Overview
Comment: | Improve fetching large certificates |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
dfc8252148672895dc7247560683d98c |
User & Date: | roykeene on 2021-11-02 22:56:30 |
Other Links: | manifest | tags |
Context
2021-11-03
| ||
10:46 | CACKey 0.7.12 check-in: 1b3cf11b1b user: rkeene tags: 0.7.12, trunk | |
2021-11-02
| ||
22:56 | Improve fetching large certificates check-in: dfc8252148 user: roykeene tags: trunk | |
2021-10-30
| ||
20:27 | CACKey 0.7.11 check-in: e6b5859a01 user: rkeene tags: 0.7.11, trunk | |
Changes
Modified cackey.c from [e8309dfff8] to [781f56fb73].
︙ | |||
215 216 217 218 219 220 221 | 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 | - + | static char buf_user[4096] = {0}; \ snprintf(buf_user, sizeof(buf_user), x); \ buf_user[sizeof(buf_user) - 1] = '\0'; \ fprintf(cackey_debug_fd(), "[%lu]: %s():%i: %s\n", CACKEY_DEBUG_GETTIME(), __func__, __LINE__, buf_user); \ fflush(cackey_debug_fd()); \ } # define CACKEY_DEBUG_PRINTBUF(f, x, y) { \ |
︙ | |||
1731 1732 1733 1734 1735 1736 1737 | 1731 1732 1733 1734 1735 1736 1737 1738 1739 1740 1741 1742 1743 1744 1745 1746 1747 1748 1749 1750 1751 1752 1753 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 | - + + + - - + + - + | bytes_to_copy = *respdata_len; if (recv_len < bytes_to_copy) { bytes_to_copy = recv_len; } |
︙ | |||
2597 2598 2599 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 | 2599 2600 2601 2602 2603 2604 2605 2606 2607 2608 2609 2610 2611 2612 2613 2614 2615 2616 2617 2618 2619 2620 | + - + | * ... * */ static struct cackey_pcsc_identity *cackey_read_certs(struct cackey_slot *slot, struct cackey_pcsc_identity *certs, unsigned long *count) { cackey_pcsc_id_type check_id_type; struct cackey_pcsc_identity *curr_id; struct cackey_tlv_entity *ccc_tlv, *ccc_curr, *app_tlv, *app_curr; struct x509_object check_certificate; unsigned char *piv_oid, piv_oid_pivauth[] = {NISTSP800_73_3_OID_PIVAUTH}, piv_oid_signature[] = {NISTSP800_73_3_OID_SIGNATURE}, piv_oid_keymgt[] = {NISTSP800_73_3_OID_KEYMGT}; unsigned char curr_aid[7]; unsigned char buffer[1024 * 32], *buffer_p, *tmpbuf; unsigned long outidx = 0; char *piv_label; cackey_ret transaction_ret; |
︙ | |||
2816 2817 2818 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 | 2819 2820 2821 2822 2823 2824 2825 2826 2827 2828 2829 2830 2831 2832 2833 2834 2835 2836 2837 2838 2839 2840 2841 2842 2843 2844 2845 2846 2847 2848 2849 2850 2851 2852 2853 2854 2855 2856 2857 2858 2859 2860 2861 2862 2863 2864 2865 2866 2867 2868 2869 2870 | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + | curr_id->certificate = tmpbuf; curr_id->certificate_len = tmpbuflen; } else { CACKEY_DEBUG_PRINTF("Decompressing failed! uncompress() returned %i", uncompress_ret); free(tmpbuf); curr_id->certificate = NULL; outidx--; continue; } #else CACKEY_DEBUG_PRINTF("Error. We got a compressed certificate but we do not have zlib. Hoping for the best."); curr_id->certificate = NULL; outidx--; continue; #endif } else { CACKEY_DEBUG_PRINTF("We got an uncompressed certificate"); } } /* * Fit the length of the certificate appropriately */ x509te_ret = x509_to_exponent(curr_id->certificate, curr_id->certificate_len, NULL); x509tk_ret = x509_to_keysize(curr_id->certificate, curr_id->certificate_len); if (x509tk_ret < 0 || x509te_ret < 0) { CACKEY_DEBUG_PRINTF("We got an unparsable certificate, skipping (exponent size is %lli, public key size is %lli)", (long long) x509te_ret, (long long) x509tk_ret); curr_id->certificate = NULL; outidx--; continue; } CACKEY_DEBUG_PRINTF("Size of certificate %llu read, size of actual object %llu", (unsigned long long) curr_id->certificate_len, (unsigned long long) check_certificate.wholething.size); } } else { /* Read all the applets from the CCC's TLV */ ccc_tlv = cackey_read_tlv(slot); /* Look for CARDURLs that coorespond to PKI applets */ for (ccc_curr = ccc_tlv; ccc_curr; ccc_curr = ccc_curr->_next) { |
︙ |