if (bits)
*bits = key->bits;
- return key->pk_algorithm;
+ return key->params.algo;
}
/**
gnutls_pk_params_release(&key->params);
/* params initialized in _gnutls_x509_crt_get_mpis */
- key->pk_algorithm =
- gnutls_x509_crt_get_pk_algorithm(crt, &key->bits);
+ key->params.algo = gnutls_x509_crt_get_pk_algorithm(crt, &key->bits);
ret = gnutls_x509_crt_get_key_usage(crt, &key->key_usage, NULL);
if (ret < 0)
gnutls_pk_params_release(&key->params);
/* params initialized in _gnutls_x509_crq_get_mpis */
- key->pk_algorithm =
- gnutls_x509_crq_get_pk_algorithm(crq, &key->bits);
+ key->params.algo = gnutls_x509_crq_get_pk_algorithm(crq, &key->bits);
ret = gnutls_x509_crq_get_key_usage(crq, &key->key_usage, NULL);
if (ret < 0)
gnutls_pk_params_release(&key->params);
gnutls_pk_params_init(&key->params);
- key->pk_algorithm =
- gnutls_privkey_get_pk_algorithm(pkey, &key->bits);
-
key->key_usage = usage;
+ key->params.algo = gnutls_privkey_get_pk_algorithm(pkey, &key->bits);
return _gnutls_privkey_get_public_mpis(pkey, &key->params);
}
if (mand)
*mand = 0;
- switch (key->pk_algorithm) {
+ switch (key->params.algo) {
case GNUTLS_PK_DSA:
if (mand)
*mand = 1;
return GNUTLS_E_INVALID_REQUEST;
}
- if (!GNUTLS_PK_IS_RSA(key->pk_algorithm)) {
+ if (!GNUTLS_PK_IS_RSA(key->params.algo)) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
return GNUTLS_E_INVALID_REQUEST;
}
- if (key->pk_algorithm != GNUTLS_PK_DSA) {
+ if (key->params.algo != GNUTLS_PK_DSA) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
return GNUTLS_E_INVALID_REQUEST;
}
- if (!IS_EC(key->pk_algorithm)) {
+ if (!IS_EC(key->params.algo)) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if (curve)
*curve = key->params.flags;
- if (key->pk_algorithm == GNUTLS_PK_EDDSA_ED25519) {
+ if (key->params.algo == GNUTLS_PK_EDDSA_ED25519) {
if (x) {
ret = _gnutls_set_datum(x, key->params.raw_pub.data, key->params.raw_pub.size);
if (ret < 0)
int ret;
gnutls_datum_t raw_point = {NULL,0};
- if (key == NULL || key->pk_algorithm != GNUTLS_PK_EC)
+ if (key == NULL || key->params.algo != GNUTLS_PK_EC)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
ret = _gnutls_x509_write_ecc_pubkey(&key->params, &raw_point);
/* this has already been called by get_asn_mpis() thus it cannot
* fail.
*/
- key->pk_algorithm = key->params.algo = _gnutls_x509_get_pk_algorithm(spk, "", &curve, NULL);
+ key->params.algo = _gnutls_x509_get_pk_algorithm(spk, "", &curve, NULL);
key->params.flags = curve;
key->bits = pubkey_to_bits(&key->params);
key->params.params_nr = RSA_PUBLIC_PARAMS;
key->params.algo = GNUTLS_PK_RSA;
- key->pk_algorithm = GNUTLS_PK_RSA;
key->bits = pubkey_to_bits(&key->params);
return 0;
goto cleanup;
}
- key->pk_algorithm = GNUTLS_PK_EDDSA_ED25519;
+ key->params.algo = GNUTLS_PK_EDDSA_ED25519;
key->params.flags = curve;
return 0;
goto cleanup;
}
key->params.params_nr++;
- key->pk_algorithm = GNUTLS_PK_ECDSA;
+ key->params.algo = GNUTLS_PK_ECDSA;
return 0;
goto cleanup;
}
key->params.params_nr += 2;
- key->pk_algorithm = GNUTLS_PK_EC;
+ key->params.algo = GNUTLS_PK_EC;
gnutls_free(raw_point.data);
return 0;
}
key->params.params_nr = DSA_PUBLIC_PARAMS;
- key->pk_algorithm = key->params.algo = GNUTLS_PK_DSA;
+ key->params.algo = GNUTLS_PK_DSA;
key->bits = pubkey_to_bits(&key->params);
return 0;
{
unsigned bits;
- if (se->pk != pubkey->pk_algorithm) {
- if (!gnutls_sign_supports_pk_algorithm(se->pk, pubkey->pk_algorithm)) {
+ if (se->pk != pubkey->params.algo) {
+ if (!gnutls_sign_supports_pk_algorithm(se->pk, pubkey->params.algo)) {
_gnutls_debug_log("have key: %s/%d, with sign %s/%d\n",
- gnutls_pk_get_name(pubkey->pk_algorithm), pubkey->pk_algorithm,
+ gnutls_pk_get_name(pubkey->params.algo), pubkey->params.algo,
se->name, se->id);
return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
}
if (params->pk == GNUTLS_PK_RSA_PSS) {
- if (!GNUTLS_PK_IS_RSA(pubkey->pk_algorithm))
+ if (!GNUTLS_PK_IS_RSA(pubkey->params.algo))
return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
/* The requested sign algorithm is RSA-PSS, while the
* pubkey doesn't include parameter information. Fill
* it with the same way as gnutls_privkey_sign*. */
- if (pubkey->pk_algorithm == GNUTLS_PK_RSA || params->rsa_pss_dig == 0) {
+ if (pubkey->params.algo == GNUTLS_PK_RSA || params->rsa_pss_dig == 0) {
gnutls_pubkey_get_pk_algorithm(pubkey, &bits);
params->rsa_pss_dig = se->hash;
params->salt_size = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
return GNUTLS_E_INVALID_REQUEST;
}
- if (_gnutls_pk_is_not_prehashed(key->pk_algorithm)) {
+ if (_gnutls_pk_is_not_prehashed(key->params.algo)) {
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
}
memcpy(¶ms, &key->params.spki, sizeof(gnutls_x509_spki_st));
if (flags & OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA || flags & GNUTLS_VERIFY_USE_TLS1_RSA) {
- if (!GNUTLS_PK_IS_RSA(key->pk_algorithm))
+ if (!GNUTLS_PK_IS_RSA(key->params.algo))
return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
params.pk = GNUTLS_PK_RSA;
/* we do not check for insecure algorithms with this flag */
return _gnutls_pk_verify(params.pk, hash, signature,
&key->params, ¶ms);
} else if (algo == GNUTLS_SIGN_UNKNOWN) {
- params.pk = key->pk_algorithm;
+ params.pk = key->params.algo;
me = NULL;
} else {
se = _gnutls_sign_to_entry(algo);
return GNUTLS_E_INVALID_REQUEST;
}
- return _gnutls_pk_encrypt(key->pk_algorithm, ciphertext,
+ return _gnutls_pk_encrypt(key->params.algo, ciphertext,
plaintext, &key->params);
}
if (se == NULL && _gnutls_version_has_selectable_sighash(ver))
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
- if (pubkey->pk_algorithm == GNUTLS_PK_DSA) {
+ if (pubkey->params.algo == GNUTLS_PK_DSA) {
me = _gnutls_dsa_q_to_hash(&pubkey->params, &hash_size);
/* DSA keys over 1024 bits cannot be used with TLS 1.x, x<2 */
hash_size);
}
- } else if (pubkey->pk_algorithm == GNUTLS_PK_EC) {
+ } else if (pubkey->params.algo == GNUTLS_PK_EC) {
if (_gnutls_version_has_selectable_sighash(ver)
&& se != NULL) {
hash_size);
}
- } else if (pubkey->pk_algorithm == GNUTLS_PK_RSA_PSS) {
+ } else if (pubkey->params.algo == GNUTLS_PK_RSA_PSS) {
if (!_gnutls_version_has_selectable_sighash(ver))
/* this should not have happened */
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
{
int ret;
- ret = _gnutls_pk_verify_pub_params(key->pk_algorithm, &key->params);
+ ret = _gnutls_pk_verify_pub_params(key->params.algo, &key->params);
if (ret < 0) {
gnutls_assert();
return ret;
projects / thirdparty / gnutls.git / commitdiff
