int
main (void)
{
- int err, listen_sd, i;
+ int err, listen_sd;
int sd, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
/* see the Getting peer's information example */
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
int
main (void)
{
- int err, listen_sd, i;
+ int err, listen_sd;
int sd, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
int
main (void)
{
- int err, listen_sd, i;
+ int err, listen_sd;
int sd, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
/* see the Getting peer's information example */
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
int
main (void)
{
- int err, listen_sd, i;
+ int err, listen_sd;
int sd, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
/* see the Getting peer's information example */
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
int
main (void)
{
- int err, listen_sd, i;
+ int err, listen_sd;
int sd, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
int
main (void)
{
- int err, listen_sd, i;
+ int err, listen_sd;
int sd, ret;
struct sockaddr_in sa_serv;
struct sockaddr_in sa_cli;
/* see the Getting peer's information example */
/* print_info(session); */
- i = 0;
for (;;)
{
memset (buffer, 0, MAX_BUF + 1);
cert_auth_info_t info;
gnutls_certificate_credentials_t cred;
ssize_t dsize = data_size;
- int i, x, key_type;
+ int x, key_type;
gnutls_cert *peer_certificate_list = NULL;
int peer_certificate_list_size = 0;
gnutls_datum_t tmp, akey = { NULL, 0 };
/* no certificate was sent */
return GNUTLS_E_NO_CERTIFICATE_FOUND;
}
- i = dsize;
/* Read PGPKeyDescriptor */
DECR_LEN (dsize, 1);
if (length != NULL)
*length = session->internals.handshake_hash_buffer.length;
- _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n", (int)*length);
+ _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n", (int)session->internals.handshake_hash_buffer.length);
if (data_ptr != NULL)
*data_ptr = session->internals.handshake_hash_buffer.data;
result = _gnutls_mpi_print_lz (mpi, NULL, &s_len);
else
result = _gnutls_mpi_print (mpi, NULL, &s_len);
+
+ if (result != 0)
+ {
+ gnutls_assert();
+ return result;
+ }
tmpstr = gnutls_malloc (s_len);
if (tmpstr == NULL)
_gnutls_encode_ber_rs (gnutls_datum_t * sig_value, bigint_t r, bigint_t s)
{
ASN1_TYPE sig;
- int result, tot_len;
+ int result;
if ((result =
asn1_create_element (_gnutls_get_gnutls_asn (),
return result;
}
- tot_len = 0;
-
result = _gnutls_x509_der_encode (sig, "", sig_value, 0);
asn1_delete_structure (&sig);
*/
if (cert != NULL)
- if (cert->key_usage != 0)
- if (!(cert->key_usage & KEY_DIGITAL_SIGNATURE))
- {
- gnutls_assert ();
- return GNUTLS_E_KEY_USAGE_VIOLATION;
- }
-
- /* External signing. */
- if (!pkey || pkey->params_size == 0)
{
- if (!session->internals.sign_func)
- return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
-
- return (*session->internals.sign_func)
- (session, session->internals.sign_func_userdata,
- cert->cert_type, &cert->raw, hash_concat, signature);
+ if (cert->key_usage != 0)
+ if (!(cert->key_usage & KEY_DIGITAL_SIGNATURE))
+ {
+ gnutls_assert ();
+ return GNUTLS_E_KEY_USAGE_VIOLATION;
+ }
+
+ /* External signing. */
+ if (!pkey || pkey->params_size == 0)
+ {
+ if (!session->internals.sign_func)
+ return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+
+ return (*session->internals.sign_func)
+ (session, session->internals.sign_func_userdata,
+ cert->cert_type, &cert->raw, hash_concat, signature);
+ }
}
return _gnutls_sign (pkey->pk_algorithm, pkey->params,
if (!s)
{
- s->error = CDK_Inv_Value;
