OBJ_ATTR_CRT_WITH_PRIVKEY) {
-               ret = pkcs11_login(pks, info, NULL);
-               if (ret < 0) {
-                       gnutls_assert();
-                       return ret;
-               }
-
                ret = find_privkeys(pks, info, &plist);
                if (ret < 0) {
                        gnutls_assert();
@@ -2007,13 +2001,6 @@ static int find_objs(pakchois_session_t * pks, struct token_info *info,
                        gnutls_assert();
                        return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
                }
-       } else if (find_data->flags == GNUTLS_PKCS11_OBJ_ATTR_ALL ||
-                  find_data->flags == GNUTLS_PKCS11_OBJ_ATTR_PRIVKEY) {
-               ret = pkcs11_login(pks, info, NULL);
-               if (ret < 0) {
-                       gnutls_assert();
-                       return ret;
-               }
        }
 
        cert_data = gnutls_malloc(MAX_CERT_SIZE);
index 324da3441fcc3027ed2be33ad10fd8571df274c0..f177183b8f3ee934a71d68f9d7bd6b63f1a96b15 100644 (file)
@@ -8,73 +8,85 @@
 #define PKCS11_LABEL_SIZE 128
 
 typedef struct token_creds {
-    char pin[GNUTLS_PKCS11_MAX_PIN_LEN];
-    size_t pin_size;
+       char pin[GNUTLS_PKCS11_MAX_PIN_LEN];
+       size_t pin_size;
 } token_creds_st;
 
 struct token_info {
-    struct ck_token_info tinfo;
-    struct ck_slot_info sinfo;
-    ck_slot_id_t sid;
-    struct gnutls_pkcs11_provider_s* prov;
+       struct ck_token_info tinfo;
+       struct ck_slot_info sinfo;
+       ck_slot_id_t sid;
+       struct gnutls_pkcs11_provider_s *prov;
 };
 
-struct pkcs11_url_info
-{
-    /* everything here is null terminated strings */
-    opaque id[PKCS11_ID_SIZE*3+1]; /* hex with delimiters */
-    opaque type[16]; /* cert/key etc. */
-    opaque manufacturer[sizeof (((struct ck_token_info *)NULL)->manufacturer_id)+1];
-    opaque token[sizeof (((struct ck_token_info *)NULL)->label)+1];
-    opaque serial[sizeof (((struct ck_token_info *)NULL)->serial_number)+1];
-    opaque model[sizeof (((struct ck_token_info *)NULL)->model)+1];
-    opaque label[PKCS11_LABEL_SIZE+1];
-    
-    opaque certid_raw[PKCS11_ID_SIZE]; /* same as ID but raw */
-    size_t certid_raw_size;
+struct pkcs11_url_info {
+       /* everything here is null terminated strings */
+       opaque id[PKCS11_ID_SIZE * 3 + 1];      /* hex with delimiters */
+       opaque type[16];        /* cert/key etc. */
+       opaque
+           manufacturer[sizeof
+                        (((struct ck_token_info *) NULL)->
+                         manufacturer_id) + 1];
+       opaque token[sizeof(((struct ck_token_info *) NULL)->label) + 1];
+       opaque
+           serial[sizeof(((struct ck_token_info *) NULL)->serial_number) +
+                  1];
+       opaque model[sizeof(((struct ck_token_info *) NULL)->model) + 1];
+       opaque label[PKCS11_LABEL_SIZE + 1];
+
+       opaque certid_raw[PKCS11_ID_SIZE];      /* same as ID but raw */
+       size_t certid_raw_size;
 };
 
 struct gnutls_pkcs11_obj_st {
-    gnutls_datum_t raw;
-    gnutls_pkcs11_obj_type_t type;
-    struct pkcs11_url_info info;
-
-    /* only when pubkey */
-    gnutls_datum_t pubkey[MAX_PUBLIC_PARAMS_SIZE];
-    gnutls_pk_algorithm pk_algorithm;
-    unsigned int key_usage;
+       gnutls_datum_t raw;
+       gnutls_pkcs11_obj_type_t type;
+       struct pkcs11_url_info info;
+
+       /* only when pubkey */
+       gnutls_datum_t pubkey[MAX_PUBLIC_PARAMS_SIZE];
+       gnutls_pk_algorithm pk_algorithm;
+       unsigned int key_usage;
 };
 
