mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 18:15:40 +01:00
Rm sig_params from various X509 structures
This commit is contained in:
Manuel Pégourié-Gonnard
parent
9113603b6b
commit
dddbb1d1eb
@ -95,7 +95,6 @@ typedef struct _x509_crl
|
||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||
x509_buf sig_params; /**< Parameters for the signature algorithm */
|
||||
#endif
|
||||
|
||||
struct _x509_crl *next;
|
||||
|
||||
@ -95,7 +95,6 @@ typedef struct _x509_crt
|
||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||
x509_buf sig_params; /**< Parameters for the signature algorithm */
|
||||
#endif
|
||||
|
||||
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
|
||||
|
||||
@ -69,7 +69,6 @@ typedef struct _x509_csr
|
||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||
x509_buf sig_params; /**< Parameters for the signature algorithm */
|
||||
#endif
|
||||
}
|
||||
x509_csr;
|
||||
|
||||
@ -256,14 +256,15 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||
size_t len;
|
||||
unsigned char *p, *end;
|
||||
x509_crl *crl;
|
||||
x509_buf sig_params;
|
||||
x509_buf sig_params1, sig_params2;
|
||||
|
||||
#if defined(POLARSSL_PEM_PARSE_C)
|
||||
size_t use_len;
|
||||
pem_context pem;
|
||||
#endif
|
||||
|
||||
memset( &sig_params, 0, sizeof( x509_buf ) );
|
||||
memset( &sig_params1, 0, sizeof( x509_buf ) );
|
||||
memset( &sig_params2, 0, sizeof( x509_buf ) );
|
||||
|
||||
crl = chain;
|
||||
|
||||
@ -383,7 +384,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||
* signature AlgorithmIdentifier
|
||||
*/
|
||||
if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
|
||||
( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params ) ) != 0 )
|
||||
( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params1 ) ) != 0 )
|
||||
{
|
||||
x509_crl_free( crl );
|
||||
return( ret );
|
||||
@ -397,7 +398,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
|
||||
}
|
||||
|
||||
if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params,
|
||||
if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params1,
|
||||
&crl->sig_md, &crl->sig_pk,
|
||||
&crl->sig_opts ) ) != 0 )
|
||||
{
|
||||
@ -405,10 +406,6 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) );
|
||||
#endif
|
||||
|
||||
/*
|
||||
* issuer Name
|
||||
*/
|
||||
@ -493,20 +490,16 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||
* signatureAlgorithm AlgorithmIdentifier,
|
||||
* signatureValue BIT STRING
|
||||
*/
|
||||
if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params ) ) != 0 )
|
||||
if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params2 ) ) != 0 )
|
||||
{
|
||||
x509_crl_free( crl );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( crl->sig_oid1.len != crl->sig_oid2.len ||
|
||||
memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
||
|
||||
crl->sig_params.len != sig_params.len ||
|
||||
memcmp( crl->sig_params.p, sig_params.p, sig_params.len ) != 0
|
||||
#endif
|
||||
)
|
||||
memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 ||
|
||||
sig_params1.len != sig_params2.len ||
|
||||
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0)
|
||||
{
|
||||
x509_crl_free( crl );
|
||||
return( POLARSSL_ERR_X509_SIG_MISMATCH );
|
||||
|
||||
@ -534,9 +534,10 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||
int ret;
|
||||
size_t len;
|
||||
unsigned char *p, *end, *crt_end;
|
||||
x509_buf sig_params;
|
||||
x509_buf sig_params1, sig_params2;
|
||||
|
||||
memset( &sig_params, 0, sizeof( x509_buf ) );
|
||||
memset( &sig_params1, 0, sizeof( x509_buf ) );
|
||||
memset( &sig_params2, 0, sizeof( x509_buf ) );
|
||||
|
||||
/*
|
||||
* Check for valid input
|
||||
@ -601,7 +602,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||
if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
|
||||
( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
|
||||
( ret = x509_get_alg( &p, end, &crt->sig_oid1,
|
||||
&sig_params ) ) != 0 )
|
||||
&sig_params1 ) ) != 0 )
|
||||
{
|
||||
x509_crt_free( crt );
|
||||
return( ret );
|
||||
@ -615,7 +616,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
|
||||
}
|
||||
|
||||
if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params,
|
||||
if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params1,
|
||||
&crt->sig_md, &crt->sig_pk,
|
||||
&crt->sig_opts ) ) != 0 )
|
||||
{
|
||||
@ -623,10 +624,6 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
|
||||
#endif
|
||||
|
||||
/*
|
||||
* issuer Name
|
||||
*/
|
||||
@ -747,20 +744,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||
* signatureAlgorithm AlgorithmIdentifier,
|
||||
* signatureValue BIT STRING
|
||||
*/
|
||||
if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params ) ) != 0 )
|
||||
if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params2 ) ) != 0 )
|
||||
{
|
||||
x509_crt_free( crt );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
if( crt->sig_oid1.len != crt->sig_oid2.len ||
|
||||
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
||
|
||||
crt->sig_params.len != sig_params.len ||
|
||||
memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0
|
||||
#endif
|
||||
)
|
||||
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ||
|
||||
sig_params1.len != sig_params2.len ||
|
||||
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0)
|
||||
{
|
||||
x509_crt_free( crt );
|
||||
return( POLARSSL_ERR_X509_SIG_MISMATCH );
|
||||
|
||||
@ -99,6 +99,8 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||
pem_context pem;
|
||||
#endif
|
||||
|
||||
memset( &sig_params, 0, sizeof( x509_buf ) );
|
||||
|
||||
/*
|
||||
* Check for valid input
|
||||
*/
|
||||
@ -262,10 +264,6 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
|
||||
}
|
||||
|
||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||
memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) );
|
||||
#endif
|
||||
|
||||
if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 )
|
||||
{
|
||||
x509_csr_free( csr );
|
||||
|
||||
Loading…
Reference in New Issue
Block a user