gnutls_assert ();
return EOF;
}
if (!s)
{
- s->error = CDK_Inv_Value;
gnutls_assert ();
return EOF;
}
if (!s)
{
- s->error = CDK_Inv_Value;
gnutls_assert ();
return EOF;
}
if (!s)
{
- s->error = CDK_Inv_Value;
gnutls_assert ();
return EOF;
}
}
if (!rc)
rc = stream_putc (out, _cdk_pub_algo_to_pgp (pk->pubkey_algo));
+
if (!rc)
rc = write_mpibuf (out, pk->mpi, npkey);
- if (sk->is_protected == 0)
- rc = stream_putc (out, 0x00);
- else
+
+ if (!rc)
{
- if (is_RSA (pk->pubkey_algo) && pk->version < 4)
- stream_putc (out, _gnutls_cipher_to_pgp (sk->protect.algo));
- else if (sk->protect.s2k)
- {
- s2k_mode = sk->protect.s2k->mode;
- rc = stream_putc (out, sk->protect.sha1chk ? 0xFE : 0xFF);
- if (!rc)
- rc = stream_putc (out, _gnutls_cipher_to_pgp (sk->protect.algo));
- if (!rc)
- rc = stream_putc (out, sk->protect.s2k->mode);
- if (!rc)
- rc = stream_putc (out, sk->protect.s2k->hash_algo);
- if (!rc && (s2k_mode == 1 || s2k_mode == 3))
- {
- rc = stream_write (out, sk->protect.s2k->salt, 8);
- if (!rc && s2k_mode == 3)
- rc = stream_putc (out, sk->protect.s2k->count);
- }
- }
+ if (sk->is_protected == 0)
+ rc = stream_putc (out, 0x00);
else
- return CDK_Inv_Value;
- rc = stream_write (out, sk->protect.iv, sk->protect.ivlen);
+ {
+ if (is_RSA (pk->pubkey_algo) && pk->version < 4)
+ rc = stream_putc (out, _gnutls_cipher_to_pgp (sk->protect.algo));
+ else if (sk->protect.s2k)
+ {
+ s2k_mode = sk->protect.s2k->mode;
+ rc = stream_putc (out, sk->protect.sha1chk ? 0xFE : 0xFF);
+ if (!rc)
+ rc = stream_putc (out, _gnutls_cipher_to_pgp (sk->protect.algo));
+ if (!rc)
+ rc = stream_putc (out, sk->protect.s2k->mode);
+ if (!rc)
+ rc = stream_putc (out, sk->protect.s2k->hash_algo);
+ if (!rc && (s2k_mode == 1 || s2k_mode == 3))
+ {
+ rc = stream_write (out, sk->protect.s2k->salt, 8);
+ if (!rc && s2k_mode == 3)
+ rc = stream_putc (out, sk->protect.s2k->count);
+ }
+ }
+ else
+ return CDK_Inv_Value;
+ if (!rc)
+ rc = stream_write (out, sk->protect.iv, sk->protect.ivlen);
+ }
}
if (!rc && sk->is_protected && pk->version == 4)
{
}
if (format == GNUTLS_OPENPGP_FMT_RAW)
- rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
+ {
+ rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
+ if (rc)
+ {
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
+ }
+ }
else
{
rc = cdk_stream_tmp_from_mem (data->data, data->size, &inp);
CDK_ARMOR_PUBKEY);
gnutls_free (in);
*output_data_size = calc_size;
+
+ if (rc)
+ {
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
+ }
}
return 0;
}
if (format == GNUTLS_OPENPGP_FMT_RAW)
- rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
+ {
+ rc = cdk_kbnode_read_from_mem (&key->knode, data->data, data->size);
+ if (rc != 0)
+ {
+ rc = _gnutls_map_cdk_rc (rc);
+ gnutls_assert ();
+ return rc;
+ }
+ }
else
{
rc = cdk_stream_tmp_from_mem (data->data, data->size, &inp);
&raw_key->data[params_start],
params_len, &kdf_params, &enc_params);
+ if (result < 0)
+ {
+ gnutls_assert();
+ goto error;
+ }
/* Parameters have been decoded. Now
* decrypt the EncryptedData.
static int
_verify_x509_mem (const void *cert, int cert_size)
{
- int siz, i;
const char *ptr;
- int ret;
+ int ret, i;
char name[256];
char issuer_name[256];
size_t name_size;
/* Decode the CRL list
*/
- siz = cert_size;
ptr = cert;
i = 1;
/* Decode the certificate chain.
*/
- siz = cert_size;
ptr = cert;
i = 1;
ret = gnutls_psk_netconf_derive_key (passwd,
info.username,
info.netconf_hint, &dkey);
+ if (ret < 0)
+ {
+ fprintf (stderr, "Deriving the key failed\n");
+ exit (1);
+ }
}
else
{