Make sig_opts non-optional in X509 structures
This simplifies the code.
This commit is contained in:
Manuel Pégourié-Gonnard
parent
dddbb1d1eb
commit
bf696d030b
@ -1,7 +1,8 @@
|
|||||||
PolarSSL ChangeLog (Sorted per branch, date)
|
PolarSSL ChangeLog (Sorted per branch, date)
|
||||||
|
|
||||||
TODO: bump SOVERSION
|
TODO: bump SOVERSION for ABI change
|
||||||
(internal-but-not-static function x509_get_sig_alg() changed prototype)
|
(internal-but-not-static function x509_get_sig_alg() changed prototype)
|
||||||
|
(and various x509 structures got a new member)
|
||||||
|
|
||||||
= PolarSSL 1.3 branch
|
= PolarSSL 1.3 branch
|
||||||
Features
|
Features
|
||||||
|
|||||||
@ -223,16 +223,10 @@
|
|||||||
/**
|
/**
|
||||||
* \def POLARSSL_RSASSA_PSS_CERTIFICATES
|
* \def POLARSSL_RSASSA_PSS_CERTIFICATES
|
||||||
*
|
*
|
||||||
* Enable parsing and verification of X.509 certificates and CRLs signed with
|
* Enable parsing and verification of X.509 certificates, CRLs and CSRS
|
||||||
* RSASSA-PSS.
|
* signed with RSASSA-PSS (aka PKCS#1 v2.1).
|
||||||
*
|
*
|
||||||
* This is disabled by default since it breaks binary compatibility with the
|
* Comment this macro to disallow using RSASSA-PSS in certificates.
|
||||||
* 1.3.x line. If you choose to enable it, you will need to rebuild your
|
|
||||||
* application against the new header files, relinking will not be enough.
|
|
||||||
*
|
|
||||||
* TODO: actually disable it when done working on this branch ,)
|
|
||||||
*
|
|
||||||
* Uncomment this macro to allow using RSASSA-PSS in certificates.
|
|
||||||
*/
|
*/
|
||||||
#define POLARSSL_RSASSA_PSS_CERTIFICATES
|
#define POLARSSL_RSASSA_PSS_CERTIFICATES
|
||||||
|
|
||||||
|
|||||||
@ -93,9 +93,7 @@ typedef struct _x509_crl
|
|||||||
x509_buf sig;
|
x509_buf sig;
|
||||||
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
||||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||||
#endif
|
|
||||||
|
|
||||||
struct _x509_crl *next;
|
struct _x509_crl *next;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -93,9 +93,7 @@ typedef struct _x509_crt
|
|||||||
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
|
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
|
||||||
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
||||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||||
#endif
|
|
||||||
|
|
||||||
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
|
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
|
||||||
}
|
}
|
||||||
|
|||||||
@ -67,9 +67,7 @@ typedef struct _x509_csr
|
|||||||
x509_buf sig;
|
x509_buf sig;
|
||||||
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
|
||||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
x509_csr;
|
x509_csr;
|
||||||
|
|
||||||
|
|||||||
@ -626,11 +626,6 @@ int x509_crl_info( char *buf, size_t size, const char *prefix,
|
|||||||
size_t n;
|
size_t n;
|
||||||
char *p;
|
char *p;
|
||||||
const x509_crl_entry *entry;
|
const x509_crl_entry *entry;
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
const void *sig_opts = crl->sig_opts;
|
|
||||||
#else
|
|
||||||
const void *sig_opts = NULL;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
p = buf;
|
p = buf;
|
||||||
n = size;
|
n = size;
|
||||||
@ -687,7 +682,7 @@ int x509_crl_info( char *buf, size_t size, const char *prefix,
|
|||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
|
|
||||||
ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md,
|
ret = x509_sig_alg_gets( p, n, &crl->sig_oid1, crl->sig_pk, crl->sig_md,
|
||||||
sig_opts );
|
crl->sig_opts );
|
||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
|
|
||||||
ret = snprintf( p, n, "\n" );
|
ret = snprintf( p, n, "\n" );
|
||||||
|
|||||||
@ -1253,11 +1253,6 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
|||||||
size_t n;
|
size_t n;
|
||||||
char *p;
|
char *p;
|
||||||
char key_size_str[BEFORE_COLON];
|
char key_size_str[BEFORE_COLON];
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
const void *sig_opts = crt->sig_opts;
|
|
||||||
#else
|
|
||||||
const void *sig_opts = NULL;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
p = buf;
|
p = buf;
|
||||||
n = size;
|
n = size;
|
||||||
@ -1300,7 +1295,7 @@ int x509_crt_info( char *buf, size_t size, const char *prefix,
|
|||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
|
|
||||||
ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk,
|
ret = x509_sig_alg_gets( p, n, &crt->sig_oid1, crt->sig_pk,
|
||||||
crt->sig_md, sig_opts );
|
crt->sig_md, crt->sig_opts );
|
||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
|
|
||||||
/* Key size */
|
/* Key size */
|
||||||
|
|||||||
@ -366,11 +366,6 @@ int x509_csr_info( char *buf, size_t size, const char *prefix,
|
|||||||
size_t n;
|
size_t n;
|
||||||
char *p;
|
char *p;
|
||||||
char key_size_str[BEFORE_COLON];
|
char key_size_str[BEFORE_COLON];
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
const void *sig_opts = csr->sig_opts;
|
|
||||||
#else
|
|
||||||
const void *sig_opts = NULL;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
p = buf;
|
p = buf;
|
||||||
n = size;
|
n = size;
|
||||||
@ -388,7 +383,7 @@ int x509_csr_info( char *buf, size_t size, const char *prefix,
|
|||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
|
|
||||||
ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
|
ret = x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md,
|
||||||
sig_opts );
|
csr->sig_opts );
|
||||||
SAFE_SNPRINTF();
|
SAFE_SNPRINTF();
|
||||||
|
|
||||||
if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON,
|
if( ( ret = x509_key_size_helper( key_size_str, BEFORE_COLON,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user