Change-Id: Id73e641499e75bc1afc1dea29682418156f461fe
Reviewed-on: https://code.wireshark.org/review/24751
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot
Reviewed-by: Michael Mann <mmann78@netscape.net>
If a variable is initialized in a loop body or an if clause or a switch
clause, declare it inside the loop body/clause, and de-initialize it
before leaving the loop body/clause.
De-initialize the gnutls_pkcs12_t before leaving rsa_load_pkcs12(), so
as not to leak it.
Always leave the per-bag loop by "goto done", even if we're not within
an inner loop, to make it clearer what we're doing.
We initialize the bag structure at the beginning of that loop body;
de-initialize it at the end.
If we leave the loop without a private key, and we don't have an error
message, the error is "we didn't find a PKCS8 key"; report that.
Change-Id: I87cf296876c8f1879f69d01ce67ca2829b4f8d16
Reviewed-on: https://code.wireshark.org/review/22958
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Pacify checkAPIs.pl
Change-Id: I637a6cd678b99d05cd1b26fd3cba6ad4dd19e8d2
Reviewed-on: https://code.wireshark.org/review/22957
Petri-Dish: Michael Mann <mmann78@netscape.net>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Ensure that rsa_load_pem_key() and rsa_load_pkcs12() always return an
error message string if they fail, so that
1) they don't return NULL without supplying an error string;
2) they don't supply an error string if they succeed.
If either of them fails, report the error; if there's no error string,
report an unknown error (that shouldn't happen, but the wsutil/rsa.c
code needs more cleanup before I'll believe it can't happen).
While we're at it, clean up some of those error strings, return NULL
rather than 0 as the failure case from rsa_load_pkcs12() as we do in
rsa_load_pem_key() (they mean the same thing, but NULL makes it a bit
clearer), and de-initialize the private key structure in
rsa_load_pem_key() if we fail (so that we don't leak memory).
Change-Id: Id9dd331800d87b017a500a6f579df446057f555b
Reviewed-on: https://code.wireshark.org/review/22941
Reviewed-by: Guy Harris <guy@alum.mit.edu>
Loading PEM and PKCS#11 keys was being done in static functions
in packet-ssl-utils.c. These were moved to wsutil, with prototypes
in a new <wsutil/rsa.h> header. This adds gnutls as optional
dependency to wsutil.
The RSA decryption helper was also moved and is now provided in
<wsutil/wsgcrypt.h>.
This allows more dissectors to access this functionality.
Change-Id: I6cfbbf5203f2881c82bad721747834ccd76e2033
Reviewed-on: https://code.wireshark.org/review/21941
Reviewed-by: Peter Wu <peter@lekensteyn.nl>
Petri-Dish: Peter Wu <peter@lekensteyn.nl>
Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
Reviewed-by: Michael Mann <mmann78@netscape.net>
Michael Mann