diff options
| author | David Howells <dhowells@redhat.com> | 2013-08-30 11:18:02 -0400 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2013-09-25 12:17:00 -0400 |
| commit | b426beb6eeb0c81aeaa419f7444064abc9cb04ae (patch) | |
| tree | e704ed37a19ac0d9f572a8a45f4cf6228dd3ae5f /crypto/asymmetric_keys/x509_parser.h | |
| parent | 57be4a784bf58eb41784aa3431165b455cf7e9c6 (diff) | |
X.509: Embed public_key_signature struct and create filler function
Embed a public_key_signature struct in struct x509_certificate, eliminating
now unnecessary fields, and split x509_check_signature() to create a filler
function for it that attaches a digest of the signed data and an MPI that
represents the signature data. x509_free_certificate() is then modified to
deal with these.
Whilst we're at it, export both x509_check_signature() and the new
x509_get_sig_params().
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Josh Boyer <jwboyer@redhat.com>
Diffstat (limited to 'crypto/asymmetric_keys/x509_parser.h')
| -rw-r--r-- | crypto/asymmetric_keys/x509_parser.h | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/crypto/asymmetric_keys/x509_parser.h b/crypto/asymmetric_keys/x509_parser.h index 2d0118214770..87d9cc26f630 100644 --- a/crypto/asymmetric_keys/x509_parser.h +++ b/crypto/asymmetric_keys/x509_parser.h | |||
| @@ -21,12 +21,11 @@ struct x509_certificate { | |||
| 21 | char *authority; /* Authority key fingerprint as hex */ | 21 | char *authority; /* Authority key fingerprint as hex */ |
| 22 | struct tm valid_from; | 22 | struct tm valid_from; |
| 23 | struct tm valid_to; | 23 | struct tm valid_to; |
| 24 | enum pkey_algo sig_pkey_algo : 8; /* Signature public key algorithm */ | ||
| 25 | enum pkey_hash_algo sig_hash_algo : 8; /* Signature hash algorithm */ | ||
| 26 | const void *tbs; /* Signed data */ | 24 | const void *tbs; /* Signed data */ |
| 27 | size_t tbs_size; /* Size of signed data */ | 25 | unsigned tbs_size; /* Size of signed data */ |
| 28 | const void *sig; /* Signature data */ | 26 | unsigned raw_sig_size; /* Size of sigature */ |
| 29 | size_t sig_size; /* Size of sigature */ | 27 | const void *raw_sig; /* Signature data */ |
| 28 | struct public_key_signature sig; /* Signature parameters */ | ||
| 30 | }; | 29 | }; |
| 31 | 30 | ||
| 32 | /* | 31 | /* |
| @@ -34,3 +33,10 @@ struct x509_certificate { | |||
| 34 | */ | 33 | */ |
| 35 | extern void x509_free_certificate(struct x509_certificate *cert); | 34 | extern void x509_free_certificate(struct x509_certificate *cert); |
| 36 | extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); | 35 | extern struct x509_certificate *x509_cert_parse(const void *data, size_t datalen); |
| 36 | |||
| 37 | /* | ||
| 38 | * x509_public_key.c | ||
| 39 | */ | ||
| 40 | extern int x509_get_sig_params(struct x509_certificate *cert); | ||
| 41 | extern int x509_check_signature(const struct public_key *pub, | ||
| 42 | struct x509_certificate *cert); | ||