lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-11-15 15:21:08 +03:00
Code Activity

Update mbedtls_pk_sign_ext in x509write_crt.c to use mbedtls_pk_sigalg_t directly and remove casts

Browse Source 
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
This commit is contained in:
Ben Taylor
2025-10-30 15:11:09 +00:00
parent 5f037c7fb3
commit 00b04a6590
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
library/x509write_crt.c
View File

@@ -396,7 +396,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len; size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0; size_t len = 0;
mbedtls_pk_type_t pk_alg; mbedtls_pk_sigalg_t pk_alg;
int write_sig_null_par; int write_sig_null_par;
/* /*
@@ -409,9 +409,9 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
/* There's no direct way of extracting a signature algorithm /* There's no direct way of extracting a signature algorithm
* (represented as an element of mbedtls_pk_type_t) from a PK instance. */ * (represented as an element of mbedtls_pk_type_t) from a PK instance. */
if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_RSA)) { if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_RSA)) {
pk_alg = MBEDTLS_PK_RSA; pk_alg = MBEDTLS_PK_SIGALG_RSA_PKCS1V15;
} else if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_ECDSA)) { } else if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_ECDSA)) {
pk_alg = MBEDTLS_PK_ECDSA; pk_alg = MBEDTLS_PK_SIGALG_ECDSA;
} else { } else {
return MBEDTLS_ERR_X509_INVALID_ALG; return MBEDTLS_ERR_X509_INVALID_ALG;
} }
@@ -489,7 +489,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
/* /*
* Signature ::= AlgorithmIdentifier * Signature ::= AlgorithmIdentifier
*/ */
if (pk_alg == MBEDTLS_PK_ECDSA) { if (pk_alg == MBEDTLS_PK_SIGALG_ECDSA) {
/* /*
* The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature * The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature
* algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and * algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and
@@ -571,7 +571,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
} }
if ((ret = mbedtls_pk_sign_ext((mbedtls_pk_sigalg_t) pk_alg, ctx->issuer_key, ctx->md_alg, if ((ret = mbedtls_pk_sign_ext(pk_alg, ctx->issuer_key, ctx->md_alg,
hash, hash_length, sig, sizeof(sig), &sig_len)) != 0) { hash, hash_length, sig, sizeof(sig), &sig_len)) != 0) {
return ret; return ret;
} }
@@ -588,7 +588,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c, MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c,
sig_oid, sig_oid_len, sig_oid, sig_oid_len,
sig, sig_len, sig, sig_len,
(mbedtls_pk_sigalg_t) pk_alg)); pk_alg));
/* /*
* Memory layout after this step: * Memory layout after this step: