aboutsummaryrefslogtreecommitdiff
path: root/src/namestore/plugin_gtk_namestore_tlsa.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2014-06-07 17:11:29 +0000
committerChristian Grothoff <christian@grothoff.org>2014-06-07 17:11:29 +0000
commite88cc91be7df92b75430d4748fd201eb03013675 (patch)
tree25281eb34e119a50d00f80e5581c66e6aec66651 /src/namestore/plugin_gtk_namestore_tlsa.c
parentf4e7725e74414142e9813247401892c1befa2c51 (diff)
downloadgnunet-gtk-e88cc91be7df92b75430d4748fd201eb03013675.tar.gz
gnunet-gtk-e88cc91be7df92b75430d4748fd201eb03013675.zip
finishing TLSA validation logic
Diffstat (limited to 'src/namestore/plugin_gtk_namestore_tlsa.c')
-rw-r--r--src/namestore/plugin_gtk_namestore_tlsa.c82
1 files changed, 64 insertions, 18 deletions
diff --git a/src/namestore/plugin_gtk_namestore_tlsa.c b/src/namestore/plugin_gtk_namestore_tlsa.c
index 2228831d..19f88d11 100644
--- a/src/namestore/plugin_gtk_namestore_tlsa.c
+++ b/src/namestore/plugin_gtk_namestore_tlsa.c
@@ -31,6 +31,7 @@
31#include "gnunet_gtk_namestore_plugin.h" 31#include "gnunet_gtk_namestore_plugin.h"
32#include <gnutls/gnutls.h> 32#include <gnutls/gnutls.h>
33#include <gnutls/x509.h> 33#include <gnutls/x509.h>
34#include <gnutls/abstract.h>
34 35
35 36
36/** 37/**
@@ -445,19 +446,18 @@ tlsa_validate (void *cls,
445 GtkTextIter ti_start; 446 GtkTextIter ti_start;
446 GtkTextIter ti_end; 447 GtkTextIter ti_end;
447 gnutls_datum_t datum; 448 gnutls_datum_t datum;
448 gnutls_pkcs7_t pkcs7; 449 gnutls_x509_crt_t cert;
450 gnutls_pubkey_t pk;
449 int ret; 451 int ret;
450 unsigned int matching_type; 452 unsigned int matching_type;
453 unsigned int selector;
454 int err;
451 455
452 fprintf (stderr,
453 "Validating...\n");
454 cb = GTK_COMBO_BOX (gtk_builder_get_object (builder, 456 cb = GTK_COMBO_BOX (gtk_builder_get_object (builder,
455 "edit_dialog_protocol_combobox")); 457 "edit_dialog_protocol_combobox"));
456 if (! gtk_combo_box_get_active_iter (cb, 458 if (! gtk_combo_box_get_active_iter (cb,
457 &iter)) 459 &iter))
458 { 460 {
459 fprintf (stderr,
460 "No protocol selected...\n");
461 return GNUNET_SYSERR; 461 return GNUNET_SYSERR;
462 } 462 }
463 463
@@ -479,31 +479,74 @@ tlsa_validate (void *cls,
479 bin)) 479 bin))
480 { 480 {
481 /* not hex */ 481 /* not hex */
482 fprintf (stderr, 482 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
483 "Certificate value is not in hex...\n"); 483 _("Certificate value is not in hex...\n"));
484 return GNUNET_SYSERR; 484 return GNUNET_SYSERR;
485 } 485 }
486 matching_type = get_selected_radio_value (builder, 486 matching_type = get_selected_radio_value (builder,
487 matching_type_buttons); 487 matching_type_buttons);
488 488 selector = get_selected_radio_value (builder,
489 selector_buttons);
489 switch (matching_type) 490 switch (matching_type)
490 { 491 {
491 case 0: /* exact match */ 492 case 0: /* exact match */
492 datum.size = sizeof (bin); 493 datum.size = sizeof (bin);
493 datum.data = bin; 494 datum.data = bin;
