Daniel Kahn Gillmor wrote:
Hi GnuTLS folks--
I just opened another ticket, this time about weirdly inconsistent
behavior in the gnutls_openpgp_privkey_import() function:
http://trac.gnutls.org/cgi-bin/trac.cgi/ticket/23
Please let me know if i can do anything to help debug it further.
This is not quite easy to fix since it depends on the internals of
opencdk. As far as I remember opencdk auto detects the input data and
acts accordingly. However in gnutls we specifically set the raw/base64
flag. An improvement I could think would be to check the data after the
import in order to verify that import was successful.
Does the attached patch solve the issue for you?
regards,
Nikos
diff --git a/lib/openpgp/privkey.c b/lib/openpgp/privkey.c
index aa9c82b..57d0342 100644
--- a/lib/openpgp/privkey.c
+++ b/lib/openpgp/privkey.c
@@ -93,7 +93,8 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t key,
gnutls_openpgp_crt_fmt_t format,
const char *pass, unsigned int flags)
{
- cdk_stream_t inp;
+ cdk_stream_t inp;
+ cdk_packet_t pkt;
int rc;
if (format == GNUTLS_OPENPGP_FMT_RAW)
@@ -119,6 +120,14 @@ gnutls_openpgp_privkey_import (gnutls_openpgp_privkey_t
key,
return rc;
}
}
+
+ /* Test if the import was successful. */
+ pkt = cdk_kbnode_find_packet (key->knode, CDK_PKT_SECRET_KEY);
+ if (pkt == NULL)
+ {
+ gnutls_assert();
+ return GNUTLS_E_OPENPGP_GETKEY_FAILED;
+ }
return 0;
}
_______________________________________________
Help-gnutls mailing list
[email protected]
http://lists.gnu.org/mailman/listinfo/help-gnutls
