Clarified the purpose of the spki params related functions

_gnutls_privkey_get_sign_params was renamed to _gnutls_privkey_get_spki_params,
_gnutls_privkey_update_sign_params to _gnutls_privkey_update_spki_params,
and the dig entry of gnutls_x509_spki_st was renamed to rsa_pss_dig.

The reason is that there could be a confusion on the purpose of
the 'dig' entry, as it could be assumed to be the signature's hash
algorithm in the general case. That could not be because the SPKI
parameters do not contain it for any other algorithm than RSA-PSS.
As such, make a logical separation from SPKI reading functions
with the signature reading functions and try to use the
gnutls_sign_entry_st when signature information is required.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 3 insertions, 3 deletions

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index c2ad4efd30..e69ccb09c9 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -756,7 +756,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
 			mpz_init(s);
 
 			ret =
-			    _rsa_pss_sign_digest_tr(sign_params->dig,
+			    _rsa_pss_sign_digest_tr(sign_params->rsa_pss_dig,
 						    &pub, &priv,
 						    NULL, rnd_nonce_func,
 						    sign_params->salt_size,
@@ -1014,7 +1014,7 @@ _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
 				goto cleanup;
 			}
 
-			ret = _rsa_pss_verify_digest(sign_params->dig,
+			ret = _rsa_pss_verify_digest(sign_params->rsa_pss_dig,
 						     &pub,
 						     sign_params->salt_size,
 						     vdata->data, vdata->size,
@@ -1475,7 +1475,7 @@ char* gen_data = NULL;
 		ddata.data = (void*)gen_data;
 		ddata.size = hash_len;
 	} else if (algo == GNUTLS_PK_RSA_PSS) {
-		switch (params->sign.dig) {
+		switch (params->sign.rsa_pss_dig) {
 		case GNUTLS_DIG_SHA256:
 			ddata.data = (void*)const_data_sha256;
 			ddata.size = sizeof(const_data_sha256);