494 gnutls_pkcs7_init (&pkcs7); 495 switch (selector)
495 if (GNUTLS_E_SUCCESS !=
496 gnutls_pkcs7_import (pkcs7,
497 &datum,
498 GNUTLS_X509_FMT_DER))
499 { 496 {
500 fprintf (stderr, 497 case 0: /* full Cert */
501 "Certificate value is not PKCS7...\n"); 498 if (GNUTLS_E_SUCCESS !=
499 (err = gnutls_x509_crt_init (&cert)))
500 {
501 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
502 _("Failed to initialize CERT: %s\n"),
503 gnutls_strerror_name (err));
504 ret = GNUNET_SYSERR;
505 break;
506 }
507 if (GNUTLS_E_SUCCESS !=
508 (err = gnutls_x509_crt_import (cert,
509 &datum,
510 GNUTLS_X509_FMT_DER)))
511 {
512 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
513 _("Failed to parse CERT: %s\n"),
514 gnutls_strerror_name (err));
515 ret = GNUNET_SYSERR;
516 }
517 else
518 ret = GNUNET_OK;
519 gnutls_x509_crt_deinit (cert);
520 break;
521 case 1: /* subject public key only */
522 if (GNUTLS_E_SUCCESS !=
523 (err = gnutls_pubkey_init (&pk)))
524 {
525 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
526 _("Failed to initialize PK: %s\n"),
527 gnutls_strerror_name (err));
528 ret = GNUNET_SYSERR;
529 break;
530 }
531 if (GNUTLS_E_SUCCESS !=
532 (err = gnutls_pubkey_import (pk,
533 &datum,
534 GNUTLS_X509_FMT_DER)))
535 {
536 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
537 _("Failed to parse PK: %s\n"),
538 gnutls_strerror_name (err));
539 ret = GNUNET_SYSERR;
540 }
541 else
542 ret = GNUNET_OK;
543 gnutls_pubkey_deinit (pk);
544 break;
545 default:
546 GNUNET_break (0);
502 ret = GNUNET_SYSERR; 547 ret = GNUNET_SYSERR;
548 break;
503 } 549 }
504 else
505 ret = GNUNET_OK;
506 gnutls_pkcs7_deinit (pkcs7);
507 break; 550 break;
508 case 1: /* SHA-256 hash */ 551 case 1: /* SHA-256 hash */
509 ret = (256 / 8 == slen / 2) ? GNUNET_OK : GNUNET_SYSERR; 552 ret = (256 / 8 == slen / 2) ? GNUNET_OK : GNUNET_SYSERR;
@@ -513,6 +556,7 @@ tlsa_validate (void *cls,
513 break; 556 break;
514 default: 557 default:
515 GNUNET_break (0); 558 GNUNET_break (0);
559 ret = GNUNET_SYSERR;
516 break; 560 break;
517 } 561 }
518 } 562 }
@@ -593,6 +637,7 @@ libgnunet_plugin_gtk_namestore_tlsa_init (void *cls)
593 { NULL, NULL } 637 { NULL, NULL }
594 }; 638 };
595 639
640 gnutls_global_init ();
596 plugin = GNUNET_new (struct GNUNET_GTK_NAMESTORE_PluginFunctions); 641 plugin = GNUNET_new (struct GNUNET_GTK_NAMESTORE_PluginFunctions);
597 plugin->cls = env; 642 plugin->cls = env;
598 plugin->dialog_glade_filename = "gnunet_namestore_edit_tlsa.glade"; 643 plugin->dialog_glade_filename = "gnunet_namestore_edit_tlsa.glade";
@@ -619,6 +664,7 @@ libgnunet_plugin_gtk_namestore_tlsa_done (void *cls)
619 struct GNUNET_GTK_NAMESTORE_PluginFunctions *plugin = cls; 664 struct GNUNET_GTK_NAMESTORE_PluginFunctions *plugin = cls;
620 665
621 GNUNET_free (plugin); 666 GNUNET_free (plugin);
667 gnutls_global_deinit ();
622 return NULL; 668 return NULL;
623} 669}
624 670
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-23 07:25:26 +0000