1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-10 21:38:50 +01:00
gnupg/sm
Werner Koch 3a28da61ae
sm: More improvements for PKCS#12 parsing for latest IVBB changes.
* common/tlv.h (TLV_PARSER_FLAG_T5793): New.
(tlv_parser_new): New macro.  Rename function with an underscore.
(tlv_next_with_flag): New.
* common/tlv-parser.c (struct tlv_parser_s): Remove const from buffer.
Add fields crammed, lasttlv, and origoff.  Remove bufferlist ands ist
definition.
(dump_to_file): New but disabled debug helper.
(parse_tag): Print more info on error.
(_tlv_parser_new): Add args lasttlv and LNO.  Take a copy of the data.
(_tlv_parser_release): Free the copy of the buffer and return the
recorded TLV object from tlv_parser_new.
(_tlv_peek, tlv_parser_peek, _tlv_parser_peek_null): Remove.
(_tlv_push): Record crammed length.
(_tlv_pop): Restore crammed length.
(_tlv_parser_next): Add arg flags.  More debug output.  Handle cramming
here.  Take care of cramming here.
(tlv_expect_object): Simplify to adjust for changes in _tlv_parser_next.
(tlv_expect_octet_string): Remove arg encapsulates.  Adjust for
changes in _tlv_parser_next.  Change all allers.
(tlv_expect_null): New.
(cram_octet_string): Rewrite.
(need_octet_string_cramming): Remove.

* sm/minip12.c (dump_to_file): New.  Enablein debug mode and if a
envvar ist set.  Replace all explict but disabled dumping to call this
function.
(parse_bag_encrypted_data): Replace tlv_peek_null and a peeking for an
optional SET by non-peeking code.
(parse_cert_bag): Ditto.
(parse_shrouded_key_bag): Replace tlv_peek_null by non-peeking code.
(parse_bag_encrypted_data): Use the new TLV_PARSER_FLAG_T5793 to
enable the Mozilla workaround.
(parse_bag_encrypted_data): Replace the 'renewed_tlv' code by the new
tlv_parser_release semantics.
(parse_shrouded_key_bag): Ditto.
(parse_shrouded_key_bag): Create a new context instead of using the
former encapsulated mechanism for tlv_expect_octet_string.
(parse_bag_data): Ditto.
(p12_parse): Ditto.
--

GnuPG-bug-id: 7213

Fixing this took way too long; I should have earlier explained the
code to a co-hacker to find the problem myself in my code by this.

Backported-from-master: 690fd61a0c
2024-08-07 10:22:01 +02:00
..
call-agent.c gpg,gpgsm: Hide password in debug output also for asked passwords. 2023-11-14 15:09:27 +01:00
call-dirmngr.c gpgsm: Support SENDCERT_SKI for --call-dirmngr 2023-06-19 14:05:22 +02:00
certchain.c gpgsm: Add --always-trust feature. 2023-08-31 12:30:26 +02:00
certcheck.c gpgsm: Avoid double free when checking rsaPSS signatures. 2024-05-29 11:48:54 +02:00
certdump.c gpgsm: New option --no-pretty-dn 2023-03-16 09:46:05 +01:00
certlist.c gpgsm: Add --always-trust feature. 2023-08-31 12:30:26 +02:00
certreqgen-ui.c gpgsm: Replace all assert calls by log_assert. 2020-07-08 14:40:34 +02:00
certreqgen.c gpgsm: Replace all assert calls by log_assert. 2020-07-08 14:40:34 +02:00
ChangeLog-2011 Generate the ChangeLog from commit logs. 2011-12-01 11:09:02 +01:00
decrypt.c gpgsm: Support ECDSA in de-vs mode. 2023-11-08 17:09:22 +01:00
delete.c sm: Implement delete key in keyboxd mode 2020-09-21 09:20:40 +02:00
encrypt.c sm: Fix ECDH encryption with dhSinglePass-stdDH-sha384kdf-scheme. 2024-01-23 15:36:26 +09:00
export.c sm: Flag Brainpool curves as compliant for all other operations. 2023-10-24 14:54:26 +02:00
fingerprint.c sm: Flag Brainpool curves as compliant for all other operations. 2023-10-24 14:54:26 +02:00
gpgsm-w32info.rc w32: Add missing manifests and set a requestedExecutionLevel. 2023-05-24 12:06:37 +02:00
gpgsm.c Allow tilde expansion for the foo-program options. 2024-02-27 10:36:22 +01:00
gpgsm.h Allow tilde expansion for the foo-program options. 2024-02-27 10:36:22 +01:00
gpgsm.w32-manifest.in w32: Add missing supportedOS Ids for Windows-10 2023-05-24 14:16:10 +02:00
import.c gpgsm: Allow parsing of PKCS#12 files with two private keys. 2024-01-15 09:56:07 +01:00
keydb.c keyboxd: Pass lock info back to gpg and gpgsm. 2023-12-18 16:23:19 +01:00
keydb.h sm: Implement initial support for keyboxd. 2020-09-10 13:05:17 +02:00
keylist.c sm: Emit user IDs in colon mode even if the Subject is empty. 2024-07-01 15:12:09 +02:00
Makefile.am sm: Major rewrite of the PKCS#12 parser 2023-06-28 17:34:19 +02:00
minip12.c sm: More improvements for PKCS#12 parsing for latest IVBB changes. 2024-08-07 10:22:01 +02:00
minip12.h gpgsm: Allow parsing of PKCS#12 files with two private keys. 2024-01-15 09:56:07 +01:00
misc.c sm: Print diagnostic about CRL problems due to Tor mode. 2022-04-11 17:57:14 +02:00
passphrase.c gpg,common,scd,sm: Function prototype fixes for modern compiler. 2022-09-13 16:34:00 +09:00
passphrase.h Change all http://www.gnu.org in license notices to https:// 2016-11-05 12:02:19 +01:00
qualified.c Replace most of the remaining stdio calls by estream calls. 2020-10-20 12:15:56 +02:00
server.c gpgsm: Add --always-trust feature. 2023-08-31 12:30:26 +02:00
sign.c gpgsm: Support ECDSA in de-vs mode. 2023-11-08 17:09:22 +01:00
t-minip12.c gpgsm: Allow parsing of PKCS#12 files with two private keys. 2024-01-15 09:56:07 +01:00
verify.c gpgsm: Improve the status line for --verify errors. 2024-01-15 09:13:46 +01:00