diff options
| author | lloyd <[email protected]> | 2010-03-04 22:50:27 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-03-04 22:50:27 +0000 |
| commit | a4df991ee1c371cbd931122c7f0da1559f015e16 (patch) | |
| tree | 7b38b294a33f927c2ef4f8d927ae1f46449c0430 | |
| parent | 7c48bec6b86e64712e03726a767c070d0b1fb79d (diff) | |
Remove some unnecessary usages of PK_Signing_Key
| -rw-r--r-- | src/cms/cms_ealg.cpp | 1 | ||||
| -rw-r--r-- | src/ssl/cert_ver.cpp | 36 | ||||
| -rw-r--r-- | src/ssl/s_kex.cpp | 47 |
3 files changed, 30 insertions, 54 deletions
diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp index 60479a820..5a9b42cde 100644 --- a/src/cms/cms_ealg.cpp +++ b/src/cms/cms_ealg.cpp @@ -295,7 +295,6 @@ void CMS_Encoder::sign(const X509_Certificate& cert, { std::string padding = pad_algo + "(" + hash + ")"; - // FIXME: Add new get_format() func to PK_Signing_Key, PK_Verifying_*_Key Signature_Format format = IEEE_1363; const PK_Signing_Key& sig_key = dynamic_cast<const PK_Signing_Key&>(key); diff --git a/src/ssl/cert_ver.cpp b/src/ssl/cert_ver.cpp index 5ac28dd2e..22dae8350 100644 --- a/src/ssl/cert_ver.cpp +++ b/src/ssl/cert_ver.cpp @@ -22,32 +22,22 @@ Certificate_Verify::Certificate_Verify(RandomNumberGenerator& rng, HandshakeHash& hash, const Private_Key* priv_key) { - const PK_Signing_Key* sign_key = - dynamic_cast<const PK_Signing_Key*>(priv_key); + std::auto_ptr<PK_Signer> signer; - if(sign_key) + if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key)) { - PK_Signer* signer = 0; - try - { - if(dynamic_cast<const RSA_PrivateKey*>(sign_key)) - signer = get_pk_signer(*sign_key, "EMSA3(TLS.Digest.0)"); - else if(dynamic_cast<const DSA_PrivateKey*>(sign_key)) - signer = get_pk_signer(*sign_key, "EMSA1(SHA-1)"); - else - throw Invalid_Argument("Unknown PK algo for TLS signature"); - - signature = signer->sign_message(hash.final(), rng); - delete signer; - } - catch(...) - { - delete signer; - throw; - } - - send(writer, hash); + signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)")); } + else if(const DSA_PrivateKey* dsa = + dynamic_cast<const DSA_PrivateKey*>(priv_key)) + { + signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)")); + } + else + throw Invalid_Argument("Unknown PK algo for TLS signature"); + + signature = signer->sign_message(hash.final(), rng); + send(writer, hash); } /** diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp index fd49fcb8c..d568ef14f 100644 --- a/src/ssl/s_kex.cpp +++ b/src/ssl/s_kex.cpp @@ -43,38 +43,25 @@ Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng, else throw Invalid_Argument("Bad key for TLS key exchange: not DH or RSA"); - // FIXME: dup of stuff in cert_ver.cpp - // FIXME: it's OK for the server to be anonymous.... - const PK_Signing_Key* sign_key = - dynamic_cast<const PK_Signing_Key*>(priv_key); - - if(!sign_key) - throw Invalid_Argument("Server Kex: Private key not for signing"); - - PK_Signer* signer = 0; - try { - if(dynamic_cast<const RSA_PrivateKey*>(sign_key)) - signer = get_pk_signer(*sign_key, "EMSA3(TLS.Digest.0)"); - else if(dynamic_cast<const DSA_PrivateKey*>(sign_key)) - { - signer = get_pk_signer(*sign_key, "EMSA1(SHA-1)"); - signer->set_output_format(DER_SEQUENCE); - } - else - throw Invalid_Argument("Bad key for TLS signature: not RSA or DSA"); - - signer->update(c_random); - signer->update(s_random); - signer->update(serialize_params()); - signature = signer->signature(rng); - - delete signer; - } - catch(...) + std::auto_ptr<PK_Signer> signer; + + if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key)) + { + signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)")); + } + else if(const DSA_PrivateKey* dsa = + dynamic_cast<const DSA_PrivateKey*>(priv_key)) { - delete signer; - throw; + signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)")); + signer->set_output_format(DER_SEQUENCE); } + else + throw Invalid_Argument("Bad key for TLS signature: not RSA or DSA"); + + signer->update(c_random); + signer->update(s_random); + signer->update(serialize_params()); + signature = signer->signature(rng); send(writer, hash); } |