Split rsa_validate_algorithm_id ()

1 files changed, 19 insertions, 13 deletions

diff --git a/lib/ncrypto_nss.c b/lib/ncrypto_nss.c
index 518a4f9..4c5ac06 100644
--- a/lib/ncrypto_nss.c
+++ b/lib/ncrypto_nss.c
@@ -762,6 +762,22 @@ static const SEC_ASN1Template rsa_private_key_asn1_template[] =
     { 0, 0, NULL, 0 }
   };
 
+static CK_RV
+rsa_validate_algorithm_id (const SECAlgorithmID *id)
+{
+  static const uint8_t asn1_null[] = { SEC_ASN1_NULL, 0 };
+  static const SECItem asn1_null_item
+    = { 0, (void *)&asn1_null, sizeof (asn1_null) };
+
+  const SECOidData *oid;
+
+  oid = SECOID_FindOIDByTag (SEC_OID_PKCS1_RSA_ENCRYPTION);
+  if (oid == NULL || !SECITEM_ItemsAreEqual(&id->algorithm, &oid->oid)
+      || !SECITEM_ItemsAreEqual(&id->parameters, &asn1_null_item))
+    return CKR_GENERAL_ERROR;
+  return CKR_OK;
+}
+
 CK_RV
 ncr_public_key_create_rsa (struct ncr_public_key **key,
 			   const struct ncr_mpi
@@ -815,13 +831,8 @@ CK_RV
 ncr_public_key_export_rsa (struct ncr_public_key *key,
 			   struct ncr_mpi mpis[static NCR_RSA_PUBLIC_NUM_MPIS])
 {
-  static const uint8_t asn1_null[] = { SEC_ASN1_NULL, 0 };
-  static const SECItem asn1_null_item
-    = { 0, (void *)&asn1_null, sizeof (asn1_null) };
-
   struct rsa_public_key der_output;
   CERTSubjectPublicKeyInfo *spki;
-  const SECOidData *oid;
   PRArenaPool *arena;
   SECItem key_item;
   CK_RV res;
@@ -838,14 +849,9 @@ ncr_public_key_export_rsa (struct ncr_public_key *key,
   if (spki == NULL)
     return CKR_GENERAL_ERROR;
 
-  oid = SECOID_FindOIDByTag (SEC_OID_PKCS1_RSA_ENCRYPTION);
-  if (oid == NULL
-      || !SECITEM_ItemsAreEqual(&spki->algorithm.algorithm, &oid->oid)
-      || !SECITEM_ItemsAreEqual(&spki->algorithm.parameters, &asn1_null_item))
-    {
-      res = CKR_GENERAL_ERROR;
-      goto end_spki;
-    }
+  res = rsa_validate_algorithm_id (&spki->algorithm);
+  if (res != CKR_OK)
+    goto end_spki;
 
   /* Ugly... the PLArenaPool type is from NSPR, but NSS implementation accesses
      memory only initialized through NSS's PORT_* */