mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 00:05:36 +01:00
ssl: call signature verification twice for non-restartable operations
Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
parent
2544cd3582
commit
6c30be8e4b
@ -3100,6 +3100,11 @@ static int ssl_in_server_key_exchange_parse( mbedtls_ssl_context *ssl,
|
|||||||
{
|
{
|
||||||
mbedtls_platform_random_delay();
|
mbedtls_platform_random_delay();
|
||||||
|
|
||||||
|
if( rs_ctx == NULL )
|
||||||
|
{
|
||||||
|
ret = mbedtls_pk_verify_restartable( peer_pk,
|
||||||
|
md_alg, hash, hashlen, p, sig_len, rs_ctx );
|
||||||
|
}
|
||||||
if( ret == 0 )
|
if( ret == 0 )
|
||||||
{
|
{
|
||||||
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
#if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||||
|
@ -4643,13 +4643,16 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||||||
}
|
}
|
||||||
|
|
||||||
ret = mbedtls_pk_verify( peer_pk,
|
ret = mbedtls_pk_verify( peer_pk,
|
||||||
md_alg, hash_start, hashlen,
|
md_alg, hash_start, hashlen,
|
||||||
ssl->in_msg + i, sig_len );
|
ssl->in_msg + i, sig_len );
|
||||||
|
|
||||||
if( ret == 0 )
|
if( ret == 0 )
|
||||||
{
|
{
|
||||||
mbedtls_platform_random_delay();
|
mbedtls_platform_random_delay();
|
||||||
|
|
||||||
|
ret = mbedtls_pk_verify( peer_pk,
|
||||||
|
md_alg, hash_start, hashlen,
|
||||||
|
ssl->in_msg + i, sig_len );
|
||||||
if( ret == 0 )
|
if( ret == 0 )
|
||||||
{
|
{
|
||||||
mbedtls_ssl_update_handshake_status( ssl );
|
mbedtls_ssl_update_handshake_status( ssl );
|
||||||
|
Loading…
Reference in New Issue
Block a user