 /* thus function is called for every token in the traverse_tokens
  * function. Once everything is traversed it is called with NULL tinfo.
  * It should return 0 if found what it was looking for.
  */
-typedef int (*find_func_t)(pakchois_session_t *pks, struct token_info* tinfo, void* input);
+typedef int (*find_func_t) (pakchois_session_t * pks,
+                           struct token_info * tinfo, void *input);
 
 int pkcs11_rv_to_err(ck_rv_t rv);
-int pkcs11_url_to_info(const char* url, struct pkcs11_url_info* info);
+int pkcs11_url_to_info(const char *url, struct pkcs11_url_info *info);
 
-int pkcs11_get_info(struct pkcs11_url_info *info, gnutls_pkcs11_obj_info_t itype, 
-    void* output, size_t* output_size);
-int pkcs11_login(pakchois_session_t *pks, struct token_info *info, token_creds_st *);
+int pkcs11_get_info(struct pkcs11_url_info *info,
+                   gnutls_pkcs11_obj_info_t itype, void *output,
+                   size_t * output_size);
+int pkcs11_login(pakchois_session_t * pks, struct token_info *info,
+                token_creds_st *);
 
 extern gnutls_pkcs11_token_callback_t token_func;
-extern voidtoken_data;
+extern void *token_data;
 
 void pkcs11_rescan_slots(void);
-int pkcs11_info_to_url(const struct pkcs11_url_info* info, char** url);
+int pkcs11_info_to_url(const struct pkcs11_url_info *info, char **url);
 
 #define SESSION_WRITE 1
 #define SESSION_LOGIN 2
-int pkcs11_open_session (pakchois_session_t** _pks, struct pkcs11_url_info *info, 
-    token_creds_st * creds, unsigned int flags);
-int _pkcs11_traverse_tokens (find_func_t find_func, void* input, unsigned int flags);
-ck_object_class_t pkcs11_strtype_to_class(const char* type);
+int pkcs11_open_session(pakchois_session_t ** _pks,
+                       struct pkcs11_url_info *info,
+                       token_creds_st * creds, unsigned int flags);
+int _pkcs11_traverse_tokens(find_func_t find_func, void *input,
+                           unsigned int flags);
+ck_object_class_t pkcs11_strtype_to_class(const char *type);
 
-int pkcs11_token_matches_info( struct pkcs11_url_info* info, struct ck_token_info* tinfo);
+int pkcs11_token_matches_info(struct pkcs11_url_info *info,
+                             struct ck_token_info *tinfo);
 
 /* flags are SESSION_* */
-int pkcs11_find_object (pakchois_session_t** _pks, ck_object_handle_t* _obj,
-    struct pkcs11_url_info *info, token_creds_st*, unsigned int flags);
+int pkcs11_find_object(pakchois_session_t ** _pks,
+                      ck_object_handle_t * _obj,
+                      struct pkcs11_url_info *info, token_creds_st *,
+                      unsigned int flags);
 
 #endif
index c0fe633c518bf54ff096efb7b429740500e2e805..11b744ab79ec2c87662fe57f3269ef8238f9592b 100644 (file)
@@ -54,7 +54,7 @@ int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key)
                gnutls_assert();
                return GNUTLS_E_MEMORY_ERROR;
        }
-       
+
        return 0;
 }
 
@@ -79,10 +79,11 @@ void gnutls_pkcs11_privkey_deinit(gnutls_pkcs11_privkey_t key)
  * Returns: a member of the #gnutls_pk_algorithm_t enumeration on
  *   success, or a negative value on error.
  **/
-int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t key, unsigned int *bits)
+int gnutls_pkcs11_privkey_get_pk_algorithm(gnutls_pkcs11_privkey_t key,
+                                          unsigned int *bits)
 {
-        if (bits)
-          *bits = 0; /* FIXME */
+       if (bits)
+               *bits = 0;      /* FIXME */
        return key->pk_algorithm;
 }
 
