refactor get sig algo from pk

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
2022-06-15 17:23:33 +08:00 · 2022-06-15 17:23:33 +08:00 · f249ef7821
commit f249ef7821
parent 7898fd456a
3 changed files with 118 additions and 122 deletions
--- a/library/ssl_tls13_server.c
+++ b/library/ssl_tls13_server.c
@ -352,7 +352,6 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
 {
    mbedtls_ssl_key_cert *key_cert, *key_cert_list;
    const uint16_t *sig_alg = ssl->handshake->received_sig_algs;
-    uint16_t key_sig_alg;

 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
    if( ssl->handshake->sni_key_cert != NULL )
@ -372,7 +371,6 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
        for( key_cert = key_cert_list; key_cert != NULL;
             key_cert = key_cert->next )
        {
-            int ret;
            MBEDTLS_SSL_DEBUG_CRT( 3, "certificate (chain) candidate",
                                   key_cert->cert );

@ -391,11 +389,9 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
                continue;
            }

-            ret = mbedtls_ssl_tls13_get_sig_alg_from_pk(
-                    ssl, &key_cert->cert->pk, &key_sig_alg );
-            if( ret != 0 )
-                continue;
-            if( *sig_alg == key_sig_alg )
+            MBEDTLS_SSL_DEBUG_MSG( 2,("Try get sig alg %04x",*sig_alg));
+            if( mbedtls_ssl_tls13_sig_alg_is_available_for_pk(
+                    ssl, *sig_alg, &key_cert->cert->pk ) )
            {
                ssl->handshake->key_cert = key_cert;
                MBEDTLS_SSL_DEBUG_CRT(
@ -406,6 +402,7 @@ static int ssl_tls13_pick_key_cert( mbedtls_ssl_context *ssl )
        }
    }

+    MBEDTLS_SSL_DEBUG_MSG( 2,("No signature algorithm found"));
    return( -1 );
 }
 #endif /* MBEDTLS_X509_CRT_PARSE_C &&