yubico-piv-tool: use ykpiv_util_read_cert
This commit is contained in:
+10
-13
@@ -991,13 +991,11 @@ static bool delete_certificate(ykpiv_state *state, enum enum_slot slot) {
|
||||
static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
||||
enum enum_key_format key_format, const char *output_file_name) {
|
||||
FILE *output_file;
|
||||
int object = get_object_id(slot);
|
||||
unsigned char data[3072];
|
||||
const unsigned char *ptr = data;
|
||||
unsigned long len = sizeof(data);
|
||||
int cert_len;
|
||||
bool ret = false;
|
||||
uint8_t *data = NULL;
|
||||
const unsigned char *ptr = NULL;
|
||||
X509 *x509 = NULL;
|
||||
bool ret = false;
|
||||
size_t cert_len = 0;
|
||||
|
||||
if (key_format != key_format_arg_PEM &&
|
||||
key_format != key_format_arg_DER &&
|
||||
@@ -1011,13 +1009,12 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
||||
return false;
|
||||
}
|
||||
|
||||
if(ykpiv_fetch_object(state, object, data, &len) != YKPIV_OK) {
|
||||
if (ykpiv_util_read_cert(state, get_slot_hex(slot), &data, &cert_len) != YKPIV_OK) {
|
||||
fprintf(stderr, "Failed fetching certificate.\n");
|
||||
goto read_cert_out;
|
||||
}
|
||||
ptr = data;
|
||||
|
||||
if(*ptr++ == 0x70) {
|
||||
ptr += get_length(ptr, &cert_len);
|
||||
if (key_format == key_format_arg_PEM ||
|
||||
key_format == key_format_arg_SSH) {
|
||||
x509 = X509_new();
|
||||
@@ -1025,7 +1022,7 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
||||
fprintf(stderr, "Failed allocating x509 structure.\n");
|
||||
goto read_cert_out;
|
||||
}
|
||||
x509 = d2i_X509(NULL, &ptr, cert_len);
|
||||
x509 = d2i_X509(NULL, (const unsigned char**)&ptr, cert_len);
|
||||
if (!x509) {
|
||||
fprintf(stderr, "Failed parsing x509 information.\n");
|
||||
goto read_cert_out;
|
||||
@@ -1047,9 +1044,6 @@ static bool read_certificate(ykpiv_state *state, enum enum_slot slot,
|
||||
fwrite(ptr, (size_t)cert_len, 1, output_file);
|
||||
ret = true;
|
||||
}
|
||||
} else {
|
||||
fprintf(stderr, "Failed parsing data.\n");
|
||||
}
|
||||
|
||||
read_cert_out:
|
||||
if (output_file != stdout) {
|
||||
@@ -1058,6 +1052,9 @@ read_cert_out:
|
||||
if (x509) {
|
||||
X509_free(x509);
|
||||
}
|
||||
if (data) {
|
||||
ykpiv_util_free(state, data);
|
||||
}
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user