Add function to check if a string is a PKCS#11 URI

The function checks if the string begins with "pkcs11:".
curl · Mar 7, 2018 · 7c6f013 · 7c6f013
1 parent 8ec6ffc
commit 7c6f013
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 10 deletions.
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
@@ -532,6 +532,20 @@ static int ssl_ui_writer(UI *ui, UI_STRING *uis)
   }
   return (UI_method_get_writer(UI_OpenSSL()))(ui, uis);
 }
+
+/*
+ * Check if a given string is a PKCS#11 URI
+ */
+static bool is_pkcs11_uri(const char *string)
+{
+  if(!strncmp(string, "pkcs11:", 7)) {
+    return TRUE;
+  }
+  else {
+    return FALSE;
+  }
+}
+
 #endif
 
 static CURLcode Curl_ossl_set_engine(struct Curl_easy *data,
@@ -602,7 +616,7 @@ int cert_stuff(struct connectdata *conn,
         /* Implicitly use pkcs11 engine if none was provided and the
          * cert_file is a PKCS#11 URI */
         if(!data->state.engine) {
-          if(!strncmp(cert_file, "pkcs11:", 7)) {
+          if(is_pkcs11_uri(cert_file)) {
             if(Curl_ossl_set_engine(data, "pkcs11") != CURLE_OK) {
               return 0;
             }
@@ -779,7 +793,7 @@ int cert_stuff(struct connectdata *conn,
         /* Implicitly use pkcs11 engine if none was provided and the
          * key_file is a PKCS#11 URI */
         if(!data->state.engine) {
-          if(!strncmp(key_file, "pkcs11:", 7)) {
+          if(is_pkcs11_uri(key_file)) {
             if(Curl_ossl_set_engine(data, "pkcs11") != CURLE_OK) {
               return 0;
             }

diff --git a/src/tool_operate.c b/src/tool_operate.c
@@ -113,6 +113,19 @@ static bool is_fatal_error(CURLcode code)
   return FALSE;
 }
 
+/*
+ * Check if a given string is a PKCS#11 URI
+ */
+static bool is_pkcs11_uri(const char *string)
+{
+  if(!strncmp(string, "pkcs11:", 7)) {
+    return TRUE;
+  }
+  else {
+    return FALSE;
+  }
+}
+
 #ifdef __VMS
 /*
  * get_vms_file_size does what it takes to get the real size of the file
@@ -1060,8 +1073,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
           /* Check if config->cert is a PKCS#11 URI and set the
            * config->cert_type if necessary */
           if(config->cert) {
-            if(!strncmp(config->cert, "pkcs11:", 7)) {
-              if(!config->cert_type) {
+            if(!config->cert_type) {
+              if(is_pkcs11_uri(config->cert)) {
                 config->cert_type = strdup("ENG");
               }
             }
@@ -1070,8 +1083,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
           /* Check if config->key is a PKCS#11 URI and set the
            * config->key_type if necessary */
           if(config->key) {
-            if(!strncmp(config->key, "pkcs11:", 7)) {
-              if(!config->key_type) {
+            if(!config->key_type) {
+              if(is_pkcs11_uri(config->key)) {
                 config->key_type = strdup("ENG");
               }
             }
@@ -1080,8 +1093,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
           /* Check if config->proxy_cert is a PKCS#11 URI and set the
            * config->proxy_type if necessary */
           if(config->proxy_cert) {
-            if(!strncmp(config->proxy_cert, "pkcs11:", 7)) {
-              if(!config->proxy_cert_type) {
+            if(!config->proxy_cert_type) {
+              if(is_pkcs11_uri(config->proxy_cert)) {
                 config->proxy_cert_type = strdup("ENG");
               }
             }
@@ -1090,8 +1103,8 @@ static CURLcode operate_do(struct GlobalConfig *global,
           /* Check if config->proxy_key is a PKCS#11 URI and set the
            * config->proxy_key_type if necessary */
           if(config->proxy_key) {
-            if(!strncmp(config->proxy_key, "pkcs11:", 7)) {
-              if(!config->proxy_key_type) {
+            if(!config->proxy_key_type) {
+              if(is_pkcs11_uri(config->proxy_key)) {
                 config->proxy_key_type = strdup("ENG");
               }
             }