mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2025-01-23 06:41:15 +00:00
Add a check for multiple curve specification
This commit is contained in:
parent
80300ad0d9
commit
d4ec21dd47
|
@ -2676,12 +2676,25 @@ static int x509parse_key_sec1_der( ecp_keypair *eck,
|
||||||
if( ( ret = x509_get_ecparams( &p, p + len, &grp_id) ) != 0 )
|
if( ( ret = x509_get_ecparams( &p, p + len, &grp_id) ) != 0 )
|
||||||
return( ret );
|
return( ret );
|
||||||
|
|
||||||
/* TODO: grp may not be empty at this point,
|
/*
|
||||||
* if we're wrapped inside a PKCS#8 structure: check consistency */
|
* If we're wrapped in a bigger structure (eg PKCS#8), grp may have been
|
||||||
if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
|
* defined externally. In this case, make sure both definitions match.
|
||||||
|
*/
|
||||||
|
if( eck->grp.id != 0 )
|
||||||
{
|
{
|
||||||
ecp_keypair_free( eck );
|
if( eck->grp.id != grp_id )
|
||||||
return( ret );
|
{
|
||||||
|
ecp_keypair_free( eck );
|
||||||
|
return( POLARSSL_ERR_X509_KEY_INVALID_FORMAT + ret );
|
||||||
|
}
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
if( ( ret = ecp_use_known_dp( &eck->grp, grp_id ) ) != 0 )
|
||||||
|
{
|
||||||
|
ecp_keypair_free( eck );
|
||||||
|
return( ret );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
|
else if ( ret != POLARSSL_ERR_ASN1_UNEXPECTED_TAG )
|
||||||
|
|
Loading…
Reference in a new issue