@@ -179,7 +180,7 @@ gnutls_pkcs11_privkey_sign_data(gnutls_pkcs11_privkey_t signer,
                        gnutls_assert(); \
                        return ret; \
                } \
-       } while (ret < 0); 
+       } while (ret < 0);
 
 /**
  * gnutls_pkcs11_privkey_sign_hash:
@@ -222,8 +223,7 @@ int gnutls_pkcs11_privkey_sign_hash(gnutls_pkcs11_privkey_t key,
        }
 
        /* Work out how long the signature must be: */
-       rv = pakchois_sign(pks, hash->data, hash->size, NULL,
-                          &siglen);
+       rv = pakchois_sign(pks, hash->data, hash->size, NULL, &siglen);
        if (rv != CKR_OK) {
                gnutls_assert();
                ret = pkcs11_rv_to_err(rv);
@@ -246,7 +246,7 @@ int gnutls_pkcs11_privkey_sign_hash(gnutls_pkcs11_privkey_t key,
 
        ret = 0;
 
-cleanup:
+      cleanup:
        pakchois_close_session(pks);
 
        return ret;
@@ -280,7 +280,8 @@ int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey,
 
        pkey->flags = flags;
 
-       if (pkey->info.type[0] != 0 && strcmp(pkey->info.type, "private") != 0) {
+       if (pkey->info.type[0] != 0
+           && strcmp(pkey->info.type, "private") != 0) {
                gnutls_assert();
                return GNUTLS_E_INVALID_REQUEST;
        }
@@ -308,8 +309,9 @@ int gnutls_pkcs11_privkey_import_url(gnutls_pkcs11_privkey_t pkey,
  **/
 int
 gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
-  unsigned int flags, const gnutls_datum_t * ciphertext,
-                               gnutls_datum_t * plaintext)
+                                  unsigned int flags,
+                                  const gnutls_datum_t * ciphertext,
+                                  gnutls_datum_t * plaintext)
 {
        ck_rv_t rv;
        int ret;
@@ -319,7 +321,7 @@ gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
        ck_object_handle_t obj;
 
        FIND_OBJECT(pks, obj, key);
-       
+
        mech.mechanism =
            key->pk_algorithm == GNUTLS_PK_DSA ? CKM_DSA : CKM_RSA_PKCS;
        mech.parameter = NULL;
@@ -335,8 +337,8 @@ gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
        }
 
        /* Work out how long the plaintext must be: */
-       rv = pakchois_decrypt(pks, ciphertext->data, ciphertext->size, NULL,
-                          &siglen);
+       rv = pakchois_decrypt(pks, ciphertext->data, ciphertext->size,
+                             NULL, &siglen);
        if (rv != CKR_OK) {
                gnutls_assert();
                ret = pkcs11_rv_to_err(rv);
@@ -347,7 +349,7 @@ gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
        plaintext->size = siglen;
 
        rv = pakchois_decrypt(pks, ciphertext->data, ciphertext->size,
-                          plaintext->data, &siglen);
+                             plaintext->data, &siglen);
        if (rv != CKR_OK) {
                gnutls_free(plaintext->data);
                gnutls_assert();
@@ -359,7 +361,7 @@ gnutls_pkcs11_privkey_decrypt_data(gnutls_pkcs11_privkey_t key,
 
        ret = 0;
 
-cleanup:
+      cleanup:
        pakchois_close_session(pks);
 
        return ret;
@@ -375,15 +377,16 @@ cleanup:
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_pkcs11_privkey_export_url (gnutls_pkcs11_privkey_t key, char ** url)
+int gnutls_pkcs11_privkey_export_url(gnutls_pkcs11_privkey_t key,
+                                    char **url)
 {
-int ret;
+       int ret;
 
-    ret = pkcs11_info_to_url(&key->info, url);
-    if (ret < 0) {
-        gnutls_assert();
-        return ret;
-    }
+       ret = pkcs11_info_to_url(&key->info, url);
+       if (ret < 0) {
+               gnutls_assert();
+               return ret;
+       }
 
