Commit 5cac5834 authored by Manuel Pégourié-Gonnard's avatar Manuel Pégourié-Gonnard
Browse files

Factor out some common code

parent 41cae8e1
PolarSSL ChangeLog (Sorted per branch, date)
TODO: bump SOVERSION
(internal-but-not-static function x509_get_sig_alg() changed prototype)
= PolarSSL 1.3 branch
Features
* Support for the Koblitz curves: secp192k1, secp224k1, secp256k1
......
......@@ -262,8 +262,8 @@ int x509_get_rsassa_pss_params( const x509_buf *params,
int *salt_len, int *trailer_field );
#endif
int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig );
int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
pk_type_t *pk_alg );
int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
md_type_t *md_alg, pk_type_t *pk_alg );
int x509_get_time( unsigned char **p, const unsigned char *end,
x509_time *time );
int x509_get_serial( unsigned char **p, const unsigned char *end,
......
......@@ -542,14 +542,39 @@ int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig )
return( 0 );
}
int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
pk_type_t *pk_alg )
/*
* Get signature algorithm from alg OID and optional parameters
*/
int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
md_type_t *md_alg, pk_type_t *pk_alg )
{
int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg );
int ret;
if( ret != 0 )
if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret );
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( *pk_alg == POLARSSL_PK_RSASSA_PSS )
{
int salt_len, trailer_field;
md_type_t mgf_md;
/* Make sure params are valid */
ret = x509_get_rsassa_pss_params( sig_params,
md_alg, &mgf_md, &salt_len, &trailer_field );
if( ret != 0 )
return( ret );
}
else
#endif
{
/* Make sure parameters are absent or NULL */
if( ( sig_params->tag != ASN1_NULL && sig_params->tag != 0 ) ||
sig_params->len != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG );
}
return( 0 );
}
......
......@@ -391,35 +391,16 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
}
if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md,
&crl->sig_pk ) ) != 0 )
if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params,
&crl->sig_md, &crl->sig_pk ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( crl->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
int salt_len, trailer_field;
md_type_t mgf_md;
/* Make sure params are valid */
ret = x509_get_rsassa_pss_params( &sig_params,
&crl->sig_md, &mgf_md, &salt_len, &trailer_field );
if( ret != 0 )
return( ret );
memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) );
}
else
memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) );
#endif
{
/* Make sure parameters are absent or NULL */
if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
sig_params.len != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG );
}
/*
* issuer Name
......
......@@ -610,35 +610,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
}
if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
&crt->sig_pk ) ) != 0 )
if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params,
&crt->sig_md, &crt->sig_pk ) ) != 0 )
{
x509_crt_free( crt );
return( ret );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
int salt_len, trailer_field;
md_type_t mgf_md;
/* Make sure params are valid */
ret = x509_get_rsassa_pss_params( &sig_params,
&crt->sig_md, &mgf_md, &salt_len, &trailer_field );
if( ret != 0 )
return( ret );
memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
}
else
memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
#endif
{
/* Make sure parameters are absent or NULL */
if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
sig_params.len != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG );
}
/*
* issuer Name
......
......@@ -250,35 +250,16 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
return( ret );
}
if( ( ret = x509_get_sig_alg( &csr->sig_oid, &csr->sig_md,
&csr->sig_pk ) ) != 0 )
if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params,
&csr->sig_md, &csr->sig_pk ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( csr->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
int salt_len, trailer_field;
md_type_t mgf_md;
/* Make sure params are valid */
ret = x509_get_rsassa_pss_params( &sig_params,
&csr->sig_md, &mgf_md, &salt_len, &trailer_field );
if( ret != 0 )
return( ret );
memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) );
}
else
memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) );
#endif
{
/* Make sure parameters are absent or NULL */
if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
sig_params.len != 0 )
return( POLARSSL_ERR_X509_INVALID_ALG );
}
if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 )
{
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment