From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 25 Sep 2017 16:07:58 +0000 (+0200)
Subject: gmp: Use helper to determine XOF type
X-Git-Tag: 5.6.1rc1~6^2~30
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=126fd8af09b326f2224f686e4cd2ac99de8359ac;p=thirdparty%2Fstrongswan.git

gmp: Use helper to determine XOF type
---

diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
index 3a9296535f..e24fda8c26 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_private_key.c
@@ -354,21 +354,12 @@ static bool build_emsa_pss_signature(private_gmp_rsa_private_key_t *this,
 	{
 		return FALSE;
 	}
-	switch (params->mgf1_hash)
+	xof = xof_mgf1_from_hash_algorithm(params->mgf1_hash);
+	if (xof == XOF_UNDEFINED)
 	{
-		case HASH_SHA1:
-			xof = XOF_MGF1_SHA1;
-			break;
-		case HASH_SHA256:
-			xof = XOF_MGF1_SHA256;
-			break;
-		case HASH_SHA512:
-			xof = XOF_MGF1_SHA512;
-			break;
-		default:
-			DBG1(DBG_LIB, "%N is not supported for MGF1", hash_algorithm_names,
-				 params->mgf1_hash);
-			return FALSE;
+		DBG1(DBG_LIB, "%N is not supported for MGF1", hash_algorithm_names,
+			 params->mgf1_hash);
+		return FALSE;
 	}
 	/* emBits = modBits - 1 */
 	embits = mpz_sizeinbase(this->n, 2) - 1;
diff --git a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
index 45fdf1d675..52bc9fb380 100644
--- a/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
@@ -304,21 +304,12 @@ static bool verify_emsa_pss_signature(private_gmp_rsa_public_key_t *this,
 	{
 		return FALSE;
 	}
-	switch (params->mgf1_hash)
+	xof = xof_mgf1_from_hash_algorithm(params->mgf1_hash);
+	if (xof == XOF_UNDEFINED)
 	{
-		case HASH_SHA1:
-			xof = XOF_MGF1_SHA1;
-			break;
-		case HASH_SHA256:
-			xof = XOF_MGF1_SHA256;
-			break;
-		case HASH_SHA512:
-			xof = XOF_MGF1_SHA512;
-			break;
-		default:
-			DBG1(DBG_LIB, "%N is not supported for MGF1", hash_algorithm_names,
-				 params->mgf1_hash);
-			return FALSE;
+		DBG1(DBG_LIB, "%N is not supported for MGF1", hash_algorithm_names,
+			 params->mgf1_hash);
+		return FALSE;
 	}
 	chunk_skip_zero(signature);
 	if (signature.len == 0 || signature.len > this->k)