-    return 0;
+       return 0;
 }
index b41f9bbff89e248ef854ebc725929714b6dcd3cc..09d32a7fb205ab8e7c9b5c0fa8dd5062b93d174b 100644 (file)
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_pkcs11_copy_x509_crt(const char* token_url, gnutls_x509_crt_t crt, 
-       const char* label, unsigned int flags)
+int gnutls_pkcs11_copy_x509_crt(const char *token_url,
+                               gnutls_x509_crt_t crt, const char *label,
+                               unsigned int flags)
 {
-    int ret;
-    pakchois_session_t *pks;
-    struct pkcs11_url_info info;
-    ck_rv_t rv;
-    size_t der_size, id_size;
-    opaque* der = NULL;
-    opaque id[20];
-    struct ck_attribute a[8];
-    ck_object_class_t class = CKO_CERTIFICATE;
-    ck_certificate_type_t type = CKC_X_509;
-    ck_object_handle_t obj;
-    unsigned int tval = 1;
-    int a_val;
-    
-    ret = pkcs11_url_to_info(token_url, &info);
+       int ret;
+       pakchois_session_t *pks;
+       struct pkcs11_url_info info;
+       ck_rv_t rv;
+       size_t der_size, id_size;
+       opaque *der = NULL;
+       opaque id[20];
+       struct ck_attribute a[8];
+       ck_object_class_t class = CKO_CERTIFICATE;
+       ck_certificate_type_t type = CKC_X_509;
+       ck_object_handle_t obj;
+       unsigned int tval = 1;
+       int a_val;
+
+       ret = pkcs11_url_to_info(token_url, &info);
        if (ret < 0) {
                gnutls_assert();
                return ret;
        }
-       
-       ret = pkcs11_open_session (&pks, &info, NULL, SESSION_WRITE|SESSION_LOGIN);
+
+       ret =
+           pkcs11_open_session(&pks, &info, NULL,
+                               SESSION_WRITE | SESSION_LOGIN);
        if (ret < 0) {
                gnutls_assert();
                return ret;
        }
-       
-       ret = gnutls_x509_crt_export (crt,
-                        GNUTLS_X509_FMT_DER, NULL, 
-                        &der_size);
+
+       ret = gnutls_x509_crt_export(crt,
+                                    GNUTLS_X509_FMT_DER, NULL, &der_size);
        if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) {
                gnutls_assert();
                goto cleanup;
        }
-       
+
        der = gnutls_malloc(der_size);
        if (der == NULL) {
                gnutls_assert();
@@ -85,74 +87,73 @@ int gnutls_pkcs11_copy_x509_crt(const char* token_url, gnutls_x509_crt_t crt,
                goto cleanup;
        }
 
-       ret = gnutls_x509_crt_export (crt,
-                        GNUTLS_X509_FMT_DER, der, 
-                        &der_size);
+       ret = gnutls_x509_crt_export(crt,
+                                    GNUTLS_X509_FMT_DER, der, &der_size);
        if (ret < 0) {
                gnutls_assert();
                goto cleanup;
        }
-       
+
        id_size = sizeof(id);
-       ret = gnutls_x509_crt_get_key_id (crt, 0, id, &id_size);
+       ret = gnutls_x509_crt_get_key_id(crt, 0, id, &id_size);
        if (ret < 0) {
                gnutls_assert();
                goto cleanup;
        }
-       
-    /* FIXME: copy key usage flags */
-
-    a[0].type = CKA_CLASS;
-    a[0].value = &class;
-    a[0].value_len = sizeof(class);
-    a[1].type = CKA_ID;
-    a[1].value = id;
-    a[1].value_len = id_size;
-    a[2].type = CKA_VALUE;
-    a[2].value = der;
-    a[2].value_len = der_size;
-    a[3].type = CKA_TOKEN;
-    a[3].value = &tval;
-    a[3].value_len = sizeof(tval);
-    a[4].type = CKA_CERTIFICATE_TYPE;
-    a[4].value = &type;
-    a[4].value_len = sizeof(type);
-
-    a_val = 5;
-    
-    if (label) {
+
+       /* FIXME: copy key usage flags */
+
+       a[0].type = CKA_CLASS;
+       a[0].value = &class;
+       a[0].value_len = sizeof(class);
+       a[1].type = CKA_ID;
+       a[1].value = id;
+       a[1].value_len = id_size;
+       a[2].type = CKA_VALUE;
+       a[2].value = der;
+       a[2].value_len = der_size;
+       a[3].type = CKA_TOKEN;
+       a[3].value = &tval;
+       a[3].value_len = sizeof(tval);
+       a[4].type = CKA_CERTIFICATE_TYPE;
+       a[4].value = &type;
+       a[4].value_len = sizeof(type);
+
+       a_val = 5;
+
+       if (label) {
                a[a_val].type = CKA_LABEL;
-               a[a_val].value = (void*)label;
+               a[a_val].value = (void *) label;
                a[a_val].value_len = strlen(label);
                a_val++;
        }
-       
+
        if (flags & GNUTLS_PKCS11_COPY_FLAG_MARK_TRUSTED) {
                a[a_val].type = CKA_TRUSTED;
                a[a_val].value = &tval;
                a[a_val].value_len = sizeof(tval);
                a_val++;
        }
-       
+
        rv = pakchois_create_object(pks, a, a_val, &obj);
        if (rv != CKR_OK) {
                gnutls_assert();
                _gnutls_debug_log("pkcs11: %s\n", pakchois_error(rv));
                ret = pkcs11_rv_to_err(rv);
-               goto  cleanup;
+               goto cleanup;
        }
-       
+
        /* generated! 
         */
 
