mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 09:15:35 +00:00
Remove frame/pk parameter from mbedtls_x509_crt_xxx_release()
This commit is contained in:
parent
7dbf49a518
commit
c6d1c3ed1c
|
@ -864,11 +864,8 @@ static inline int mbedtls_x509_crt_frame_acquire( mbedtls_x509_crt const *crt,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
static inline void mbedtls_x509_crt_frame_release(
|
||||
mbedtls_x509_crt const *crt,
|
||||
mbedtls_x509_crt_frame *frame )
|
||||
static inline void mbedtls_x509_crt_frame_release( mbedtls_x509_crt const *crt )
|
||||
{
|
||||
((void) frame);
|
||||
((void) crt);
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
|
@ -902,10 +899,8 @@ static inline int mbedtls_x509_crt_pk_acquire( mbedtls_x509_crt const *crt,
|
|||
return( 0 );
|
||||
}
|
||||
|
||||
static inline void mbedtls_x509_crt_pk_release( mbedtls_x509_crt const *crt,
|
||||
mbedtls_pk_context *pk )
|
||||
static inline void mbedtls_x509_crt_pk_release( mbedtls_x509_crt const *crt )
|
||||
{
|
||||
((void) pk);
|
||||
((void) crt);
|
||||
|
||||
#if defined(MBEDTLS_THREADING_C)
|
||||
|
|
|
@ -402,7 +402,7 @@ void mbedtls_debug_print_crt( const mbedtls_ssl_context *ssl, int level,
|
|||
return;
|
||||
}
|
||||
debug_print_pk( ssl, level, file, line, "crt->", pk );
|
||||
mbedtls_x509_crt_pk_release( crt, pk );
|
||||
mbedtls_x509_crt_pk_release( crt );
|
||||
|
||||
crt = crt->next;
|
||||
}
|
||||
|
|
|
@ -2378,7 +2378,7 @@ cleanup:
|
|||
/* We don't need the peer's public key anymore. Free it. */
|
||||
mbedtls_pk_free( peer_pk );
|
||||
#else
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert, peer_pk );
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert );
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
return( ret );
|
||||
|
@ -2509,7 +2509,7 @@ cleanup:
|
|||
* operations like ECDHE. */
|
||||
mbedtls_pk_free( peer_pk );
|
||||
#else
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert, peer_pk );
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert );
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
return( ret );
|
||||
|
@ -2837,8 +2837,7 @@ start_processing:
|
|||
mbedtls_ssl_send_alert_message( ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL,
|
||||
MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE );
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert,
|
||||
peer_pk );
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert );
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
return( MBEDTLS_ERR_SSL_PK_TYPE_MISMATCH );
|
||||
}
|
||||
|
@ -2862,8 +2861,7 @@ start_processing:
|
|||
ret = MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert,
|
||||
peer_pk );
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert );
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
return( ret );
|
||||
}
|
||||
|
@ -2874,8 +2872,7 @@ start_processing:
|
|||
* operations like ECDHE. */
|
||||
mbedtls_pk_free( peer_pk );
|
||||
#else
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert,
|
||||
peer_pk );
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert );
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
}
|
||||
#endif /* MBEDTLS_KEY_EXCHANGE__WITH_SERVER_SIGNATURE__ENABLED */
|
||||
|
|
|
@ -840,7 +840,7 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||
#endif
|
||||
|
||||
#if defined(MBEDTLS_SSL_ASYNC_PRIVATE)
|
||||
mbedtls_x509_crt_pk_release( cur->cert, pk );
|
||||
mbedtls_x509_crt_pk_release( cur->cert );
|
||||
#endif /* MBEDTLS_SSL_ASYNC_PRIVATE */
|
||||
|
||||
if( match == 0 )
|
||||
|
@ -879,7 +879,7 @@ static int ssl_pick_cert( mbedtls_ssl_context *ssl,
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
sig_md = frame->sig_md;
|
||||
mbedtls_x509_crt_frame_release( cur->cert, frame );
|
||||
mbedtls_x509_crt_frame_release( cur->cert );
|
||||
}
|
||||
|
||||
if( sig_md != MBEDTLS_MD_SHA1 )
|
