Remove sig_oid parameter from mbedtls_x509_sig_alg_gets()

The function `mbedtls_x509_sig_alg_gets()` previously needed the raw ASN.1 OID string even though it is implicit in the PK and MD parameters. This commit modifies `mbedtls_x509_sig_alg_gets()` to infer the OID and remove it from the parameters. This will be needed for the new X.509 CRT structure which will likely not store the signature OID. Care has to be taken to handle the case of RSASSA-PSS correctly, where the hash algorithm in the OID list is set to MBEDTLS_MD_NONE because it's only determined by the algorithm parameters.
2026-05-13 07:14:28 +02:00 · 2019-02-21 17:13:46 +00:00
parent f226998fa2
commit 83cd8676fa
5 changed files with 29 additions and 14 deletions
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -305,8 +305,9 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end,
                     mbedtls_x509_buf *serial );
 int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end,
                  mbedtls_x509_buf *ext, int tag );
+
 #if !defined(MBEDTLS_X509_REMOVE_INFO)
-int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid,
+int mbedtls_x509_sig_alg_gets( char *buf, size_t size,
                       mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg,
                       const void *sig_opts );
 #endif