        ret = 0;
-    
-cleanup:
+
+      cleanup:
        gnutls_free(der);
        pakchois_close_session(pks);
-       
+
        return ret;
-   
+
 }
 
 /**
@@ -169,76 +170,84 @@ cleanup:
  * Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_pkcs11_copy_x509_privkey(const char* token_url, 
-       gnutls_x509_privkey_t key, const char* label, unsigned int key_usage,
-       unsigned int flags)
+int gnutls_pkcs11_copy_x509_privkey(const char *token_url,
+                                   gnutls_x509_privkey_t key,
+                                   const char *label,
+                                   unsigned int key_usage,
+                                   unsigned int flags)
 {
-    int ret;
-    pakchois_session_t *pks;
-    struct pkcs11_url_info info;
-    ck_rv_t rv;
-    size_t id_size;
-    opaque id[20];
-    struct ck_attribute a[16];
-    ck_object_class_t class = CKO_PRIVATE_KEY;
-    ck_object_handle_t obj;
-    ck_key_type_t type;
-    unsigned int tval = 1;
-    int a_val;
-    gnutls_pk_algorithm_t pk;
-    gnutls_datum_t p, q, g, y, x;
-    gnutls_datum_t m, e, d, u, exp1, exp2;
-       
-    
-    ret = pkcs11_url_to_info(token_url, &info);
+       int ret;
+       pakchois_session_t *pks;
+       struct pkcs11_url_info info;
+       ck_rv_t rv;
+       size_t id_size;
+       opaque id[20];
+       struct ck_attribute a[16];
+       ck_object_class_t class = CKO_PRIVATE_KEY;
+       ck_object_handle_t obj;
+       ck_key_type_t type;
+       unsigned int tval = 1;
+       int a_val;
+       gnutls_pk_algorithm_t pk;
+       gnutls_datum_t p, q, g, y, x;
+       gnutls_datum_t m, e, d, u, exp1, exp2;
+
+
+       ret = pkcs11_url_to_info(token_url, &info);
        if (ret < 0) {
                gnutls_assert();
                return ret;
        }
 
        id_size = sizeof(id);
-       ret = gnutls_x509_privkey_get_key_id (key, 0, id, &id_size);
+       ret = gnutls_x509_privkey_get_key_id(key, 0, id, &id_size);
        if (ret < 0) {
                gnutls_assert();
                goto cleanup;
        }
 
-       ret = pkcs11_open_session (&pks, &info, NULL, SESSION_WRITE|SESSION_LOGIN);
+       ret =
+           pkcs11_open_session(&pks, &info, NULL,
+                               SESSION_WRITE | SESSION_LOGIN);
        if (ret < 0) {
                gnutls_assert();
                return ret;
        }
 