||||
|
@ -3008,7 +3008,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
(size_t)( end - p ) < 2 + dn_size )
|
||||
{
|
||||
MBEDTLS_SSL_DEBUG_MSG( 1, ( "skipping CAs: buffer too short" ) );
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
break;
|
||||
}
|
||||
|
||||
|
@ -3021,7 +3021,7 @@ static int ssl_write_certificate_request( mbedtls_ssl_context *ssl )
|
|||
|
||||
total_dn_size += 2 + dn_size;
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
crt = crt->next;
|
||||
}
|
||||
|
@ -4407,8 +4407,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl )
|
|||
exit:
|
||||
|
||||
#if defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert,
|
||||
peer_pk );
|
||||
mbedtls_x509_crt_pk_release( ssl->session_negotiate->peer_cert );
|
||||
#endif /* MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
|
||||
|
||||
return( ret );
|
||||
|
|
|
@ -6513,7 +6513,7 @@ static int ssl_parse_certificate_verify( mbedtls_ssl_context *ssl,
|
|||
if( mbedtls_pk_can_do( pk, MBEDTLS_PK_ECKEY ) )
|
||||
ret = mbedtls_ssl_check_curve( ssl, mbedtls_pk_ec( *pk )->grp.id );
|
||||
|
||||
mbedtls_x509_crt_pk_release( chain, pk );
|
||||
mbedtls_x509_crt_pk_release( chain );
|
||||
|
||||
if( ret != 0 )
|
||||
{
|
||||
|
|
|
@ -260,7 +260,7 @@ int mbedtls_x509_crt_get_subject_alt_names( mbedtls_x509_crt const *crt,
|
|||
else
|
||||
ret = x509_crt_subject_alt_from_frame( frame, seq );
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
*subj_alt = seq;
|
||||
return( ret );
|
||||
|
@ -283,7 +283,7 @@ int mbedtls_x509_crt_get_ext_key_usage( mbedtls_x509_crt const *crt,
|
|||
else
|
||||
ret = x509_crt_ext_key_usage_from_frame( frame, seq );
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
*ext_key_usage = seq;
|
||||
return( ret );
|
||||
|
@ -306,7 +306,7 @@ int mbedtls_x509_crt_get_subject( mbedtls_x509_crt const *crt,
|
|||
else
|
||||
ret = x509_crt_subject_from_frame( frame, name );
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
*subject = name;
|
||||
return( ret );
|
||||
|
@ -329,7 +329,7 @@ int mbedtls_x509_crt_get_issuer( mbedtls_x509_crt const *crt,
|
|||
else
|
||||
ret = x509_crt_issuer_from_frame( frame, name );
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
*issuer = name;
|
||||
return( ret );
|
||||
|
@ -344,7 +344,7 @@ int mbedtls_x509_crt_get_frame( mbedtls_x509_crt const *crt,
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
*dst = *frame;
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -369,7 +369,7 @@ int mbedtls_x509_crt_get_pk( mbedtls_x509_crt const *crt,
|
|||
mbedtls_free( crt->cache->pk );
|
||||
crt->cache->pk = NULL;
|
||||
|
||||
mbedtls_x509_crt_pk_release( crt, pk );
|
||||
mbedtls_x509_crt_pk_release( crt );
|
||||
return( 0 );
|
||||
#endif /* MBEDTLS_X509_ON_DEMAND_PARSING */
|
||||
}
|
||||
|
@ -2379,13 +2379,12 @@ int mbedtls_x509_crt_check_key_usage( const mbedtls_x509_crt *crt,
|
|||
{
|
||||
int ret;
|
||||
mbedtls_x509_crt_frame *frame;
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt,
|
||||
(mbedtls_x509_crt_frame**) &frame );
|
||||
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_X509_FATAL_ERROR );
|
||||
|
||||
ret = x509_crt_check_key_usage_frame( frame, usage );
|
||||
mbedtls_x509_crt_frame_release( crt, (mbedtls_x509_crt_frame*) frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
return( ret );
|
||||
}
|
||||
|
@ -2453,7 +2452,7 @@ int mbedtls_x509_crt_check_extended_key_usage( const mbedtls_x509_crt *crt,
|
|||
ret = MBEDTLS_ERR_X509_BAD_INPUT_DATA;
|
||||
}
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
return( ret );
|
||||
}
|
||||
#endif /* MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE */
|
||||
|
@ -2496,7 +2495,7 @@ int mbedtls_x509_crt_is_revoked( const mbedtls_x509_crt *crt,
|
|||
ret = x509_serial_is_revoked( frame->serial.p,
|
||||
frame->serial.len,
|
||||
crl );
