yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-12-02 01:24:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

Async callback: use mbedtls_pk_check_pair to compare keys

Browse Source 
In the current test code, the object that is used as a public key in
the certificate also contains a private key. However this is because
of the way the stest code is built and does not demonstrate the API in
a useful way. Use mbedtls_pk_check_pair, which is not what real-world
code would do (since the private key would typically be in an external
cryptoprocessor) but is a more representative placeholder.
This commit is contained in:
Gilles Peskine 2018-04-30 12:07:56 +02:00
parent a668c60186
commit 3dae1cfa3a
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
programs/ssl/ssl_server2.c
View File

@ -963,11 +963,14 @@ static int ssl_async_start( mbedtls_ssl_context *ssl,
mbedtls_printf( "Async %s callback: looking for DN=%s\n", op_name, dn ); mbedtls_printf( "Async %s callback: looking for DN=%s\n", op_name, dn );
} }
/* Look for a private key that matches the public key in cert.
* Since this test code has the private key inside Mbed TLS,
* we call mbedtls_pk_check_pair to match a private key with the
* public key. */
for( slot = 0; slot < config_data->slots_used; slot++ ) for( slot = 0; slot < config_data->slots_used; slot++ )
{ {
if( memcmp( &config_data->slots[slot].cert->pk, if( mbedtls_pk_check_pair( &cert->pk,
&cert->pk, config_data->slots[slot].pk ) == 0 )
sizeof( cert->pk ) ) == 0 )
break; break;
} }
if( slot == config_data->slots_used ) if( slot == config_data->slots_used )