yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-27 02:24:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate()

Browse Source
This commit is contained in:
Hanno Becker 2019-02-05 17:02:28 +00:00
parent 9fb6e2e203
commit 3008d2869f
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
library/ssl_tls.c
View File

@ -6634,6 +6634,33 @@ crt_verify:
if( ret != 0 )
return( ret );
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
/* Remember digest of the peer's end-CRT. */
ssl->session_negotiate->peer_cert_digest =
mbedtls_calloc( 1, MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN );
if( ssl->session_negotiate->peer_cert_digest == NULL )
{
MBEDTLS_SSL_DEBUG_MSG( 1, ( "alloc(%d bytes) failed",
sizeof( MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN ) ) );
mbedtls_ssl_send_alert_message( ssl,
MBEDTLS_SSL_ALERT_LEVEL_FATAL,
MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR );
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
}
ret = mbedtls_md( mbedtls_md_info_from_type(
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE ),
ssl->session_negotiate->peer_cert->raw.p,
ssl->session_negotiate->peer_cert->raw.len,
ssl->session_negotiate->peer_cert_digest );
if( ret != 0 )
return( ret );
ssl->session_negotiate->peer_cert_digest_type =
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_TYPE;
ssl->session_negotiate->peer_cert_digest_len =
MBEDTLS_SSL_PEER_CERT_DIGEST_DFL_LEN;
#endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= parse certificate" ) );
exit: