break;
}
- a[0].type = CKA_LABEL;
- a[0].value = label_tmp;
- a[0].value_len = sizeof(label_tmp);
-
- a[1].type = CKA_ID;
- a[1].value = id_tmp;
- a[1].value_len = sizeof(id_tmp);
-
/* data will contain the certificate */
rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, ctx, CKA_VALUE, &data);
+ if (rv == CKR_OK) {
+ ret = check_found_cert(priv, &data, now);
+ if (ret < 0) {
+ _gnutls_free_datum(&data);
+ continue;
+ }
- if (rv == CKR_OK && pkcs11_get_attribute_value
- (sinfo->module, sinfo->pks, ctx, a,
- 2) == CKR_OK) {
- label.data = a[0].value;
- label.size = a[0].value_len;
- id.data = a[1].value;
- id.size = a[1].value_len;
-
- found = 1;
- break;
- } else {
- _gnutls_debug_log
- ("p11: Skipped cert, missing attrs.\n");
+ a[0].type = CKA_LABEL;
+ a[0].value = label_tmp;
+ a[0].value_len = sizeof(label_tmp);
+
+ a[1].type = CKA_ID;
+ a[1].value = id_tmp;
+ a[1].value_len = sizeof(id_tmp);
+
+ if (pkcs11_get_attribute_value(sinfo->module, sinfo->pks, ctx, a,
+ 2) == CKR_OK) {
+ label.data = a[0].value;
+ label.size = a[0].value_len;
+ id.data = a[1].value;
+ id.size = a[1].value_len;
+
+ found = 1;
+ break;
+ } else {
+ _gnutls_free_datum(&data);
+ _gnutls_debug_log
+ ("p11: Skipped cert, missing attrs.\n");
+ }
}
}
finalized = 1;
if (found != 0) {
- ret = check_found_cert(priv, &data, now);
- if (ret < 0) {
- _gnutls_free_datum(&data);
- found = 0;
- continue;
- }
-
- if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT) {
+ if (priv->flags & GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT && data.size > 0) {
gnutls_datum_t spki;
rv = pkcs11_get_attribute_avalue(sinfo->module, sinfo->pks, ctx, CKA_PUBLIC_KEY_INFO, &spki);
if (rv == CKR_OK) {
projects / thirdparty / gnutls.git / commitdiff
