RRDP has a lot of base64 strings to handle. Because of this adjust the
base64_decode function in tal.c to take a regular string as input.
For now keep the function static, will change that once RRDP is ready.
OK?
--
:wq Claudio
Index: tal.c
===================================================================
RCS file: /cvs/src/usr.sbin/rpki-client/tal.c,v
retrieving revision 1.28
diff -u -p -r1.28 tal.c
--- tal.c 5 Mar 2021 17:15:19 -0000 1.28
+++ tal.c 25 Mar 2021 08:54:27 -0000
@@ -28,11 +28,11 @@
#include "extern.h"
static int
-base64_decode(const unsigned char *in, size_t inlen, unsigned char **out,
- size_t *outlen)
+base64_decode(const unsigned char *in, unsigned char **out, size_t *outlen)
{
static EVP_ENCODE_CTX *ctx;
unsigned char *to;
+ size_t inlen;
int tolen;
if (ctx == NULL && (ctx = EVP_ENCODE_CTX_new()) == NULL)
@@ -41,6 +41,7 @@ base64_decode(const unsigned char *in, s
*out = NULL;
*outlen = 0;
+ inlen = strlen(in);
if (inlen >= INT_MAX - 3)
return -1;
tolen = ((inlen + 3) / 4) * 3 + 1;
@@ -81,7 +82,7 @@ tal_parse_buffer(const char *fn, char *b
{
char *nl, *line, *f, *file = NULL;
unsigned char *der;
- size_t sz, dersz;
+ size_t dersz;
int rc = 0;
struct tal *tal = NULL;
EVP_PKEY *pkey = NULL;
@@ -147,16 +148,12 @@ tal_parse_buffer(const char *fn, char *b
/* sort uri lexicographically so https:// is preferred */
qsort(tal->uri, tal->urisz, sizeof(tal->uri[0]), tal_cmp);
- sz = strlen(buf);
- if (sz == 0) {
+ /* Now the BASE64-encoded public key. */
+ if ((base64_decode(buf, &der, &dersz)) == -1) {
warnx("%s: RFC 7730 section 2.1: subjectPublicKeyInfo: "
- "zero-length public key", fn);
+ "bad public key", fn);
goto out;
}
-
- /* Now the BASE64-encoded public key. */
- if ((base64_decode(buf, sz, &der, &dersz)) == -1)
- errx(1, "base64 decode");
tal->pkey = der;
tal->pkeysz = dersz;
