Factor out some common code
diff --git a/library/x509.c b/library/x509.c
index 48c11ef..3e93c3a 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -547,14 +547,39 @@
return( 0 );
}
-int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
- pk_type_t *pk_alg )
+/*
+ * Get signature algorithm from alg OID and optional parameters
+ */
+int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
+ md_type_t *md_alg, pk_type_t *pk_alg )
{
- int ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg );
+ int ret;
- if( ret != 0 )
+ if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret );
+#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
+ if( *pk_alg == POLARSSL_PK_RSASSA_PSS )
+ {
+ int salt_len, trailer_field;
+ md_type_t mgf_md;
+
+ /* Make sure params are valid */
+ ret = x509_get_rsassa_pss_params( sig_params,
+ md_alg, &mgf_md, &salt_len, &trailer_field );
+ if( ret != 0 )
+ return( ret );
+
+ }
+ else
+#endif
+ {
+ /* Make sure parameters are absent or NULL */
+ if( ( sig_params->tag != ASN1_NULL && sig_params->tag != 0 ) ||
+ sig_params->len != 0 )
+ return( POLARSSL_ERR_X509_INVALID_ALG );
+ }
+
return( 0 );
}
diff --git a/library/x509_crl.c b/library/x509_crl.c
index 6c9ec59..f2bd0c1 100644
--- a/library/x509_crl.c
+++ b/library/x509_crl.c
@@ -397,35 +397,16 @@
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
}
- if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &crl->sig_md,
- &crl->sig_pk ) ) != 0 )
+ if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params,
+ &crl->sig_md, &crl->sig_pk ) ) != 0 )
{
x509_crl_free( crl );
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
- if( crl->sig_pk == POLARSSL_PK_RSASSA_PSS )
- {
- int salt_len, trailer_field;
- md_type_t mgf_md;
-
- /* Make sure params are valid */
- ret = x509_get_rsassa_pss_params( &sig_params,
- &crl->sig_md, &mgf_md, &salt_len, &trailer_field );
- if( ret != 0 )
- return( ret );
-
- memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) );
- }
- else
+ memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) );
#endif
- {
- /* Make sure parameters are absent or NULL */
- if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
- sig_params.len != 0 )
- return( POLARSSL_ERR_X509_INVALID_ALG );
- }
/*
* issuer Name
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 6b92688..3fda864 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -615,35 +615,16 @@
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
}
- if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &crt->sig_md,
- &crt->sig_pk ) ) != 0 )
+ if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params,
+ &crt->sig_md, &crt->sig_pk ) ) != 0 )
{
x509_crt_free( crt );
return( ret );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
- if( crt->sig_pk == POLARSSL_PK_RSASSA_PSS )
- {
- int salt_len, trailer_field;
- md_type_t mgf_md;
-
- /* Make sure params are valid */
- ret = x509_get_rsassa_pss_params( &sig_params,
- &crt->sig_md, &mgf_md, &salt_len, &trailer_field );
- if( ret != 0 )
- return( ret );
-
- memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
- }
- else
+ memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
#endif
- {
- /* Make sure parameters are absent or NULL */
- if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
- sig_params.len != 0 )
- return( POLARSSL_ERR_X509_INVALID_ALG );
- }
/*
* issuer Name
diff --git a/library/x509_csr.c b/library/x509_csr.c
index 3118c0a..a0d4c36 100644
--- a/library/x509_csr.c
+++ b/library/x509_csr.c
@@ -254,35 +254,16 @@
return( ret );
}
- if( ( ret = x509_get_sig_alg( &csr->sig_oid, &csr->sig_md,
- &csr->sig_pk ) ) != 0 )
+ if( ( ret = x509_get_sig_alg( &csr->sig_oid, &sig_params,
+ &csr->sig_md, &csr->sig_pk ) ) != 0 )
{
x509_csr_free( csr );
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
- if( csr->sig_pk == POLARSSL_PK_RSASSA_PSS )
- {
- int salt_len, trailer_field;
- md_type_t mgf_md;
-
- /* Make sure params are valid */
- ret = x509_get_rsassa_pss_params( &sig_params,
- &csr->sig_md, &mgf_md, &salt_len, &trailer_field );
- if( ret != 0 )
- return( ret );
-
- memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) );
- }
- else
+ memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) );
#endif
- {
- /* Make sure parameters are absent or NULL */
- if( ( sig_params.tag != ASN1_NULL && sig_params.tag != 0 ) ||
- sig_params.len != 0 )
- return( POLARSSL_ERR_X509_INVALID_ALG );
- }
if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 )
{