Introduce abstraction mbedtls_pk_handle_t

This is the first in a series of commit aimed at removing the pk_info
structures when we're building with MBEDTLS_PK_SINGLE_TYPE enabled.

Introducing this abstraction allows us to later make it a two-valued type
(valid, invalid) instead, which is much lighter.
This commit is contained in:
Manuel Pégourié-Gonnard 2019-09-19 10:45:14 +02:00
parent 08620cbb62
commit 020d9ba4ed
6 changed files with 66 additions and 61 deletions

View file

@ -127,13 +127,15 @@ typedef struct mbedtls_pk_debug_item
* \brief Public key information and operations
*/
typedef struct mbedtls_pk_info_t mbedtls_pk_info_t;
typedef const mbedtls_pk_info_t *mbedtls_pk_handle_t;
#define MBEDTLS_PK_INVALID_HANDLE ( (mbedtls_pk_handle_t) NULL )
/**
* \brief Public key container
*/
typedef struct mbedtls_pk_context
{
const mbedtls_pk_info_t * pk_info; /**< Public key information */
mbedtls_pk_handle_t pk_info; /**< Public key information */
void * pk_ctx; /**< Underlying public key context */
} mbedtls_pk_context;
@ -151,7 +153,7 @@ typedef struct
*/
typedef struct
{
const mbedtls_pk_info_t * pk_info; /**< Public key information */
mbedtls_pk_handle_t pk_info; /**< Public key information */
void * rs_ctx; /**< Underlying restart context */
} mbedtls_pk_restart_ctx;
#else /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
@ -213,7 +215,7 @@ typedef size_t (*mbedtls_pk_rsa_alt_key_len_func)( void *ctx );
*
* \return The PK info associated with the type or NULL if not found.
*/
const mbedtls_pk_info_t *mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
mbedtls_pk_handle_t mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type );
/**
* \brief Initialize a #mbedtls_pk_context (as NONE).
@ -264,7 +266,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx );
* \note For contexts holding an RSA-alt key, use
* \c mbedtls_pk_setup_rsa_alt() instead.
*/
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info );
int mbedtls_pk_setup( mbedtls_pk_context *ctx, mbedtls_pk_handle_t info );
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
/**

View file

@ -1016,35 +1016,35 @@ const mbedtls_pk_info_t mbedtls_rsa_alt_info = {
#if defined(MBEDTLS_PK_SINGLE_TYPE)
MBEDTLS_ALWAYS_INLINE static inline mbedtls_pk_type_t pk_info_type(
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
(void) info;
return( MBEDTLS_PK_INFO_TYPE( MBEDTLS_PK_SINGLE_TYPE ) );
}
MBEDTLS_ALWAYS_INLINE static inline const char * pk_info_name(
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
(void) info;
return( MBEDTLS_PK_INFO_NAME( MBEDTLS_PK_SINGLE_TYPE ) );
}
MBEDTLS_ALWAYS_INLINE static inline size_t pk_info_get_bitlen(
const mbedtls_pk_info_t *info, const void *ctx )
mbedtls_pk_handle_t info, const void *ctx )
{
(void) info;
return( MBEDTLS_PK_INFO_GET_BITLEN( MBEDTLS_PK_SINGLE_TYPE )( ctx ) );
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_can_do(
const mbedtls_pk_info_t *info, mbedtls_pk_type_t type )
mbedtls_pk_handle_t info, mbedtls_pk_type_t type )
{
(void) info;
return( MBEDTLS_PK_INFO_CAN_DO( MBEDTLS_PK_SINGLE_TYPE )( type ) );
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_verify_func(
const mbedtls_pk_info_t *info, void *ctx, mbedtls_md_type_t md_alg,
mbedtls_pk_handle_t info, void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
@ -1064,7 +1064,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_verify_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_sign_func(
const mbedtls_pk_info_t *info, void *ctx, mbedtls_md_type_t md_alg,
mbedtls_pk_handle_t info, void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t),
@ -1088,7 +1088,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_sign_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_decrypt_func(
const mbedtls_pk_info_t *info, void *ctx,
mbedtls_pk_handle_t info, void *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t),
@ -1112,7 +1112,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_decrypt_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_encrypt_func(
const mbedtls_pk_info_t *info, void *ctx,
mbedtls_pk_handle_t info, void *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t),
@ -1136,7 +1136,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_encrypt_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_check_pair_func(
const mbedtls_pk_info_t *info, const void *pub, const void *prv )
mbedtls_pk_handle_t info, const void *pub, const void *prv )
{
(void) info;
#if MBEDTLS_PK_INFO_CHECK_PAIR_OMIT( MBEDTLS_PK_SINGLE_TYPE )
@ -1150,21 +1150,21 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_check_pair_func(
}
MBEDTLS_ALWAYS_INLINE static inline void *pk_info_ctx_alloc_func(
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
(void) info;
return( MBEDTLS_PK_INFO_CTX_ALLOC_FUNC( MBEDTLS_PK_SINGLE_TYPE )( ) );
}
MBEDTLS_ALWAYS_INLINE static inline void pk_info_ctx_free_func(
const mbedtls_pk_info_t *info, void *ctx )
mbedtls_pk_handle_t info, void *ctx )
{
(void) info;
MBEDTLS_PK_INFO_CTX_FREE_FUNC( MBEDTLS_PK_SINGLE_TYPE )( ctx );
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_debug_func(
const mbedtls_pk_info_t *info,
mbedtls_pk_handle_t info,
const void *ctx, mbedtls_pk_debug_item *items )
{
(void) info;
@ -1180,31 +1180,31 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_debug_func(
#else /* MBEDTLS_PK_SINGLE_TYPE */
MBEDTLS_ALWAYS_INLINE static inline mbedtls_pk_type_t pk_info_type(
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
return( info->type );
}
MBEDTLS_ALWAYS_INLINE static inline const char * pk_info_name(
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
return( info->name );
}
MBEDTLS_ALWAYS_INLINE static inline size_t pk_info_get_bitlen(
const mbedtls_pk_info_t *info, const void *ctx )
mbedtls_pk_handle_t info, const void *ctx )
{
return( info->get_bitlen( ctx ) );
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_can_do(
const mbedtls_pk_info_t *info, mbedtls_pk_type_t type )
mbedtls_pk_handle_t info, mbedtls_pk_type_t type )
{
return( info->can_do( type ) );
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_verify_func(
const mbedtls_pk_info_t *info, void *ctx, mbedtls_md_type_t md_alg,
mbedtls_pk_handle_t info, void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
const unsigned char *sig, size_t sig_len )
{
