diff options
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/cms.c | 3 | ||||
| -rw-r--r-- | src/crypto/crypto_null.c | 4 | ||||
| -rw-r--r-- | src/crypto/ocsp.c | 4 | ||||
| -rw-r--r-- | src/crypto/rsa.c | 30 | ||||
| -rw-r--r-- | src/crypto/x509.c | 9 |
5 files changed, 16 insertions, 34 deletions
diff --git a/src/crypto/cms.c b/src/crypto/cms.c index 1f33613f4..0b772f1cf 100644 --- a/src/crypto/cms.c +++ b/src/crypto/cms.c @@ -621,8 +621,7 @@ static int cms_verify_digest ( struct cms_message *cms, cms_digest ( cms, part, data, len, digest_out ); /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, ctx, &public_key->raw ) ) != 0 ) { DBGC ( cms, "CMS %p/%p could not initialise public key: %s\n", cms, part, strerror ( rc ) ); goto err_init; diff --git a/src/crypto/crypto_null.c b/src/crypto/crypto_null.c index 0ad463c3e..b4169382b 100644 --- a/src/crypto/crypto_null.c +++ b/src/crypto/crypto_null.c @@ -93,8 +93,8 @@ struct cipher_algorithm cipher_null = { .auth = cipher_null_auth, }; -int pubkey_null_init ( void *ctx __unused, const void *key __unused, - size_t key_len __unused ) { +int pubkey_null_init ( void *ctx __unused, + const struct asn1_cursor *key __unused ) { return 0; } diff --git a/src/crypto/ocsp.c b/src/crypto/ocsp.c index cc957b40c..f35593454 100644 --- a/src/crypto/ocsp.c +++ b/src/crypto/ocsp.c @@ -857,8 +857,8 @@ static int ocsp_check_signature ( struct ocsp_check *ocsp, digest_final ( digest, digest_ctx, digest_out ); /* Initialise public-key algorithm */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, + &public_key->raw ) ) != 0 ) { DBGC ( ocsp, "OCSP %p \"%s\" could not initialise public key: " "%s\n", ocsp, x509_name ( ocsp->cert ), strerror ( rc )); goto err_init; diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index 16c67d822..2d288a953 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -233,27 +233,21 @@ static int rsa_parse_mod_exp ( struct asn1_cursor *modulus, * * @v ctx RSA context * @v key Key - * @v key_len Length of key * @ret rc Return status code */ -static int rsa_init ( void *ctx, const void *key, size_t key_len ) { +static int rsa_init ( void *ctx, const struct asn1_cursor *key ) { struct rsa_context *context = ctx; struct asn1_cursor modulus; struct asn1_cursor exponent; - struct asn1_cursor cursor; int rc; /* Initialise context */ memset ( context, 0, sizeof ( *context ) ); - /* Initialise cursor */ - cursor.data = key; - cursor.len = key_len; - /* Parse modulus and exponent */ - if ( ( rc = rsa_parse_mod_exp ( &modulus, &exponent, &cursor ) ) != 0 ){ + if ( ( rc = rsa_parse_mod_exp ( &modulus, &exponent, key ) ) != 0 ){ DBGC ( context, "RSA %p invalid modulus/exponent:\n", context ); - DBGC_HDA ( context, 0, cursor.data, cursor.len ); + DBGC_HDA ( context, 0, key->data, key->len ); goto err_parse; } @@ -592,33 +586,23 @@ static void rsa_final ( void *ctx ) { * Check for matching RSA public/private key pair * * @v private_key Private key - * @v private_key_len Private key length * @v public_key Public key - * @v public_key_len Public key length * @ret rc Return status code */ -static int rsa_match ( const void *private_key, size_t private_key_len, - const void *public_key, size_t public_key_len ) { +static int rsa_match ( const struct asn1_cursor *private_key, + const struct asn1_cursor *public_key ) { struct asn1_cursor private_modulus; struct asn1_cursor private_exponent; - struct asn1_cursor private_cursor; struct asn1_cursor public_modulus; struct asn1_cursor public_exponent; - struct asn1_cursor public_cursor; int rc; - /* Initialise cursors */ - private_cursor.data = private_key; - private_cursor.len = private_key_len; - public_cursor.data = public_key; - public_cursor.len = public_key_len; - /* Parse moduli and exponents */ if ( ( rc = rsa_parse_mod_exp ( &private_modulus, &private_exponent, - &private_cursor ) ) != 0 ) + private_key ) ) != 0 ) return rc; if ( ( rc = rsa_parse_mod_exp ( &public_modulus, &public_exponent, - &public_cursor ) ) != 0 ) + public_key ) ) != 0 ) return rc; /* Compare moduli */ diff --git a/src/crypto/x509.c b/src/crypto/x509.c index acb85620f..c0762740e 100644 --- a/src/crypto/x509.c +++ b/src/crypto/x509.c @@ -1149,8 +1149,8 @@ static int x509_check_signature ( struct x509_certificate *cert, } /* Verify signature using signer's public key */ - if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data, - public_key->raw.len ) ) != 0 ) { + if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, + &public_key->raw ) ) != 0 ) { DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: " "%s\n", cert, x509_name ( cert ), strerror ( rc ) ); goto err_pubkey_init; @@ -1842,9 +1842,8 @@ struct x509_certificate * x509_find_key ( struct x509_chain *store, /* Check public key */ cert = link->cert; if ( pubkey_match ( cert->signature_algorithm->pubkey, - key->builder.data, key->builder.len, - cert->subject.public_key.raw.data, - cert->subject.public_key.raw.len ) == 0 ) + privkey_cursor ( key ), + &cert->subject.public_key.raw ) == 0 ) return x509_found ( store, cert ); } |