commit d73b3c13bed9d9ff32a29ad6cdd1d8275c265ce2
author Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Aug 12 17:06:05 2013 +0200
committer Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue Aug 20 20:46:03 2013 +0200
tree 3ad3e842f3ffbf318fd5beaf452d169d6355c5c0
parent f499993cb289964ab052b702951b1e248d7a875b

PK: use wrappers and function pointers for verify

library/x509parse.c

diff --git a/library/x509parse.c b/library/x509parse.c
index b686403..15823bd 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -3348,8 +3348,8 @@
         if( crl_list->sig_pk == POLARSSL_PK_RSA )
         {
             if( ca->pk.type != POLARSSL_PK_RSA ||
-                rsa_pkcs1_verify( pk_rsa( ca->pk ), RSA_PUBLIC,
-                        crl_list->sig_md, 0, hash, crl_list->sig.p ) != 0 )
+                ca->pk.info->verify_func( ca->pk.data,
+                    hash, md_info, crl_list->sig.p, crl_list->sig.len ) != 0 )
             {
                 flags |= BADCRL_NOT_TRUSTED;
                 break;
@@ -3361,10 +3361,8 @@
         if( crl_list->sig_pk == POLARSSL_PK_ECDSA )
         {
             if( ! pk_can_ecdsa( ca->pk ) ||
-                pk_ec_to_ecdsa( &ca->pk ) != 0 ||
-                ecdsa_read_signature( (ecdsa_context *) ca->pk.data,
-                        hash, md_info->size,
-                        crl_list->sig.p, crl_list->sig.len ) != 0 )
+                ca->pk.info->verify_func( ca->pk.data,
+                    hash, md_info, crl_list->sig.p, crl_list->sig.len ) != 0 )
             {
                 flags |= BADCRL_NOT_TRUSTED;
                 break;
@@ -3487,8 +3485,8 @@
         if( child->sig_pk == POLARSSL_PK_RSA )
         {
             if( trust_ca->pk.type != POLARSSL_PK_RSA ||
-                rsa_pkcs1_verify( pk_rsa( trust_ca->pk ), RSA_PUBLIC,
-                        child->sig_md, 0, hash, child->sig.p ) != 0 )
+                trust_ca->pk.info->verify_func( trust_ca->pk.data,
+                        hash, md_info, child->sig.p, child->sig.len ) != 0 )
             {
                 trust_ca = trust_ca->next;
                 continue;
@@ -3500,10 +3498,8 @@
         if( child->sig_pk == POLARSSL_PK_ECDSA )
         {
             if( ! pk_can_ecdsa( trust_ca->pk ) ||
-                pk_ec_to_ecdsa( &trust_ca->pk ) != 0 ||
-                ecdsa_read_signature( (ecdsa_context *) trust_ca->pk.data,
-                        hash, md_info->size,
-                        child->sig.p, child->sig.len ) != 0 )
+                trust_ca->pk.info->verify_func( trust_ca->pk.data,
+                        hash, md_info, child->sig.p, child->sig.len ) != 0 )
             {
                 trust_ca = trust_ca->next;
                 continue;
@@ -3586,8 +3582,8 @@
         if( child->sig_pk == POLARSSL_PK_RSA )
         {
             if( parent->pk.type != POLARSSL_PK_RSA ||
-                rsa_pkcs1_verify( pk_rsa( parent->pk ), RSA_PUBLIC,
-                        child->sig_md, 0, hash, child->sig.p ) != 0 )
+                parent->pk.info->verify_func( parent->pk.data,
+                        hash, md_info, child->sig.p, child->sig.len ) != 0 )
             {
                 *flags |= BADCERT_NOT_TRUSTED;
             }
@@ -3598,10 +3594,8 @@
         if( child->sig_pk == POLARSSL_PK_ECDSA )
         {
             if( ! pk_can_ecdsa( parent->pk ) ||
-                pk_ec_to_ecdsa( &parent->pk ) != 0 ||
-                ecdsa_read_signature( (ecdsa_context *) parent->pk.data,
-                        hash, md_info->size,
-                        child->sig.p, child->sig.len ) != 0 )
+                parent->pk.info->verify_func( parent->pk.data,
+                        hash, md_info, child->sig.p, child->sig.len ) != 0 )
             {
                 *flags |= BADCERT_NOT_TRUSTED;
             }