diff options
author | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-02-10 23:53:54 -0500 |
---|---|---|
committer | Viktor Dukhovni <openssl-users@dukhovni.org> | 2016-02-11 10:11:54 -0500 |
commit | 17a723885e8a875fc19d5140f580f80a113ba78f (patch) | |
tree | 14b050f17a0db77bcbeeaa8e0f6bcadca0c99fd6 /ssl/statem | |
parent | 27f172d9a3f3ec9901439b4823c95788598fa367 (diff) |
Simplify ssl_cert_type() by taking advantage of X509_get0_pubkey
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'ssl/statem')
-rw-r--r-- | ssl/statem/statem_lib.c | 51 |
1 files changed, 20 insertions, 31 deletions
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 49b5e48f50..6d4a536d38 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -599,43 +599,32 @@ int tls_get_message_body(SSL *s, unsigned long *len) return 1; } -int ssl_cert_type(X509 *x, EVP_PKEY *pkey) +int ssl_cert_type(X509 *x, EVP_PKEY *pk) { - EVP_PKEY *pk; - int ret = -1, i; - - if (pkey == NULL) - pk = X509_get_pubkey(x); - else - pk = pkey; - if (pk == NULL) - goto err; - - i = EVP_PKEY_id(pk); - if (i == EVP_PKEY_RSA) { - ret = SSL_PKEY_RSA_ENC; - } else if (i == EVP_PKEY_DSA) { - ret = SSL_PKEY_DSA_SIGN; - } + if (pk == NULL && + (pk = X509_get0_pubkey(x)) == NULL) + return -1; + + switch (EVP_PKEY_id(pk)) { + default: + return -1; + case EVP_PKEY_RSA: + return SSL_PKEY_RSA_ENC; + case EVP_PKEY_DSA: + return SSL_PKEY_DSA_SIGN; #ifndef OPENSSL_NO_EC - else if (i == EVP_PKEY_EC) { - ret = SSL_PKEY_ECC; - } + case EVP_PKEY_EC: + return SSL_PKEY_ECC; #endif #ifndef OPENSSL_NO_GOST - else if (i == NID_id_GostR3410_2001) { - ret = SSL_PKEY_GOST01; - } else if (i == NID_id_GostR3410_2012_256) { - ret = SSL_PKEY_GOST12_256; - } else if (i == NID_id_GostR3410_2012_512) { - ret = SSL_PKEY_GOST12_512; + case NID_id_GostR3410_2001: + return SSL_PKEY_GOST01; + case NID_id_GostR3410_2012_256: + return SSL_PKEY_GOST12_256; + case NID_id_GostR3410_2012_512: + return SSL_PKEY_GOST12_512; } #endif - - err: - if (!pkey) - EVP_PKEY_free(pk); - return (ret); } int ssl_verify_alarm_type(long type) |