diff options
| author | Michael Brown <mcb30@ipxe.org> | 2024-08-18 10:43:52 +0100 |
|---|---|---|
| committer | Michael Brown <mcb30@ipxe.org> | 2024-08-18 15:44:38 +0100 |
| commit | 53f089b723e16eecb4fd2e2a59b74b3932431b30 (patch) | |
| tree | b18d3ae4d8de119a6afb23c01ea3e9df069a0173 /src/crypto/x509.c | |
| parent | 950f6b5861d8d6b247b37e4e1401d26d8f908ee8 (diff) | |
| download | ipxe-53f089b723e16eecb4fd2e2a59b74b3932431b30.tar.gz | |
[crypto] Pass asymmetric keys as ASN.1 cursors
Asymmetric keys are invariably encountered within ASN.1 structures
such as X.509 certificates, and the various large integers within an
RSA key are themselves encoded using ASN.1.
Simplify all code handling asymmetric keys by passing keys as a single
ASN.1 cursor, rather than separate data and length pointers.
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto/x509.c')
| -rw-r--r-- | src/crypto/x509.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/crypto/x509.c b/src/crypto/x509.c index acb85620f..c0762740e 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1149,8 +1149,8 @@ static int x509_check_signature ( struct x509_certificate *cert, } /* Verify signature using signer's public key */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, + &public_key->raw ) ) != 0 ) { DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: " "%s\n", cert, x509_name ( cert ), strerror ( rc ) ); goto err_pubkey_init; @@ -1842,9 +1842,8 @@ struct x509_certificate * x509_find_key ( struct x509_chain *store, /* Check public key */ cert = link->cert; if ( pubkey_match ( cert->signature_algorithm->pubkey, - key->builder.data, key->builder.len, - cert->subject.public_key.raw.data, - cert->subject.public_key.raw.len ) == 0 ) + privkey_cursor ( key ), + &cert->subject.public_key.raw ) == 0 ) return x509_found ( store, cert ); } |