yubico-piv-tool: use ykpiv_util_read_cert

This commit is contained in:
Trevor Bentley
2017-09-19 17:33:58 +02:00
parent 3bca63c39c
commit 248980fe27
+10 -13
View File
@@ -991,13 +991,11 @@ static bool delete_certificate(ykpiv_state *state, enum enum_slot slot) {
static bool read_certificate(ykpiv_state *state, enum enum_slot slot, static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
enum enum_key_format key_format, const char *output_file_name) { enum enum_key_format key_format, const char *output_file_name) {
FILE *output_file; FILE *output_file;
int object = get_object_id(slot); uint8_t *data = NULL;
unsigned char data[3072]; const unsigned char *ptr = NULL;
const unsigned char *ptr = data;
unsigned long len = sizeof(data);
int cert_len;
bool ret = false;
X509 *x509 = NULL; X509 *x509 = NULL;
bool ret = false;
size_t cert_len = 0;
if (key_format != key_format_arg_PEM && if (key_format != key_format_arg_PEM &&
key_format != key_format_arg_DER && key_format != key_format_arg_DER &&
@@ -1011,13 +1009,12 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
return false; return false;
} }
if(ykpiv_fetch_object(state, object, data, &len) != YKPIV_OK) { if (ykpiv_util_read_cert(state, get_slot_hex(slot), &data, &cert_len) != YKPIV_OK) {
fprintf(stderr, "Failed fetching certificate.\n"); fprintf(stderr, "Failed fetching certificate.\n");
goto read_cert_out; goto read_cert_out;
} }
ptr = data;
if(*ptr++ == 0x70) {
ptr += get_length(ptr, &cert_len);
if (key_format == key_format_arg_PEM || if (key_format == key_format_arg_PEM ||
key_format == key_format_arg_SSH) { key_format == key_format_arg_SSH) {
x509 = X509_new(); x509 = X509_new();
@@ -1025,7 +1022,7 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
fprintf(stderr, "Failed allocating x509 structure.\n"); fprintf(stderr, "Failed allocating x509 structure.\n");
goto read_cert_out; goto read_cert_out;
} }
x509 = d2i_X509(NULL, &ptr, cert_len); x509 = d2i_X509(NULL, (const unsigned char**)&ptr, cert_len);
if (!x509) { if (!x509) {
fprintf(stderr, "Failed parsing x509 information.\n"); fprintf(stderr, "Failed parsing x509 information.\n");
goto read_cert_out; goto read_cert_out;
@@ -1047,9 +1044,6 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
fwrite(ptr, (size_t)cert_len, 1, output_file); fwrite(ptr, (size_t)cert_len, 1, output_file);
ret = true; ret = true;
} }
} else {
fprintf(stderr, "Failed parsing data.\n");
}
read_cert_out: read_cert_out:
if (output_file != stdout) { if (output_file != stdout) {
@@ -1058,6 +1052,9 @@ read_cert_out:
if (x509) { if (x509) {
X509_free(x509); X509_free(x509);
} }
if (data) {
ykpiv_util_free(state, data);
}
return ret; return ret;
} }