eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Revert "Merged RSA-PSS support in Certificate, CSR and CRL"

Browse source 
This reverts commit ab50d8d30c, reversing
changes made to e31b1d992a.
This commit is contained in:
Manuel Pégourié-Gonnard 2014-02-12 09:39:59 +01:00
parent 6df09578bb
commit c9093085ed
37 changed files with 40 additions and 832 deletions
Download patch file Download diff file Expand all files Collapse all files

10
include/polarssl/asn1.h
View file

@ -93,13 +93,9 @@
/** Returns the size of the binary string, without the trailing \\0 */
#define OID_SIZE(x) (sizeof(x) - 1)
/**
* Compares an asn1_buf structure to a reference OID.
*
* Only works for 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a
* 'unsigned char *oid' here!
*
* Warning: returns true when the OIDs are equal (unlike memcmp)!
/** Compares two asn1_buf structures for the same OID. Only works for
* 'defined' oid_str values (OID_HMAC_SHA1), you cannot use a 'unsigned
* char *oid' here!
*/
#define OID_CMP(oid_str, oid_buf) \
( ( OID_SIZE(oid_str) == (oid_buf)->len ) && \

21
include/polarssl/config.h
View file

@ -202,22 +202,6 @@
//#define POLARSSL_SHA256_ALT
//#define POLARSSL_SHA512_ALT
/**
* \def POLARSSL_RSASSA_PSS_CERTIFICATES
*
* Enable parsing and verification of X.509 certificates and CRLs signed with
* RSASSA-PSS.
*
* This is disabled by default since it breaks binary compatibility with the
* 1.3.x line. If you choose to enable it, you will need to rebuild your
* application against the new header files, relinking will not be enough.
*
* TODO: actually disable it when done working on this branch ,)
*
* Uncomment this macro to allow using RSASSA-PSS in certificates.
*/
#define POLARSSL_RSASSA_PSS_CERTIFICATES
/**
* \def POLARSSL_AES_ROM_TABLES
*
@ -2224,11 +2208,6 @@
#error "POLARSSL_RSA_C defined, but not all prerequisites"
#endif
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES) && \
( !defined(POLARSSL_RSA_C) || !defined(POLARSSL_PKCS1_V21) )
#error "POLARSSL_RSASSA_PSS_CERTIFICATES defined, but not all prerequisites"
#endif
#if defined(POLARSSL_SSL_PROTO_SSL3) && ( !defined(POLARSSL_MD5_C) || \
!defined(POLARSSL_SHA1_C) )
#error "POLARSSL_SSL_PROTO_SSL3 defined, but not all prerequisites"

4
include/polarssl/oid.h
View file

@ -193,10 +193,6 @@
#define OID_PKCS9_EMAIL OID_PKCS9 "\x01" /**< emailAddress AttributeType ::= { pkcs-9 1 } */
/* RFC 4055 */
#define OID_RSASSA_PSS OID_PKCS1 "\x0a" /**< id-RSASSA-PSS ::= { pkcs-1 10 } */
#define OID_MGF1 OID_PKCS1 "\x08" /**< id-mgf1 ::= { pkcs-1 8 } */
/*
* Digest algorithms
*/

1
include/polarssl/pk.h
View file

@ -94,7 +94,6 @@ typedef enum {
POLARSSL_PK_ECKEY_DH,
POLARSSL_PK_ECDSA,
POLARSSL_PK_RSA_ALT,
POLARSSL_PK_RSASSA_PSS,
} pk_type_t;
/**

13
include/polarssl/x509.h
View file

@ -254,16 +254,9 @@ int x509_get_name( unsigned char **p, const unsigned char *end,
x509_name *cur );
int x509_get_alg_null( unsigned char **p, const unsigned char *end,
x509_buf *alg );
int x509_get_alg( unsigned char **p, const unsigned char *end,
x509_buf *alg, x509_buf *params );
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
int x509_get_rsassa_pss_params( const x509_buf *params,
md_type_t *md_alg, md_type_t *mgf_md,
int *salt_len, int *trailer_field );
#endif
int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig );
int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
md_type_t *md_alg, pk_type_t *pk_alg );
int x509_get_sig_alg( const x509_buf *sig_oid, md_type_t *md_alg,
pk_type_t *pk_alg );
int x509_get_time( unsigned char **p, const unsigned char *end,
x509_time *time );
int x509_get_serial( unsigned char **p, const unsigned char *end,
@ -271,8 +264,6 @@ int x509_get_serial( unsigned char **p, const unsigned char *end,
int x509_get_ext( unsigned char **p, const unsigned char *end,
x509_buf *ext, int tag );
int x509_load_file( const char *path, unsigned char **buf, size_t *n );
int x509_sig_alg_gets( char *buf, size_t size, const x509_buf *sig_oid,
pk_type_t pk_alg, const x509_buf *sig_params );
int x509_key_size_helper( char *buf, size_t size, const char *name );
int x509_string_to_names( asn1_named_data **head, const char *name );
int x509_set_extension( asn1_named_data **head, const char *oid, size_t oid_len, int critical, const unsigned char *val, size_t val_len );

3
include/polarssl/x509_crl.h
View file

@ -89,9 +89,6 @@ typedef struct _x509_crl
x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
x509_buf sig_params; /**< Parameters for the signature algorithm */
#endif
struct _x509_crl *next;
}

3
include/polarssl/x509_crt.h
View file

@ -89,9 +89,6 @@ typedef struct _x509_crt
x509_buf sig; /**< Signature: hash of the tbs part signed with the private key. */
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
x509_buf sig_params; /**< Parameters for the signature algorithm */
#endif
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
}

3
include/polarssl/x509_csr.h
View file

@ -63,9 +63,6 @@ typedef struct _x509_csr
x509_buf sig;
md_type_t sig_md; /**< Internal representation of the MD algorithm of the signature algorithm, e.g. POLARSSL_MD_SHA256 */
pk_type_t sig_pk /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */;
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
x509_buf sig_params; /**< Parameters for the signature algorithm */
#endif
}
x509_csr;