-    /* FIXME: copy key usage flags */
-
-    a[0].type = CKA_CLASS;
-    a[0].value = &class;
-    a[0].value_len = sizeof(class);
-    a[1].type = CKA_ID;
-    a[1].value = id;
-    a[1].value_len = id_size;
-    a[2].type = CKA_KEY_TYPE;
-    a[2].value = &type;
-    a[2].value_len = sizeof(type);
-    a[3].type = CKA_SENSITIVE;
-    a[3].value = &tval;
-    a[3].value_len = sizeof(tval);
-    
-    a_val = 4;
+       /* FIXME: copy key usage flags */
+
+       a[0].type = CKA_CLASS;
+       a[0].value = &class;
+       a[0].value_len = sizeof(class);
+       a[1].type = CKA_ID;
+       a[1].value = id;
+       a[1].value_len = id_size;
+       a[2].type = CKA_KEY_TYPE;
+       a[2].value = &type;
+       a[2].value_len = sizeof(type);
+       a[3].type = CKA_SENSITIVE;
+       a[3].value = &tval;
+       a[3].value_len = sizeof(tval);
+
+       a_val = 4;
 
        pk = gnutls_x509_privkey_get_pk_algorithm(key);
-       switch(pk) {
-               case GNUTLS_PK_RSA: {
-                   
-                   ret = gnutls_x509_privkey_export_rsa_raw2(key, &m, &e,
-                               &d, &p, &q, &u, &exp1, &exp2);
+       switch (pk) {
+       case GNUTLS_PK_RSA:{
+
+                       ret =
+                           gnutls_x509_privkey_export_rsa_raw2(key, &m,
+                                                               &e, &d, &p,
+                                                               &q, &u,
+                                                               &exp1,
+                                                               &exp2);
                        if (ret < 0) {
                                gnutls_assert();
                                goto cleanup;
                        }
-                       
+
                        type = CKK_RSA;
-                       
+
                        a[a_val].type = CKA_MODULUS;
                        a[a_val].value = m.data;
                        a[a_val].value_len = m.size;
@@ -281,16 +290,17 @@ int gnutls_pkcs11_copy_x509_privkey(const char* token_url,
 
                        break;
                }
-               case GNUTLS_PK_DSA: {
-                   ret = gnutls_x509_privkey_export_dsa_raw(key, &p, &q,
-                               &g, &y, &x);
+       case GNUTLS_PK_DSA:{
+                       ret =
+                           gnutls_x509_privkey_export_dsa_raw(key, &p, &q,
+                                                              &g, &y, &x);
                        if (ret < 0) {
                                gnutls_assert();
                                goto cleanup;
                        }
 
                        type = CKK_DSA;
-                       
+
                        a[a_val].type = CKA_PRIME;
                        a[a_val].value = p.data;
                        a[a_val].value_len = p.size;
@@ -313,36 +323,36 @@ int gnutls_pkcs11_copy_x509_privkey(const char* token_url,
 
                        break;
                }
-               default:
-                       gnutls_assert();
-                       ret = GNUTLS_E_INVALID_REQUEST;
-                       goto cleanup;
+       default:
+               gnutls_assert();
+               ret = GNUTLS_E_INVALID_REQUEST;
+               goto cleanup;
        }
-       
+
        rv = pakchois_create_object(pks, a, a_val, &obj);
        if (rv != CKR_OK) {
                gnutls_assert();
                _gnutls_debug_log("pkcs11: %s\n", pakchois_error(rv));
                ret = pkcs11_rv_to_err(rv);
-               goto  cleanup;
+               goto cleanup;
        }
 