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
@ -2536,7 +2535,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial,
|
|||
can_sign = 1;
|
||||
}
|
||||
|
||||
mbedtls_x509_crt_frame_release( ca_crt, ca );
|
||||
mbedtls_x509_crt_frame_release( ca_crt );
|
||||
}
|
||||
|
||||
ret = mbedtls_x509_crt_pk_acquire( ca_crt, &pk );
|
||||
|
@ -2614,7 +2613,7 @@ static int x509_crt_verifycrl( unsigned char *crt_serial,
|
|||
crl_list = crl_list->next;
|
||||
}
|
||||
|
||||
mbedtls_x509_crt_pk_release( ca_crt, pk );
|
||||
mbedtls_x509_crt_pk_release( ca_crt );
|
||||
return( flags );
|
||||
}
|
||||
#endif /* MBEDTLS_X509_CRL_PARSE_C */
|
||||
|
@ -2663,7 +2662,7 @@ static int x509_crt_check_signature( const mbedtls_x509_crt_sig_info *sig_info,
|
|||
}
|
||||
|
||||
exit:
|
||||
mbedtls_x509_crt_pk_release( parent, pk );
|
||||
mbedtls_x509_crt_pk_release( parent );
|
||||
return( ret );
|
||||
}
|
||||
|
||||
|
@ -2823,7 +2822,7 @@ check_signature:
|
|||
path_len_ok = 1;
|
||||
}
|
||||
|
||||
mbedtls_x509_crt_frame_release( parent_crt, parent );
|
||||
mbedtls_x509_crt_frame_release( parent_crt );
|
||||
}
|
||||
|
||||
if( parent_match == 0 || path_len_ok == 0 )
|
||||
|
@ -3107,7 +3106,7 @@ find_parent:
|
|||
/* Stop here for trusted roots (but not for trusted EE certs) */
|
||||
if( child_is_trusted )
|
||||
{
|
||||
mbedtls_x509_crt_frame_release( child_crt, child );
|
||||
mbedtls_x509_crt_frame_release( child_crt );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -3130,7 +3129,7 @@ find_parent:
|
|||
if( ver_chain->len == 1 && self_issued &&
|
||||
x509_crt_check_ee_locally_trusted( child, trust_ca ) == 0 )
|
||||
{
|
||||
mbedtls_x509_crt_frame_release( child_crt, child );
|
||||
mbedtls_x509_crt_frame_release( child_crt );
|
||||
return( 0 );
|
||||
}
|
||||
|
||||
|
@ -3139,7 +3138,7 @@ find_parent:
|
|||
#endif /* MBEDTLS_X509_CRL_PARSE_C */
|
||||
|
||||
ret = x509_crt_get_sig_info( child, &child_sig );
|
||||
mbedtls_x509_crt_frame_release( child_crt, child );
|
||||
mbedtls_x509_crt_frame_release( child_crt );
|
||||
|
||||
if( ret != 0 )
|
||||
return( MBEDTLS_ERR_X509_FATAL_ERROR );
|
||||
|
@ -3203,7 +3202,7 @@ find_parent:
|
|||
if( x509_profile_check_key( profile, parent_pk ) != 0 )
|
||||
*flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||
|
||||
mbedtls_x509_crt_pk_release( parent_crt, parent_pk );
|
||||
mbedtls_x509_crt_pk_release( parent_crt );
|
||||
}
|
||||
|
||||
#if defined(MBEDTLS_X509_CRL_PARSE_C)
|
||||
|
@ -3321,7 +3320,7 @@ static int x509_crt_verify_name( const mbedtls_x509_crt *crt,
|
|||
x509_crt_check_name, (void*) cn );
|
||||
}
|
||||
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
/* x509_crt_check_name() and x509_crt_subject_alt_check_name()
|
||||
* return 1 when finding a name component matching `cn`. */
|
||||
|
@ -3452,7 +3451,7 @@ int mbedtls_x509_crt_verify_restartable( mbedtls_x509_crt *crt,
|
|||
if( x509_profile_check_key( profile, pk ) != 0 )
|
||||
ee_flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||
|
||||
mbedtls_x509_crt_pk_release( crt, pk );
|
||||
mbedtls_x509_crt_pk_release( crt );
|
||||
}
|
||||
|
||||
/* Check the chain */
|
||||
|
|
|
@ -1099,7 +1099,7 @@ static int ssl_async_start( mbedtls_ssl_context *ssl,
|
|||
if( ret != 0 )
|
||||
return( ret );
|
||||
match = mbedtls_pk_check_pair( pk, config_data->slots[slot].pk );
|
||||
mbedtls_x509_crt_pk_release( cert, pk );
|
||||
mbedtls_x509_crt_pk_release( cert );
|
||||
if( match == 0 )
|
||||
break;
|
||||
}
|
||||
|
|
|
@ -179,7 +179,7 @@ int verify_print( void *data, mbedtls_x509_crt *crt, int certificate_depth, uint
|
|||
cleanup:
|
||||
|
||||
mbedtls_x509_name_free( subject );
|
||||
mbedtls_x509_crt_frame_release( crt, frame );
|
||||
mbedtls_x509_crt_frame_release( crt );
|
||||
|
||||
if( ret < 0 )
|
||||
return( ret );
|
||||
|
|
Loading…
Reference in a new issue