@ -1215,7 +1215,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_verify_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_sign_func(
const mbedtls_pk_info_t *info, void *ctx, mbedtls_md_type_t md_alg,
mbedtls_pk_handle_t info, void *ctx, mbedtls_md_type_t md_alg,
const unsigned char *hash, size_t hash_len,
unsigned char *sig, size_t *sig_len,
int (*f_rng)(void *, unsigned char *, size_t),
@ -1229,7 +1229,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_sign_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_decrypt_func(
const mbedtls_pk_info_t *info, void *ctx,
mbedtls_pk_handle_t info, void *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t),
@ -1243,7 +1243,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_decrypt_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_encrypt_func(
const mbedtls_pk_info_t *info, void *ctx,
mbedtls_pk_handle_t info, void *ctx,
const unsigned char *input, size_t ilen,
unsigned char *output, size_t *olen, size_t osize,
int (*f_rng)(void *, unsigned char *, size_t),
@ -1257,7 +1257,7 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_encrypt_func(
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_check_pair_func(
const mbedtls_pk_info_t *info, const void *pub, const void *prv )
mbedtls_pk_handle_t info, const void *pub, const void *prv )
{
if( info->check_pair_func == NULL )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@ -1266,19 +1266,19 @@ MBEDTLS_ALWAYS_INLINE static inline int pk_info_check_pair_func(
}
MBEDTLS_ALWAYS_INLINE static inline void *pk_info_ctx_alloc_func(
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
return( info->ctx_alloc_func( ) );
}
MBEDTLS_ALWAYS_INLINE static inline void pk_info_ctx_free_func(
const mbedtls_pk_info_t *info, void *ctx )
mbedtls_pk_handle_t info, void *ctx )
{
info->ctx_free_func( ctx );
}
MBEDTLS_ALWAYS_INLINE static inline int pk_info_debug_func(
const mbedtls_pk_info_t *info,
mbedtls_pk_handle_t info,
const void *ctx, mbedtls_pk_debug_item *items )
{
if( info->debug_func == NULL )
@ -1297,7 +1297,7 @@ void mbedtls_pk_init( mbedtls_pk_context *ctx )
{
PK_VALIDATE( ctx != NULL );
ctx->pk_info = NULL;
ctx->pk_info = MBEDTLS_PK_INVALID_HANDLE;
ctx->pk_ctx = NULL;
}
@ -1309,7 +1309,7 @@ void mbedtls_pk_free( mbedtls_pk_context *ctx )
if( ctx == NULL )
return;
if ( ctx->pk_info != NULL )
if ( ctx->pk_info != MBEDTLS_PK_INVALID_HANDLE )
pk_info_ctx_free_func( ctx->pk_info, ctx->pk_ctx );
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_pk_context ) );
@ -1331,7 +1331,7 @@ void mbedtls_pk_restart_init( mbedtls_pk_restart_ctx *ctx )
*/
void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL ||
if( ctx == NULL || ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE ||
ctx->pk_info->rs_free_func == NULL )
{
return;
@ -1339,7 +1339,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
ctx->pk_info->rs_free_func( ctx->rs_ctx );
ctx->pk_info = NULL;
ctx->pk_info = MBEDTLS_PK_INVALID_HANDLE;
ctx->rs_ctx = NULL;
}
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
@ -1347,7 +1347,7 @@ void mbedtls_pk_restart_free( mbedtls_pk_restart_ctx *ctx )
/*
* Get pk_info structure from type
*/
const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
mbedtls_pk_handle_t mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
{
switch( pk_type ) {
#if defined(MBEDTLS_RSA_C)
@ -1380,11 +1380,14 @@ const mbedtls_pk_info_t * mbedtls_pk_info_from_type( mbedtls_pk_type_t pk_type )
/*
* Initialise context
*/
int mbedtls_pk_setup( mbedtls_pk_context *ctx, const mbedtls_pk_info_t *info )
int mbedtls_pk_setup( mbedtls_pk_context *ctx, mbedtls_pk_handle_t info )
{
PK_VALIDATE_RET( ctx != NULL );
if( info == NULL || ctx->pk_info != NULL )
if( info == MBEDTLS_PK_INVALID_HANDLE ||
ctx->pk_info != MBEDTLS_PK_INVALID_HANDLE )
{
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
}
if( ( ctx->pk_ctx = pk_info_ctx_alloc_func( info ) ) == NULL )
return( MBEDTLS_ERR_PK_ALLOC_FAILED );
@ -1404,10 +1407,10 @@ int mbedtls_pk_setup_rsa_alt( mbedtls_pk_context *ctx, void * key,
mbedtls_pk_rsa_alt_key_len_func key_len_func )
{
mbedtls_rsa_alt_context *rsa_alt;
const mbedtls_pk_info_t *info = &mbedtls_rsa_alt_info;
mbedtls_pk_handle_t info = &mbedtls_rsa_alt_info;
PK_VALIDATE_RET( ctx != NULL );
if( ctx->pk_info != NULL )
