switch to mbedtls_pk_sigalg_t
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
diff --git a/include/mbedtls/x509_crl.h b/include/mbedtls/x509_crl.h
index e59d165..095cb5d 100644
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@@ -82,7 +82,7 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig_oid2);
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
- mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+ mbedtls_pk_sigalg_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
/** Next element in the linked list of CRL.
* \p NULL indicates the end of the list.
diff --git a/include/mbedtls/x509_crt.h b/include/mbedtls/x509_crt.h
index a3f0789..bf418a6 100644
--- a/include/mbedtls/x509_crt.h
+++ b/include/mbedtls/x509_crt.h
@@ -81,7 +81,7 @@
mbedtls_x509_buf MBEDTLS_PRIVATE(sig); /**< Signature: hash of the tbs part signed with the private key. */
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
- mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+ mbedtls_pk_sigalg_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
/** Next certificate in the linked list that constitutes the CA chain.
* \p NULL indicates the end of the list.
diff --git a/include/mbedtls/x509_csr.h b/include/mbedtls/x509_csr.h
index bed1c95..b115394 100644
--- a/include/mbedtls/x509_csr.h
+++ b/include/mbedtls/x509_csr.h
@@ -55,7 +55,7 @@
mbedtls_x509_buf sig_oid;
mbedtls_x509_buf MBEDTLS_PRIVATE(sig);
mbedtls_md_type_t MBEDTLS_PRIVATE(sig_md); /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
- mbedtls_pk_type_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
+ mbedtls_pk_sigalg_t MBEDTLS_PRIVATE(sig_pk); /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
}
mbedtls_x509_csr;
diff --git a/library/x509.c b/library/x509.c
index 03ca1b7..14f9ba5 100644
--- a/library/x509.c
+++ b/library/x509.c
@@ -717,16 +717,16 @@
* Get signature algorithm from alg OID and optional parameters
*/
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg)
+ mbedtls_md_type_t *md_alg, mbedtls_pk_sigalg_t *pk_alg)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
- if ((ret = mbedtls_x509_oid_get_sig_alg(sig_oid, md_alg, pk_alg)) != 0) {
+ if ((ret = mbedtls_x509_oid_get_sig_alg(sig_oid, md_alg, (mbedtls_pk_type_t*)pk_alg)) != 0) {
return MBEDTLS_ERROR_ADD(MBEDTLS_ERR_X509_UNKNOWN_SIG_ALG, ret);
}
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- if (*pk_alg == MBEDTLS_PK_RSASSA_PSS) {
+ if (*pk_alg == MBEDTLS_PK_SIGALG_RSA_PSS) {
mbedtls_md_type_t mgf1_hash_id;
int expected_salt_len;
@@ -1039,7 +1039,7 @@
* Helper for writing signature algorithms
*/
int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
- mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg)
+ mbedtls_pk_sigalg_t pk_alg, mbedtls_md_type_t md_alg)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
char *p = buf;
@@ -1055,7 +1055,7 @@
MBEDTLS_X509_SAFE_SNPRINTF;
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
- if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
+ if (pk_alg == MBEDTLS_PK_SIGALG_RSA_PSS) {
const char *name = md_type_to_string(md_alg);
if (name != NULL) {
ret = mbedtls_snprintf(p, n, " (%s)", name);
diff --git a/library/x509_create.c b/library/x509_create.c
index 09ac69d..370eb9b 100644
--- a/library/x509_create.c
+++ b/library/x509_create.c
@@ -646,7 +646,7 @@
int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
unsigned char *sig, size_t size,
- mbedtls_pk_type_t pk_alg)
+ mbedtls_pk_sigalg_t pk_alg)
{
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