        /* generated! 
         */
 
-       switch(pk) {
-               case GNUTLS_PK_RSA: {
-                   gnutls_free(m.data);
-                   gnutls_free(e.data);
-                   gnutls_free(d.data);
-                   gnutls_free(p.data);
-                   gnutls_free(q.data);
-                   gnutls_free(u.data);
-                   gnutls_free(exp1.data);
-                   gnutls_free(exp2.data);
+       switch (pk) {
+       case GNUTLS_PK_RSA:{
+                       gnutls_free(m.data);
+                       gnutls_free(e.data);
+                       gnutls_free(d.data);
+                       gnutls_free(p.data);
+                       gnutls_free(q.data);
+                       gnutls_free(u.data);
+                       gnutls_free(exp1.data);
+                       gnutls_free(exp2.data);
                        break;
                }
-               case GNUTLS_PK_DSA: {
+       case GNUTLS_PK_DSA:{
                        gnutls_free(p.data);
                        gnutls_free(q.data);
                        gnutls_free(g.data);
@@ -350,62 +360,63 @@ int gnutls_pkcs11_copy_x509_privkey(const char* token_url,
                        gnutls_free(x.data);
                        break;
                }
-               default:
-                       gnutls_assert();
-                       ret = GNUTLS_E_INVALID_REQUEST;
-                       goto cleanup;
+       default:
+               gnutls_assert();
+               ret = GNUTLS_E_INVALID_REQUEST;
+               goto cleanup;
        }
 
        ret = 0;
-    
-cleanup:
+
+      cleanup:
        pakchois_close_session(pks);
-       
+
        return ret;
-       
+
 }
 
 struct delete_data_st {
        struct pkcs11_url_info info;
-       unsigned int deleted; /* how many */
+       unsigned int deleted;   /* how many */
 };
 
-static int delete_obj_url(pakchois_session_t *pks, struct token_info *info, void* input)
+static int delete_obj_url(pakchois_session_t * pks,
+                         struct token_info *info, void *input)
 {
-    struct delete_data_st* find_data = input;
-    struct ck_attribute a[4];
-    ck_object_class_t class;
-    ck_certificate_type_t type = -1;
-    ck_rv_t rv;
-    ck_object_handle_t obj;
-    unsigned long count, a_vals;
-    int found = 0, ret;
-
-    
-    if (info == NULL) { /* we don't support multiple calls */
-        gnutls_assert();
-        return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
-    }
-    
-    /* do not bother reading the token if basic fields do not match
-     */
-    if (pkcs11_token_matches_info( &find_data->info, &info->tinfo) < 0) {
+       struct delete_data_st *find_data = input;
+       struct ck_attribute a[4];
+       ck_object_class_t class;
+       ck_certificate_type_t type = -1;
+       ck_rv_t rv;
+       ck_object_handle_t obj;
+       unsigned long count, a_vals;
+       int found = 0, ret;
+
+
+       if (info == NULL) {     /* we don't support multiple calls */
+               gnutls_assert();
+               return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
+       }
+
+       /* do not bother reading the token if basic fields do not match
+        */
+       if (pkcs11_token_matches_info(&find_data->info, &info->tinfo) < 0) {
                gnutls_assert();
                return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
        }
 
-    class = CKO_CERTIFICATE; /* default  */
+       class = CKO_CERTIFICATE;        /* default  */
 
-    if (find_data->info.type[0] != 0) {
-        class = pkcs11_strtype_to_class(find_data->info.type);
-        if (class == CKO_CERTIFICATE)
-            type = CKC_X_509;
+       if (find_data->info.type[0] != 0) {
+               class = pkcs11_strtype_to_class(find_data->info.type);
+               if (class == CKO_CERTIFICATE)
+                       type = CKC_X_509;
 
-        if (class == -1) {
-            gnutls_assert();
-            return GNUTLS_E_INVALID_REQUEST;
-        }
-    }
+               if (class == -1) {
+                       gnutls_assert();
+                       return GNUTLS_E_INVALID_REQUEST;
+               }
+       }
 
        ret = pkcs11_login(pks, info, NULL);
        if (ret < 0) {
@@ -414,8 +425,8 @@ static int delete_obj_url(pakchois_session_t *pks, struct token_info *info, void
        }
 
        a_vals = 0;
-       
-    /* Find objects with given class and type */
+
+       /* Find objects with given class and type */
        if (find_data->info.certid_raw_size > 0) {
                a[a_vals].type = CKA_ID;
                a[a_vals].value = find_data->info.certid_raw;
@@ -427,54 +438,56 @@ static int delete_obj_url(pakchois_session_t *pks, struct token_info *info, void
                a[a_vals].type = CKA_CLASS;
                a[a_vals].value = &class;
                a[a_vals].value_len = sizeof class;
-               a_vals++;    
+               a_vals++;
+       }
+
+       if (type != -1) {
+               a[a_vals].type = CKA_CERTIFICATE_TYPE;
+               a[a_vals].value = &type;
+               a[a_vals].value_len = sizeof type;
+               a_vals++;
        }
 
