1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-05 10:58:05 -05:00

openssl: don't try to print nonexistant peer private keys

X.509 certificates carry public keys, not private keys. Fields
corresponding to the private half of the key will always be NULL.

Closes #1425
This commit is contained in:
David Benjamin 2017-04-17 10:20:26 -04:00 committed by Daniel Stenberg
parent 1c92b5b609
commit 997504ea50

View File

@ -2628,38 +2628,18 @@ static CURLcode get_cert_chain(struct connectdata *conn,
{ {
const BIGNUM *n; const BIGNUM *n;
const BIGNUM *e; const BIGNUM *e;
const BIGNUM *d;
const BIGNUM *p;
const BIGNUM *q;
const BIGNUM *dmp1;
const BIGNUM *dmq1;
const BIGNUM *iqmp;
RSA_get0_key(rsa, &n, &e, &d); RSA_get0_key(rsa, &n, &e, NULL);
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
BN_print(mem, n); BN_print(mem, n);
push_certinfo("RSA Public Key", i); push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i); print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i); print_pubkey_BN(rsa, e, i);
print_pubkey_BN(rsa, d, i);
print_pubkey_BN(rsa, p, i);
print_pubkey_BN(rsa, q, i);
print_pubkey_BN(rsa, dmp1, i);
print_pubkey_BN(rsa, dmq1, i);
print_pubkey_BN(rsa, iqmp, i);
} }
#else #else
BIO_printf(mem, "%d", BN_num_bits(rsa->n)); BIO_printf(mem, "%d", BN_num_bits(rsa->n));
push_certinfo("RSA Public Key", i); push_certinfo("RSA Public Key", i);
print_pubkey_BN(rsa, n, i); print_pubkey_BN(rsa, n, i);
print_pubkey_BN(rsa, e, i); print_pubkey_BN(rsa, e, i);
print_pubkey_BN(rsa, d, i);
print_pubkey_BN(rsa, p, i);
print_pubkey_BN(rsa, q, i);
print_pubkey_BN(rsa, dmp1, i);
print_pubkey_BN(rsa, dmq1, i);
print_pubkey_BN(rsa, iqmp, i);
#endif #endif
break; break;
@ -2678,23 +2658,20 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *p; const BIGNUM *p;
const BIGNUM *q; const BIGNUM *q;
const BIGNUM *g; const BIGNUM *g;
const BIGNUM *priv_key;
const BIGNUM *pub_key; const BIGNUM *pub_key;
DSA_get0_pqg(dsa, &p, &q, &g); DSA_get0_pqg(dsa, &p, &q, &g);
DSA_get0_key(dsa, &pub_key, &priv_key); DSA_get0_key(dsa, &pub_key, NULL);
print_pubkey_BN(dsa, p, i); print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i); print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i); print_pubkey_BN(dsa, g, i);
print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i); print_pubkey_BN(dsa, pub_key, i);
} }
#else #else
print_pubkey_BN(dsa, p, i); print_pubkey_BN(dsa, p, i);
print_pubkey_BN(dsa, q, i); print_pubkey_BN(dsa, q, i);
print_pubkey_BN(dsa, g, i); print_pubkey_BN(dsa, g, i);
print_pubkey_BN(dsa, priv_key, i);
print_pubkey_BN(dsa, pub_key, i); print_pubkey_BN(dsa, pub_key, i);
#endif #endif
#endif /* !OPENSSL_NO_DSA */ #endif /* !OPENSSL_NO_DSA */
@ -2713,20 +2690,17 @@ static CURLcode get_cert_chain(struct connectdata *conn,
const BIGNUM *p; const BIGNUM *p;
const BIGNUM *q; const BIGNUM *q;
const BIGNUM *g; const BIGNUM *g;
const BIGNUM *priv_key;
const BIGNUM *pub_key; const BIGNUM *pub_key;
DH_get0_pqg(dh, &p, &q, &g); DH_get0_pqg(dh, &p, &q, &g);
DH_get0_key(dh, &pub_key, &priv_key); DH_get0_key(dh, &pub_key, NULL);
print_pubkey_BN(dh, p, i); print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, q, i); print_pubkey_BN(dh, q, i);
print_pubkey_BN(dh, g, i); print_pubkey_BN(dh, g, i);
print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i); print_pubkey_BN(dh, pub_key, i);
} }
#else #else
print_pubkey_BN(dh, p, i); print_pubkey_BN(dh, p, i);
print_pubkey_BN(dh, g, i); print_pubkey_BN(dh, g, i);
print_pubkey_BN(dh, priv_key, i);
print_pubkey_BN(dh, pub_key, i); print_pubkey_BN(dh, pub_key, i);
#endif #endif
break; break;