From 46db4b070c518d278e8e419f76ccfbb2883eebeb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Thu, 5 Jun 2014 16:34:18 +0200
Subject: [PATCH] Use pk_verify_ext() in x509_crt.c
---
library/x509_crt.c | 42 ++++++------------------------------------
1 file changed, 6 insertions(+), 36 deletions(-)
diff --git a/library/x509_crt.c b/library/x509_crt.c
index d6164a865..fdcc96920 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -1659,24 +1659,9 @@ static int x509_crt_verify_top(
continue;
}
-#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
- if( child->sig_pk == POLARSSL_PK_RSASSA_PSS )
- {
- if( pk_can_do( &trust_ca->pk, POLARSSL_PK_RSA ) == 0 ||
- rsa_rsassa_pss_verify( pk_rsa( trust_ca->pk ),
- NULL, NULL, RSA_PUBLIC,
- child->sig_md,
- md_info->size, hash,
- child->sig.p ) != 0 )
- {
- continue;
- }
- }
- else
-#endif
- if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 ||
- pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size,
- child->sig.p, child->sig.len ) != 0 )
+ if( pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
+ child->sig_md, hash, md_info->size,
+ child->sig.p, child->sig.len ) != 0 )
{
continue;
}
@@ -1763,24 +1748,9 @@ static int x509_crt_verify_child(
{
md( md_info, child->tbs.p, child->tbs.len, hash );
-#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
- if( child->sig_pk == POLARSSL_PK_RSASSA_PSS )
- {
- if( pk_can_do( &parent->pk, POLARSSL_PK_RSA ) == 0 ||
- rsa_rsassa_pss_verify( pk_rsa( parent->pk ),
- NULL, NULL, RSA_PUBLIC,
- child->sig_md,
- md_info->size, hash,
- child->sig.p ) != 0 )
- {
- *flags |= BADCERT_NOT_TRUSTED;
- }
- }
- else
-#endif
- if( pk_can_do( &parent->pk, child->sig_pk ) == 0 ||
- pk_verify( &parent->pk, child->sig_md, hash, md_info->size,
- child->sig.p, child->sig.len ) != 0 )
+ if( pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
+ child->sig_md, hash, md_info->size,
+ child->sig.p, child->sig.len ) != 0 )
{
*flags |= BADCERT_NOT_TRUSTED;
}