Add sig_opts member to X509 structures

2014-06-05 15:14:28 +02:00 · 2014-06-05 15:14:28 +02:00 · f75f2f7c46
commit f75f2f7c46
parent 20422e9a3a
8 changed files with 43 additions and 12 deletions
--- a/library/x509.c
+++ b/library/x509.c
@ -559,25 +559,37 @@ int x509_get_sig( unsigned char **p, const unsigned char *end, x509_buf *sig )
 * Get signature algorithm from alg OID and optional parameters
 */
 int x509_get_sig_alg( const x509_buf *sig_oid, const x509_buf *sig_params,
-                      md_type_t *md_alg, pk_type_t *pk_alg )
+                      md_type_t *md_alg, pk_type_t *pk_alg,
+                      void **sig_opts )
 {
    int ret;

+    if( *sig_opts != NULL )
+        return( POLARSSL_ERR_X509_BAD_INPUT_DATA );
+
    if( ( ret = oid_get_sig_alg( sig_oid, md_alg, pk_alg ) ) != 0 )
        return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG + ret );

 #if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
    if( *pk_alg == POLARSSL_PK_RSASSA_PSS )
    {
-        int salt_len;
-        md_type_t mgf_md;
+        pk_rsassa_pss_options *pss_opts;
+
+        pss_opts = polarssl_malloc( sizeof( pk_rsassa_pss_options ) );
+        if( pss_opts == NULL )
+            return( POLARSSL_ERR_X509_MALLOC_FAILED );

-        /* Make sure params are valid */
        ret = x509_get_rsassa_pss_params( sig_params,
-                                          md_alg, &mgf_md, &salt_len );
+                                          md_alg,
+                                          &pss_opts->mgf1_hash_id,
+                                          &pss_opts->expected_salt_len );
        if( ret != 0 )
+        {
+            polarssl_free( pss_opts );
            return( ret );
+        }

+        *sig_opts = (void *) pss_opts;
    }
    else
 #endif