if( ctx->pk_info != MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ( ctx->pk_ctx = info->ctx_alloc_func() ) == NULL )
@ -1434,7 +1437,7 @@ int mbedtls_pk_can_do( const mbedtls_pk_context *ctx, mbedtls_pk_type_t type )
/* A context with null pk_info is not set up yet and can't do anything.
* For backward compatibility, also accept NULL instead of a context
* pointer. */
if( ctx == NULL || ctx->pk_info == NULL )
if( ctx == NULL || ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( 0 );
return( pk_info_can_do( ctx->pk_info, type ) );
@ -1465,10 +1468,10 @@ static inline int pk_hashlen_helper( mbedtls_md_type_t md_alg, size_t *hash_len
* Helper to set up a restart context if needed
*/
static int pk_restart_setup( mbedtls_pk_restart_ctx *ctx,
const mbedtls_pk_info_t *info )
mbedtls_pk_handle_t info )
{
/* Don't do anything if already set up or invalid */
if( ctx == NULL || ctx->pk_info != NULL )
if( ctx == NULL || ctx->pk_info != MBEDTLS_PK_INVALID_HANDLE )
return( 0 );
/* Should never happen when we're called */
@ -1498,7 +1501,7 @@ int mbedtls_pk_verify_restartable( mbedtls_pk_context *ctx,
hash != NULL );
PK_VALIDATE_RET( sig != NULL );
if( ctx->pk_info == NULL ||
if( ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE ||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@ -1553,7 +1556,7 @@ int mbedtls_pk_verify_ext( mbedtls_pk_type_t type, const void *options,
hash != NULL );
PK_VALIDATE_RET( sig != NULL );
if( ctx->pk_info == NULL )
if( ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
if( ! mbedtls_pk_can_do( ctx, type ) )
@ -1618,7 +1621,7 @@ int mbedtls_pk_sign_restartable( mbedtls_pk_context *ctx,
hash != NULL );
PK_VALIDATE_RET( sig != NULL );
if( ctx->pk_info == NULL ||
if( ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE ||
pk_hashlen_helper( md_alg, &hash_len ) != 0 )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
@ -1674,7 +1677,7 @@ int mbedtls_pk_decrypt( mbedtls_pk_context *ctx,
PK_VALIDATE_RET( output != NULL || osize == 0 );
PK_VALIDATE_RET( olen != NULL );
if( ctx->pk_info == NULL )
if( ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
return( pk_info_decrypt_func( ctx->pk_info, ctx->pk_ctx, input, ilen,
@ -1694,7 +1697,7 @@ int mbedtls_pk_encrypt( mbedtls_pk_context *ctx,
PK_VALIDATE_RET( output != NULL || osize == 0 );
PK_VALIDATE_RET( olen != NULL );
if( ctx->pk_info == NULL )
if( ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
return( pk_info_encrypt_func( ctx->pk_info, ctx->pk_ctx, input, ilen,
@ -1709,7 +1712,7 @@ int mbedtls_pk_check_pair( const mbedtls_pk_context *pub, const mbedtls_pk_conte
PK_VALIDATE_RET( pub != NULL );
PK_VALIDATE_RET( prv != NULL );
if( pub->pk_info == NULL || prv->pk_info == NULL )
if( pub->pk_info == MBEDTLS_PK_INVALID_HANDLE || prv->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
#if defined(MBEDTLS_PK_RSA_ALT_SUPPORT)
@ -1735,7 +1738,7 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
{
/* For backward compatibility, accept NULL or a context that
* isn't set up yet, and return a fake value that should be safe. */
if( ctx == NULL || ctx->pk_info == NULL )
if( ctx == NULL || ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( 0 );
return( pk_info_get_bitlen( ctx->pk_info, ctx->pk_ctx ) );
@ -1747,7 +1750,7 @@ size_t mbedtls_pk_get_bitlen( const mbedtls_pk_context *ctx )
int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *items )
{
PK_VALIDATE_RET( ctx != NULL );
if( ctx->pk_info == NULL )
if( ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_BAD_INPUT_DATA );
return( pk_info_debug_func( ctx->pk_info, ctx->pk_ctx, items ) );
@ -1758,7 +1761,7 @@ int mbedtls_pk_debug( const mbedtls_pk_context *ctx, mbedtls_pk_debug_item *item
*/
const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
if( ctx == NULL || ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( "invalid PK" );
return( pk_info_name( ctx->pk_info ) );
@ -1769,7 +1772,7 @@ const char *mbedtls_pk_get_name( const mbedtls_pk_context *ctx )
*/
mbedtls_pk_type_t mbedtls_pk_get_type( const mbedtls_pk_context *ctx )
{
if( ctx == NULL || ctx->pk_info == NULL )
if( ctx == NULL || ctx->pk_info == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_PK_NONE );
return( pk_info_type( ctx->pk_info ) );

