[crypto] Pass asymmetric keys as ASN.1 cursors

Asymmetric keys are invariably encountered within ASN.1 structures such as X.509 certificates, and the various large integers within an RSA key are themselves encoded using ASN.1. Simplify all code handling asymmetric keys by passing keys as a single ASN.1 cursor, rather than separate data and length pointers. Signed-off-by: Michael Brown <mcb30@ipxe.org>
2026-02-28 03:11:18 +03:00 · 2024-08-18 10:43:52 +01:00
parent 950f6b5861
commit 53f089b723
10 changed files with 74 additions and 112 deletions
--- a/src/crypto/x509.c
+++ b/src/crypto/x509.c
@@ -1149,8 +1149,8 @@ static int x509_check_signature ( struct x509_certificate *cert,
 	}

 	/* Verify signature using signer's public key */
-	if ( ( rc = pubkey_init ( pubkey, pubkey_ctx, public_key->raw.data,
-				  public_key->raw.len ) ) != 0 ) {
+	if ( ( rc = pubkey_init ( pubkey, pubkey_ctx,
+				  &public_key->raw ) ) != 0 ) {
 		DBGC ( cert, "X509 %p \"%s\" cannot initialise public key: "
 		       "%s\n", cert, x509_name ( cert ), strerror ( rc ) );
 		goto err_pubkey_init;
@@ -1842,9 +1842,8 @@ struct x509_certificate * x509_find_key ( struct x509_chain *store,
 		/* Check public key */
 		cert = link->cert;
 		if ( pubkey_match ( cert->signature_algorithm->pubkey,
-				    key->builder.data, key->builder.len,
-				    cert->subject.public_key.raw.data,
-				    cert->subject.public_key.raw.len ) == 0 )
+				    privkey_cursor ( key ),
+				    &cert->subject.public_key.raw ) == 0 )
 			return x509_found ( store, cert );
 	}