diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h index ff06d13b3..6a6fd028b 100644 --- a/include/mbedtls/x509.h +++ b/include/mbedtls/x509.h @@ -305,8 +305,9 @@ int mbedtls_x509_get_serial( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *serial ); int mbedtls_x509_get_ext( unsigned char **p, const unsigned char *end, mbedtls_x509_buf *ext, int tag ); + #if !defined(MBEDTLS_X509_REMOVE_INFO) -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, +int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, const void *sig_opts ); #endif diff --git a/library/x509.c b/library/x509.c index aeabdd3fa..58cd871be 100644 --- a/library/x509.c +++ b/library/x509.c @@ -841,20 +841,34 @@ int mbedtls_x509_serial_gets( char *buf, size_t size, const mbedtls_x509_buf *se /* * Helper for writing signature algorithms */ -int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *sig_oid, - mbedtls_pk_type_t pk_alg, mbedtls_md_type_t md_alg, - const void *sig_opts ) +int mbedtls_x509_sig_alg_gets( char *buf, size_t size, mbedtls_pk_type_t pk_alg, + mbedtls_md_type_t md_alg, const void *sig_opts ) { int ret; char *p = buf; size_t n = size; const char *desc = NULL; + mbedtls_x509_buf sig_oid; + mbedtls_md_type_t tmp_md_alg = md_alg; - ret = mbedtls_oid_get_sig_alg_desc( sig_oid, &desc ); - if( ret != 0 ) - ret = mbedtls_snprintf( p, n, "???" ); - else +#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) + /* The hash for RSASSA is determined by the algorithm parameters; + * in the OID list, the hash is set to MBEDTLS_MD_NONE. */ + if( pk_alg == MBEDTLS_PK_RSASSA_PSS ) + tmp_md_alg = MBEDTLS_MD_NONE; +#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */ + + sig_oid.tag = MBEDTLS_ASN1_OID; + ret = mbedtls_oid_get_oid_by_sig_alg( pk_alg, tmp_md_alg, + (const char**) &sig_oid.p, + &sig_oid.len ); + if( ret == 0 && + mbedtls_oid_get_sig_alg_desc( &sig_oid, &desc ) == 0 ) + { ret = mbedtls_snprintf( p, n, "%s", desc ); + } + else + ret = mbedtls_snprintf( p, n, "???" ); MBEDTLS_X509_SAFE_SNPRINTF; #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT) diff --git a/library/x509_crl.c b/library/x509_crl.c index 4f5507f0e..a56d5e3e8 100644 --- a/library/x509_crl.c +++ b/library/x509_crl.c @@ -690,8 +690,8 @@ int mbedtls_x509_crl_info( char *buf, size_t size, const char *prefix, ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &crl->sig_oid, crl->sig_pk, crl->sig_md, - crl->sig_opts ); + ret = mbedtls_x509_sig_alg_gets( p, n, crl->sig_pk, + crl->sig_md, crl->sig_opts ); MBEDTLS_X509_SAFE_SNPRINTF; ret = mbedtls_snprintf( p, n, "\n" ); diff --git a/library/x509_crt.c b/library/x509_crt.c index 93729986f..f1f5473ff 100644 --- a/library/x509_crt.c +++ b/library/x509_crt.c @@ -1606,8 +1606,8 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix, ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &crt->sig_oid, crt->sig_pk, - crt->sig_md, crt->sig_opts ); + ret = mbedtls_x509_sig_alg_gets( p, n, sig_info.sig_pk, + sig_info.sig_md, sig_info.sig_opts ); MBEDTLS_X509_SAFE_SNPRINTF; /* Key size */ diff --git a/library/x509_csr.c b/library/x509_csr.c index aa519fb93..d1a276041 100644 --- a/library/x509_csr.c +++ b/library/x509_csr.c @@ -357,8 +357,8 @@ int mbedtls_x509_csr_info( char *buf, size_t size, const char *prefix, ret = mbedtls_snprintf( p, n, "\n%ssigned using : ", prefix ); MBEDTLS_X509_SAFE_SNPRINTF; - ret = mbedtls_x509_sig_alg_gets( p, n, &csr->sig_oid, csr->sig_pk, csr->sig_md, - csr->sig_opts ); + ret = mbedtls_x509_sig_alg_gets( p, n, csr->sig_pk, + csr->sig_md, csr->sig_opts ); MBEDTLS_X509_SAFE_SNPRINTF; if( ( ret = mbedtls_x509_key_size_helper( key_size_str, BEFORE_COLON,