int write_null_par;
@@ -672,7 +672,7 @@
// Write OID
//
- if (pk_alg == MBEDTLS_PK_ECDSA) {
+ if (pk_alg == MBEDTLS_PK_SIGALG_ECDSA) {
/*
* The AlgorithmIdentifier's parameters field must be absent for DSA/ECDSA signature
* algorithms, see https://www.rfc-editor.org/rfc/rfc5480#page-17 and
diff --git a/library/x509_crt.c b/library/x509_crt.c
index ac36a0f..ded1317 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -188,9 +188,9 @@
* Return 0 if pk_alg is acceptable for this profile, -1 otherwise
*/
static int x509_profile_check_pk_alg(const mbedtls_x509_crt_profile *profile,
- mbedtls_pk_type_t pk_alg)
+ mbedtls_pk_sigalg_t pk_alg)
{
- if (pk_alg == MBEDTLS_PK_NONE) {
+ if (pk_alg == MBEDTLS_PK_SIGALG_NONE) {
return -1;
}
@@ -2121,7 +2121,7 @@
}
/* Skip expensive computation on obvious mismatch */
- if (!mbedtls_pk_can_do(&parent->pk, child->sig_pk)) {
+ if (!mbedtls_pk_can_do(&parent->pk, (mbedtls_pk_type_t) child->sig_pk)) {
return -1;
}
@@ -3057,7 +3057,7 @@
/* Check the type and size of the key */
pk_type = mbedtls_pk_get_type(&crt->pk);
- if (x509_profile_check_pk_alg(profile, pk_type) != 0) {
+ if (x509_profile_check_pk_alg(profile, (mbedtls_pk_sigalg_t)pk_type) != 0) {
ee_flags |= MBEDTLS_X509_BADCERT_BAD_PK;
}
diff --git a/library/x509_internal.h b/library/x509_internal.h
index 8160270..b44b957 100644
--- a/library/x509_internal.h
+++ b/library/x509_internal.h
@@ -35,7 +35,7 @@
#endif
int mbedtls_x509_get_sig(unsigned char **p, const unsigned char *end, mbedtls_x509_buf *sig);
int mbedtls_x509_get_sig_alg(const mbedtls_x509_buf *sig_oid, const mbedtls_x509_buf *sig_params,
- mbedtls_md_type_t *md_alg, mbedtls_pk_type_t *pk_alg);
+ mbedtls_md_type_t *md_alg, mbedtls_pk_sigalg_t *pk_alg);
int mbedtls_x509_get_time(unsigned char **p, const unsigned char *end,
mbedtls_x509_time *t);
int mbedtls_x509_get_serial(unsigned char **p, const unsigned char *end,
@@ -44,7 +44,7 @@
mbedtls_x509_buf *ext, int tag);
#if !defined(MBEDTLS_X509_REMOVE_INFO)
int mbedtls_x509_sig_alg_gets(char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
- mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg);
+ mbedtls_pk_sigalg_t pk_alg, mbedtls_md_type_t md_alg);
#endif
int mbedtls_x509_key_size_helper(char *buf, size_t buf_size, const char *name);
int mbedtls_x509_set_extension(mbedtls_asn1_named_data **head, const char *oid, size_t oid_len,
@@ -57,7 +57,7 @@
int mbedtls_x509_write_sig(unsigned char **p, unsigned char *start,
const char *oid, size_t oid_len,
unsigned char *sig, size_t size,
- mbedtls_pk_type_t pk_alg);
+ mbedtls_pk_sigalg_t pk_alg);
int mbedtls_x509_get_ns_cert_type(unsigned char **p,
const unsigned char *end,
unsigned char *ns_cert_type);
diff --git a/library/x509write_crt.c b/library/x509write_crt.c
index 09c2328..93cdd2c 100644
--- a/library/x509write_crt.c
+++ b/library/x509write_crt.c
@@ -587,7 +587,7 @@
c2 = buf + size;
MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len, mbedtls_x509_write_sig(&c2, c,
sig_oid, sig_oid_len,
- sig, sig_len, pk_alg));
+ sig, sig_len, (mbedtls_pk_sigalg_t)pk_alg));
/*
* Memory layout after this step:
diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 88adf79..9040d63 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c
@@ -249,7 +249,7 @@
c2 = buf + size;
MBEDTLS_ASN1_CHK_ADD(sig_and_oid_len,
mbedtls_x509_write_sig(&c2, buf + len, sig_oid, sig_oid_len,
- sig, sig_len, pk_alg));
+ sig, sig_len, (mbedtls_pk_sigalg_t)pk_alg));
/*
* Compact the space between the CSR data and signature by moving the