Switch to mbedtls_pk_verify_new
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index b244921..2129da1 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -2082,8 +2082,7 @@
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
- ret = mbedtls_pk_verify_ext(pk_alg, NULL,
- peer_pk,
+ ret = mbedtls_pk_verify_new(pk_alg, peer_pk,
md_alg, hash, hashlen,
p, sig_len);
} else
diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 44525dd..f5cdc65 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -300,7 +300,7 @@
MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len);
- if ((ret = mbedtls_pk_verify_ext(sig_alg, NULL,
+ if ((ret = mbedtls_pk_verify_new(sig_alg,
&ssl->session_negotiate->peer_cert->pk,
md_alg, verify_hash, verify_hash_len,
p, signature_len)) == 0) {
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 4ac5d9b..3947eb0 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2060,7 +2060,7 @@
flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
}
- if (mbedtls_pk_verify_ext(crl_list->sig_pk, NULL, &ca->pk,
+ if (mbedtls_pk_verify_new(crl_list->sig_pk, &ca->pk,
crl_list->sig_md, hash, hash_length,
crl_list->sig.p, crl_list->sig.len) != 0) {
flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
@@ -2134,7 +2134,7 @@
(void) rs_ctx;
#endif
- return mbedtls_pk_verify_ext(child->sig_pk, NULL, &parent->pk,
+ return mbedtls_pk_verify_new(child->sig_pk, &parent->pk,
child->sig_md, hash, hash_len,
child->sig.p, child->sig.len);
}