mirror of
git://git.gnupg.org/gnupg.git
synced 2024-06-17 00:39:50 +02:00
sm: Update pkcs#12 module from master
* sm/minip12.c: Update from master. * sm/import.c (parse_p12): Pass NULL for curve. -- Over the last years we had a couple of changes not backported to 2.2. However, to support DFN p12 files and probably other p12 files we need to update the minip12.c module. Instead of picking commits we take the module verbatim, which is relatively easy because it was originally designed to be a standalone module. Summary of commits taken from master: sm: Improve pkcs#12 debug output. sm: Rework the PKCS#12 parser to support DFN issued keys. sm: Fix parsing encrypted data. sm: Do not print certain issuer not found diags in quiet mode. sm: Silence some output on --quiet sm: Replace all assert calls by log_assert. doc: Typo fixes in code comments sm: Add support to export ECC private keys. Detailed log messages for those commits: commit52f9e13c0c
sm: Improve pkcs#12 debug output. * sm/minip12.c (parse_shrouded_key_bag): Fix offset diagnostic. (parse_cert_bag): Ditto. (parse_bag_data): Remove debug output. Pass startoffset. Fix offset diagnostic. commita4e04375e8
sm: Rework the PKCS#12 parser to support DFN issued keys. * sm/minip12.c (struct p12_parse_ctx_s): New. Use this instead of passing several parameters to most functions. (parse_pag_data): Factor things out to ... parse_shrouded_key_bag): new. (parse_cert_bag): New. (parse_bag_data): New. (p12_parse): Setup the parse context. To support newer pkcs#12 files like those issued by the DFN we need to support another ordering of data elements. This rework reflects the P12 data structure a bit better than our old ad-hoc hacks. Tests could only be done with the certificate parts and not the encrypted private keys. GnuPG-bug-id: 6037 commit6c50834c09
sm: Fix parsing encrypted data. * sm/minip12.c (cram_octet_string): Finish when N==0. (parse_bag_encrypted_data): Support constructed data with multiple octet strings. GnuPG-bug-id: 5793 commita170f0e73f
sm: Do not print certain issuer not found diags in quiet mode. * sm/certchain.c (find_up_dirmngr): Print one diagnostic only in verbose mode. Do not print issuer not found diags in quiet mode. * sm/minip12.c (parse_bag_data): Add missing verbose condition. GnuPG-bug-id: 4757 commit615d2e4fb1
sm: Silence some output on --quiet * sm/encrypt.c (gpgsm_encrypt): Take care of --quiet. * sm/gpgsm.c: Include minip12.h. (set_debug): Call p12_set_verbosity. * sm/import.c (parse_p12): Dump keygrip only in debug mode. * sm/minip12.c (opt_verbose, p12_set_verbosity): New. (parse_bag_encrypted_data): Print info messages only in verbose mode. GnuPG-bug-id: 4757 commit9ee975d588
gpgsm: Replace all assert calls by log_assert. commit9bc9d0818b
doc: Typo fixes in code comments commit5da6925a33
sm: Add support to export ECC private keys. * sm/minip12.c [TEST]: Remove test code. Include util.h, tlv.h. and openpgpdefs.h. Remove the class and tag constants and replace them by those from tlv.h. (builder_add_oid, builder_add_mpi): New. (build_key_sequence): Rename to ... (build_rsa_key_sequence): this. (build_ecc_key_sequence): New. (p12_build): Call RSA or ECC builder. (p12_raw_build): Ditto. * sm/export.c (gpgsm_p12_export): Use correct armor header for ECC. (sexp_to_kparms): Support ECC. GnuPG-bug-id: 4921
This commit is contained in:
parent
d21ced1e35
commit
4c14bbf56f
|
@ -777,7 +777,8 @@ parse_p12 (ctrl_t ctrl, ksba_reader_t reader, struct stats_s *stats)
|
||||||
goto leave;
|
goto leave;
|
||||||
|
|
||||||
kparms = p12_parse (p12buffer + p12bufoff, p12buflen - p12bufoff,
|
kparms = p12_parse (p12buffer + p12bufoff, p12buflen - p12bufoff,
|
||||||
passphrase, store_cert_cb, &store_cert_parm, &bad_pass);
|
passphrase, store_cert_cb, &store_cert_parm,
|
||||||
|
&bad_pass, NULL);
|
||||||
|
|
||||||
xfree (passphrase);
|
xfree (passphrase);
|
||||||
passphrase = NULL;
|
passphrase = NULL;
|
||||||
|
|
1092
sm/minip12.c
1092
sm/minip12.c
File diff suppressed because it is too large
Load Diff
|
@ -22,12 +22,13 @@
|
||||||
|
|
||||||
#include <gcrypt.h>
|
#include <gcrypt.h>
|
||||||
|
|
||||||
|
|
||||||
void p12_set_verbosity (int verbose);
|
void p12_set_verbosity (int verbose);
|
||||||
|
|
||||||
gcry_mpi_t *p12_parse (const unsigned char *buffer, size_t length,
|
gcry_mpi_t *p12_parse (const unsigned char *buffer, size_t length,
|
||||||
const char *pw,
|
const char *pw,
|
||||||
void (*certcb)(void*, const unsigned char*, size_t),
|
void (*certcb)(void*, const unsigned char*, size_t),
|
||||||
void *certcbarg, int *r_badpass);
|
void *certcbarg, int *r_badpass, char **r_curve);
|
||||||
|
|
||||||
unsigned char *p12_build (gcry_mpi_t *kparms,
|
unsigned char *p12_build (gcry_mpi_t *kparms,
|
||||||
const void *cert, size_t certlen,
|
const void *cert, size_t certlen,
|
||||||
|
|
Loading…
Reference in New Issue
Block a user