lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-12-14 02:22:15 +03:00
Code Activity

x509: replace usage of mbedtls_pk_can_do() with mbedtls_pk_get_key_type()

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
2025-12-02 09:40:28 +01:00
parent 902467d62f
commit 9eb5b2a146
2 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
library/x509write_crt.c
View File

@@ -392,6 +392,7 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
unsigned char hash[MBEDTLS_MD_MAX_SIZE];
psa_status_t status = PSA_ERROR_CORRUPTION_DETECTED;
psa_algorithm_t psa_algorithm;
psa_key_type_t key_type = mbedtls_pk_get_key_type(ctx->issuer_key);
size_t sub_len = 0, pub_len = 0, sig_and_oid_len = 0, sig_len;
size_t len = 0;
@@ -407,9 +408,9 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
/* There's no direct way of extracting a signature algorithm
* (represented as an element of mbedtls_pk_type_t) from a PK instance. */
if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_RSA)) {
if (PSA_KEY_TYPE_IS_RSA(key_type)) {
pk_alg = MBEDTLS_PK_SIGALG_RSA_PKCS1V15;
} else if (mbedtls_pk_can_do(ctx->issuer_key, MBEDTLS_PK_ECDSA)) {
} else if (PSA_KEY_TYPE_IS_ECC(key_type)) {
pk_alg = MBEDTLS_PK_SIGALG_ECDSA;
} else {
return MBEDTLS_ERR_X509_INVALID_ALG;

5
library/x509write_csr.c
View File

@@ -144,6 +144,7 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
mbedtls_pk_sigalg_t pk_alg;
size_t hash_len;
psa_algorithm_t hash_alg = mbedtls_md_psa_alg_from_type(ctx->md_alg);
psa_key_type_t key_type = mbedtls_pk_get_key_type(ctx->key);
/* Write the CSR backwards starting from the end of buf */
c = buf + size;
@@ -217,9 +218,9 @@ static int x509write_csr_der_internal(mbedtls_x509write_csr *ctx,
return MBEDTLS_ERR_PLATFORM_HW_ACCEL_FAILED;
}
if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_RSA)) {
if (PSA_KEY_TYPE_IS_RSA(key_type)) {
pk_alg = MBEDTLS_PK_SIGALG_RSA_PKCS1V15;
} else if (mbedtls_pk_can_do(ctx->key, MBEDTLS_PK_ECDSA)) {
} else if (PSA_KEY_TYPE_IS_ECC(key_type)) {
pk_alg = MBEDTLS_PK_SIGALG_ECDSA;
} else {
return MBEDTLS_ERR_X509_INVALID_ALG;