commit 8b3b7e5cacdde75f9a650d2739d7183f6cd4526f
author Ben Taylor <ben.taylor@linaro.org> Wed Aug 06 15:23:33 2025 +0100
committer Ben Taylor <ben.taylor@linaro.org> Thu Aug 07 08:25:52 2025 +0100
tree 2ca007ecff9b1f6bcd4a64462bdcd777dfa482b8
parent 6816fd781e89e3fa83a7d5ba363edb74d9fb4de8

Update further type mismatches

Signed-off-by: Ben Taylor <ben.taylor@linaro.org>

library/ssl_tls12_client.c

diff --git a/library/ssl_tls12_client.c b/library/ssl_tls12_client.c
index 5488eb0..2129da1 100644
--- a/library/ssl_tls12_client.c
+++ b/library/ssl_tls12_client.c
@@ -2082,7 +2082,7 @@
 
 #if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
         if (pk_alg == MBEDTLS_PK_RSASSA_PSS) {
-            ret = mbedtls_pk_verify_new((mbedtls_pk_sigalg_t) pk_alg, peer_pk,
+            ret = mbedtls_pk_verify_new(pk_alg, peer_pk,
                                         md_alg, hash, hashlen,
                                         p, sig_len);
         } else

library/ssl_tls13_generic.c

diff --git a/library/ssl_tls13_generic.c b/library/ssl_tls13_generic.c
index 7e2daef..e88c00a 100644
--- a/library/ssl_tls13_generic.c
+++ b/library/ssl_tls13_generic.c
@@ -300,7 +300,7 @@
 
     MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len);
 
-    if ((ret = mbedtls_pk_verify_new((mbedtls_pk_sigalg_t) sig_alg,
+    if ((ret = mbedtls_pk_verify_new(sig_alg,
                                      &ssl->session_negotiate->peer_cert->pk,
                                      md_alg, verify_hash, verify_hash_len,
                                      p, signature_len)) == 0) {

library/x509_crt.c

diff --git a/library/x509_crt.c b/library/x509_crt.c
index 9ac9658..e6b9252 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -2061,7 +2061,7 @@
             flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
         }
 
-        if (mbedtls_pk_verify_new(crl_list->sig_pk, &ca->pk,
+        if (mbedtls_pk_verify_ext(crl_list->sig_pk, &ca->pk,
                                   crl_list->sig_md, hash, hash_length,
                                   crl_list->sig.p, crl_list->sig.len) != 0) {
             flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
@@ -2135,7 +2135,7 @@
     (void) rs_ctx;
 #endif
 
-    return mbedtls_pk_verify_new(child->sig_pk, &parent->pk,
+    return mbedtls_pk_verify_ext(child->sig_pk, &parent->pk,
                                  child->sig_md, hash, hash_len,
                                  child->sig.p, child->sig.len);
 }

tests/suites/test_suite_x509write.function

diff --git a/tests/suites/test_suite_x509write.function b/tests/suites/test_suite_x509write.function
index c2ab27b..000c09a 100644
--- a/tests/suites/test_suite_x509write.function
+++ b/tests/suites/test_suite_x509write.function
@@ -40,7 +40,7 @@
         goto cleanup;
     }
 
-    if (mbedtls_pk_verify_new(csr.sig_pk, &csr.pk,
+    if (mbedtls_pk_verify_ext(csr.sig_pk, &csr.pk,
                               csr.sig_md, hash, mbedtls_md_get_size_from_type(csr.sig_md),
                               csr.sig.p, csr.sig.len) != 0) {
         ret = MBEDTLS_ERR_X509_CERT_VERIFY_FAILED;