-    if (type != -1) {
-        a[a_vals].type = CKA_CERTIFICATE_TYPE;
-        a[a_vals].value = &type;
-        a[a_vals].value_len = sizeof type;
-        a_vals++;
-    }
-    
-    if (find_data->info.label[0] != 0) {
-        a[a_vals].type = CKA_LABEL;
-        a[a_vals].value = find_data->info.label;
-        a[a_vals].value_len = strlen(find_data->info.label);
-        a_vals++;
+       if (find_data->info.label[0] != 0) {
+               a[a_vals].type = CKA_LABEL;
+               a[a_vals].value = find_data->info.label;
+               a[a_vals].value_len = strlen(find_data->info.label);
+               a_vals++;
        }
 
-    rv = pakchois_find_objects_init(pks, a, a_vals);
-    if (rv != CKR_OK) {
-        gnutls_assert();
-        _gnutls_debug_log("pk11: FindObjectsInit failed.\n");
-        ret = pkcs11_rv_to_err(rv);
-        goto cleanup;
-    }
-
-    while (pakchois_find_objects(pks, &obj, 1, &count) == CKR_OK
-           && count == 1) {
-       rv = pakchois_destroy_object(pks, obj);
+       rv = pakchois_find_objects_init(pks, a, a_vals);
        if (rv != CKR_OK) {
-           _gnutls_debug_log("pkcs11: Cannot destroy object: %s\n", pakchois_error(rv));
+               gnutls_assert();
+               _gnutls_debug_log("pk11: FindObjectsInit failed.\n");
+               ret = pkcs11_rv_to_err(rv);
+               goto cleanup;
+       }
+
+       while (pakchois_find_objects(pks, &obj, 1, &count) == CKR_OK
+              && count == 1) {
+               rv = pakchois_destroy_object(pks, obj);
+               if (rv != CKR_OK) {
+                       _gnutls_debug_log
+                           ("pkcs11: Cannot destroy object: %s\n",
+                            pakchois_error(rv));
+               } else {
+                       find_data->deleted++;
+               }
+
+               found = 1;
+       }
+
+       if (found == 0) {
+               gnutls_assert();
+               ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
        } else {
-           find_data->deleted++;
+               ret = 0;
        }
-        
-        found = 1;
-    }
-
-    if (found == 0) {
-        gnutls_assert();
-        ret = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
-    } else {
-        ret = 0;
-    }
-
-cleanup:
-    pakchois_find_objects_final(pks);
-    
-    return ret;
+
+      cleanup:
+       pakchois_find_objects_final(pks);
+
+       return ret;
 }
 
 
@@ -487,26 +500,27 @@ cleanup:
  * Returns: On success, the number of objects deleted is returned, otherwise a
  *   negative error value.
  **/
-int gnutls_pkcs11_delete_url(const charobject_url)
+int gnutls_pkcs11_delete_url(const char *object_url)
 {
-    int ret;
-    struct delete_data_st find_data;
+       int ret;
+       struct delete_data_st find_data;
 
        memset(&find_data, 0, sizeof(find_data));
 
-    ret = pkcs11_url_to_info(object_url, &find_data.info);
-    if (ret < 0) {
-        gnutls_assert();
-        return ret;
-    }
-
-    ret = _pkcs11_traverse_tokens(delete_obj_url, &find_data, SESSION_WRITE);
-    if (ret < 0) {
-        gnutls_assert();
-        return ret;
-    }
-    
-    return find_data.deleted;
-       
+       ret = pkcs11_url_to_info(object_url, &find_data.info);
+       if (ret < 0) {
+               gnutls_assert();
+               return ret;
+       }
+
+       ret =
+           _pkcs11_traverse_tokens(delete_obj_url, &find_data,
+                                   SESSION_WRITE);
+       if (ret < 0) {
+               gnutls_assert();
+               return ret;
+       }
+
+       return find_data.deleted;
+
 }
-