yubico-piv-tool: use ykpiv_util_read_cert
This commit is contained in:
+10
-13
@@ -991,13 +991,11 @@ static bool delete_certificate(ykpiv_state *state, enum enum_slot slot) {
|
|||||||
static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
||||||
enum enum_key_format key_format, const char *output_file_name) {
|
enum enum_key_format key_format, const char *output_file_name) {
|
||||||
FILE *output_file;
|
FILE *output_file;
|
||||||
int object = get_object_id(slot);
|
uint8_t *data = NULL;
|
||||||
unsigned char data[3072];
|
const unsigned char *ptr = NULL;
|
||||||
const unsigned char *ptr = data;
|
|
||||||
unsigned long len = sizeof(data);
|
|
||||||
int cert_len;
|
|
||||||
bool ret = false;
|
|
||||||
X509 *x509 = NULL;
|
X509 *x509 = NULL;
|
||||||
|
bool ret = false;
|
||||||
|
size_t cert_len = 0;
|
||||||
|
|
||||||
if (key_format != key_format_arg_PEM &&
|
if (key_format != key_format_arg_PEM &&
|
||||||
key_format != key_format_arg_DER &&
|
key_format != key_format_arg_DER &&
|
||||||
@@ -1011,13 +1009,12 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(ykpiv_fetch_object(state, object, data, &len) != YKPIV_OK) {
|
if (ykpiv_util_read_cert(state, get_slot_hex(slot), &data, &cert_len) != YKPIV_OK) {
|
||||||
fprintf(stderr, "Failed fetching certificate.\n");
|
fprintf(stderr, "Failed fetching certificate.\n");
|
||||||
goto read_cert_out;
|
goto read_cert_out;
|
||||||
}
|
}
|
||||||
|
ptr = data;
|
||||||
|
|
||||||
if(*ptr++ == 0x70) {
|
|
||||||
ptr += get_length(ptr, &cert_len);
|
|
||||||
if (key_format == key_format_arg_PEM ||
|
if (key_format == key_format_arg_PEM ||
|
||||||
key_format == key_format_arg_SSH) {
|
key_format == key_format_arg_SSH) {
|
||||||
x509 = X509_new();
|
x509 = X509_new();
|
||||||
@@ -1025,7 +1022,7 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
|||||||
fprintf(stderr, "Failed allocating x509 structure.\n");
|
fprintf(stderr, "Failed allocating x509 structure.\n");
|
||||||
goto read_cert_out;
|
goto read_cert_out;
|
||||||
}
|
}
|
||||||
x509 = d2i_X509(NULL, &ptr, cert_len);
|
x509 = d2i_X509(NULL, (const unsigned char**)&ptr, cert_len);
|
||||||
if (!x509) {
|
if (!x509) {
|
||||||
fprintf(stderr, "Failed parsing x509 information.\n");
|
fprintf(stderr, "Failed parsing x509 information.\n");
|
||||||
goto read_cert_out;
|
goto read_cert_out;
|
||||||
@@ -1047,9 +1044,6 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
|||||||
fwrite(ptr, (size_t)cert_len, 1, output_file);
|
fwrite(ptr, (size_t)cert_len, 1, output_file);
|
||||||
ret = true;
|
ret = true;
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
fprintf(stderr, "Failed parsing data.\n");
|
|
||||||
}
|
|
||||||
|
|
||||||
read_cert_out:
|
read_cert_out:
|
||||||
if (output_file != stdout) {
|
if (output_file != stdout) {
|
||||||
@@ -1058,6 +1052,9 @@ read_cert_out:
|
|||||||
if (x509) {
|
if (x509) {
|
||||||
X509_free(x509);
|
X509_free(x509);
|
||||||
}
|
}
|
||||||
|
if (data) {
|
||||||
|
ykpiv_util_free(state, data);
|
||||||
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user