View file

@ -687,7 +687,7 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
size_t len;
mbedtls_asn1_buf alg_params;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
const mbedtls_pk_info_t *pk_info;
mbedtls_pk_handle_t pk_info;
PK_VALIDATE_RET( p != NULL );
PK_VALIDATE_RET( *p != NULL );
@ -712,7 +712,7 @@ int mbedtls_pk_parse_subpubkey( unsigned char **p, const unsigned char *end,
return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
MBEDTLS_ERR_ASN1_LENGTH_MISMATCH );
if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 )
@ -1150,7 +1150,7 @@ static int pk_parse_key_pkcs8_unencrypted_der(
unsigned char *p = (unsigned char *) key;
unsigned char *end = p + keylen;
mbedtls_pk_type_t pk_alg = MBEDTLS_PK_NONE;
const mbedtls_pk_info_t *pk_info;
mbedtls_pk_handle_t pk_info;
/*
* This function parses the PrivateKeyInfo object (PKCS#8 v1.2 = RFC 5208)
@ -1192,7 +1192,7 @@ static int pk_parse_key_pkcs8_unencrypted_der(
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
MBEDTLS_ERR_ASN1_OUT_OF_DATA );
if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == NULL )
if( ( pk_info = mbedtls_pk_info_from_type( pk_alg ) ) == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
if( ( ret = mbedtls_pk_setup( pk, pk_info ) ) != 0 )
@ -1374,7 +1374,7 @@ int mbedtls_pk_parse_key( mbedtls_pk_context *pk,
defined(MBEDTLS_PEM_PARSE_C)
int ret;
#endif
const mbedtls_pk_info_t *pk_info;
mbedtls_pk_handle_t pk_info;
#if defined(MBEDTLS_PEM_PARSE_C)
size_t len;
mbedtls_pem_context pem;
@ -1604,7 +1604,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
int ret;
unsigned char *p;
#if defined(MBEDTLS_RSA_C)
const mbedtls_pk_info_t *pk_info;
mbedtls_pk_handle_t pk_info;
#endif
#if defined(MBEDTLS_PEM_PARSE_C)
size_t len;
@ -1631,7 +1631,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
if( ret == 0 )
{
p = pem.buf;
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )
@ -1679,7 +1679,7 @@ int mbedtls_pk_parse_public_key( mbedtls_pk_context *ctx,
#endif /* MBEDTLS_PEM_PARSE_C */
#if defined(MBEDTLS_RSA_C)
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == NULL )
if( ( pk_info = mbedtls_pk_info_from_type( MBEDTLS_PK_RSA ) ) == MBEDTLS_PK_INVALID_HANDLE )
return( MBEDTLS_ERR_PK_UNKNOWN_PK_ALG );
if( ( ret = mbedtls_pk_setup( ctx, pk_info ) ) != 0 )

View file

@ -2383,7 +2383,7 @@ static int ssl_rsa_encrypt_partial_pms( mbedtls_ssl_context *ssl,
* params currently, and there's no 'is_init' functions for PK
* contexts, we need to break the abstraction and peek into
* the PK context to see if it has been initialized. */
if( ssl->handshake->peer_pubkey.pk_info != NULL )
if( ssl->handshake->peer_pubkey.pk_info != MBEDTLS_PK_INVALID_HANDLE )
peer_pk = &ssl->handshake->peer_pubkey;
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
if( ssl->session_negotiate->peer_cert != NULL )

View file

@ -4462,7 +4462,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
* params currently, and there's no 'is_init' functions for PK
* contexts, we need to break the abstraction and peek into
* the PK context to see if it has been initialized. */
if( ssl->handshake->peer_pubkey.pk_info != NULL )
if( ssl->handshake->peer_pubkey.pk_info != MBEDTLS_PK_INVALID_HANDLE )
peer_pk = &ssl->handshake->peer_pubkey;
#else /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
if( ssl->session_negotiate->peer_cert != NULL )

View file

@ -107,7 +107,7 @@ void valid_parameters( )
TEST_VALID_PARAM( mbedtls_pk_restart_free( NULL ) );
#endif
TEST_ASSERT( mbedtls_pk_setup( &pk, NULL ) ==
TEST_ASSERT( mbedtls_pk_setup( &pk, MBEDTLS_PK_INVALID_HANDLE ) ==
MBEDTLS_ERR_PK_BAD_INPUT_DATA );
/* In informational functions, we accept NULL where a context pointer