Prepare transition from x509_cert.rsa to pk

2013-07-10 14:32:58 +02:00 · 2013-07-10 14:32:58 +02:00 · 674b2243eb
commit 674b2243eb
parent a155513e7b
2 changed files with 15 additions and 17 deletions
--- a/include/polarssl/x509.h
+++ b/include/polarssl/x509.h
@ -211,7 +211,8 @@ typedef struct _x509_cert
    x509_time valid_from;       /**< Start time of certificate validity. */
    x509_time valid_to;         /**< End time of certificate validity. */

-    rsa_context rsa;            /**< Container for the RSA context. Only RSA is supported for public keys at this time. */
+    pk_context pk;              /**< Container for the public key context. */
+    rsa_context rsa;            /**< Container for the RSA context. Kept for compatibility while transitioning to generic PK */

    x509_buf issuer_id;         /**< Optional X.509 v2/v3 issuer unique identifier. */
    x509_buf subject_id;        /**< Optional X.509 v2/v3 subject unique identifier. */
--- a/library/x509parse.c
+++ b/library/x509parse.c
@ -637,21 +637,6 @@ static int x509_get_pubkey( unsigned char **p,
    return( ret );
 }

-/*
- * Get an RSA public key (compatibility wrapper)
- */
-static int x509_get_pubkey_rsa( unsigned char **p,
-                                const unsigned char *end,
-                                rsa_context *rsa )
-{
-    pk_context pk_ctx;
-
-    pk_init( &pk_ctx );
-    pk_wrap_rsa( &pk_ctx, rsa );
-
-    return( x509_get_pubkey( p, end, &pk_ctx ) );
-}
-
 static int x509_get_sig( unsigned char **p,
                         const unsigned char *end,
                         x509_buf *sig )
@ -1416,12 +1401,23 @@ static int x509parse_crt_der_core( x509_cert *crt, const unsigned char *buf,
    /*
     * SubjectPublicKeyInfo
     */
-    if( ( ret = x509_get_pubkey_rsa( &p, end, &crt->rsa ) ) != 0 )
+    if( ( ret = x509_get_pubkey( &p, end, &crt->pk ) ) != 0 )
    {
        x509_free( crt );
        return( ret );
    }

+    /*
+     * Temporary hack for compatibility while transitioning to PK abstraction
+     * (Cannot use rsa_wrap above since it would force RSA key type.)
+     */
+    if( crt->pk.type == POLARSSL_PK_RSA ) {
+        memcpy( &crt->rsa, pk_rsa( crt->pk ), sizeof( rsa_context ) );
+        free( crt->pk.data );
+        crt->pk.data = &crt->rsa;
+        crt->pk.dont_free = 1;
+    }
+
    /*
     *  issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL,
     *                       -- If present, version shall be v2 or v3
@ -3969,6 +3965,7 @@ void x509_free( x509_cert *crt )

    do
    {
+        pk_free( &cert_cur->pk );
        rsa_free( &cert_cur->rsa );

        name_cur = cert_cur->issuer.next;