Complete x509write_csr support for EC key No automated test yet (complicated by the fact that ECDSA signatures are not deterministic), tested using cert_req (and openssl for verification).

commit: 0088c69fbf30a1f4d18e83378641f25bb71d1237 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Thu Sep 12 02:38:04 2013 +0200
committer: Paul Bakker <p.j.bakker@polarssl.org> Thu Sep 12 11:57:01 2013 +0200
tree: 0f7e3f0e56854f35d945462d86e51dc7c2dd3e6f
parent: edda9041fc8d062922234b51bced3d454eda49ff [diff] [blame]
diff --git a/library/x509write.c b/library/x509write.c
index 4eaeb51..e769edb 100644
--- a/library/x509write.c
+++ b/library/x509write.c

@@ -779,6 +779,7 @@
     unsigned char tmp_buf[2048];
     size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
     size_t len = 0;
+    pk_type_t pk_alg;
 
     /*
      * Prepare data to be signed in tmp_buf
@@ -828,9 +829,13 @@
      */
     md( md_info_from_type( ctx->md_alg ), c, len, hash );
 
+    pk_alg = pk_get_type( ctx->key );
+    if( pk_alg == POLARSSL_PK_ECKEY )
+        pk_alg = POLARSSL_PK_ECDSA;
+
     if( ( ret = pk_sign( ctx->key, ctx->md_alg, hash, 0, sig, &sig_len,
                          f_rng, p_rng ) ) != 0 ||
-        ( ret = oid_get_oid_by_sig_alg( pk_get_type( ctx->key ), ctx->md_alg,
+        ( ret = oid_get_oid_by_sig_alg( pk_alg, ctx->md_alg,
                                         &sig_oid, &sig_oid_len ) ) != 0 )
     {
         return( ret );
commit	0088c69fbf30a1f4d18e83378641f25bb71d1237	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Thu Sep 12 02:38:04 2013 +0200
committer	Paul Bakker <p.j.bakker@polarssl.org>	Thu Sep 12 11:57:01 2013 +0200
tree	0f7e3f0e56854f35d945462d86e51dc7c2dd3e6f
parent	edda9041fc8d062922234b51bced3d454eda49ff [diff] [blame]