Clarified the purpose of the spki params related functions

_gnutls_privkey_get_sign_params was renamed to _gnutls_privkey_get_spki_params,
_gnutls_privkey_update_sign_params to _gnutls_privkey_update_spki_params,
and the dig entry of gnutls_x509_spki_st was renamed to rsa_pss_dig.

The reason is that there could be a confusion on the purpose of
the 'dig' entry, as it could be assumed to be the signature's hash
algorithm in the general case. That could not be because the SPKI
parameters do not contain it for any other algorithm than RSA-PSS.
As such, make a logical separation from SPKI reading functions
with the signature reading functions and try to use the
gnutls_sign_entry_st when signature information is required.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 14 insertions, 8 deletions

diff --git a/lib/algorithms/sign.c b/lib/algorithms/sign.c
index eca76fa487..65fa432dee 100644
--- a/lib/algorithms/sign.c
+++ b/lib/algorithms/sign.c
@@ -254,6 +254,16 @@ gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name)
 
 }
 
+const gnutls_sign_entry_st *_gnutls_oid_to_sign_entry(const char *oid)
+{
+	GNUTLS_SIGN_LOOP(
+		if (p->oid && strcmp(oid, p->oid) == 0) {
+			return p;
+		}
+	);
+	return NULL;
+}
+
 /**
  * gnutls_oid_to_sign:
  * @oid: is an object identifier
@@ -267,18 +277,14 @@ gnutls_sign_algorithm_t gnutls_sign_get_id(const char *name)
  **/
 gnutls_sign_algorithm_t gnutls_oid_to_sign(const char *oid)
 {
-	gnutls_sign_algorithm_t ret = 0;
+	const gnutls_sign_entry_st *se;
 
-	GNUTLS_SIGN_LOOP(
-		if (p->oid && strcmp(oid, p->oid) == 0) {
-			ret = p->id; break;}
-	);
-
-	if (ret == 0) {
+	se = _gnutls_oid_to_sign_entry(oid);
+	if (se == NULL) {
 		_gnutls_debug_log("Unknown SIGN OID: '%s'\n", oid);
 		return GNUTLS_SIGN_UNKNOWN;
 	}
-	return ret;
+	return se->id;
 }
 
 const gnutls_sign_entry_st *_gnutls_pk_to_sign_entry(gnutls_pk_algorithm_t pk, gnutls_digest_algorithm_t hash)