Merge remote-tracking branch 'origin/pr/649' into baremetal

2025-06-19 10:48:01 +00:00 · 2019-09-07 12:46:12 +01:00 · 2019-09-07 12:46:12 +01:00 · d82db9d48c
parent d91adcf7f5 c3e5716aaf
commit d82db9d48c
6 changed files with 134 additions and 124 deletions
--- a/include/mbedtls/cipher.h
+++ b/include/mbedtls/cipher.h
@ -283,17 +283,17 @@ typedef struct mbedtls_cipher_info_t
 */
 typedef struct mbedtls_cipher_context_t
 {
    /** Operation that the key of the context has been
     * initialized for.
     */
    mbedtls_operation_t operation;
    /** Information about the associated cipher. */
    const mbedtls_cipher_info_t *cipher_info;
    /** Key length to use. */
    int key_bitlen;
    /** Operation that the key of the context has been
     * initialized for.
     */
    mbedtls_operation_t operation;
 #if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
    /** Padding functions to use, if relevant for
     * the specific cipher mode.
@ -302,16 +302,9 @@ typedef struct mbedtls_cipher_context_t
    int (*get_padding)( unsigned char *input, size_t ilen, size_t *data_len );
 #endif
    /** Buffer for input that has not been processed yet. */
    unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
    /** Number of Bytes that have not been processed yet. */
    size_t unprocessed_len;
    /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number
     * for XTS-mode. */
    unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
    /** IV size in Bytes, for ciphers with variable-length IVs. */
    size_t iv_size;
@ -322,6 +315,13 @@ typedef struct mbedtls_cipher_context_t
    /** CMAC-specific context. */
    mbedtls_cmac_context_t *cmac_ctx;
 #endif
    /** Buffer for input that has not been processed yet. */
    unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
    /** Current IV or NONCE_COUNTER for CTR-mode, data unit (or sector) number
     * for XTS-mode. */
    unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
 } mbedtls_cipher_context_t;
 /**
--- a/include/mbedtls/ssl.h
+++ b/include/mbedtls/ssl.h
@ -1249,10 +1249,26 @@ struct mbedtls_ssl_config
 struct mbedtls_ssl_context
 {
-    const mbedtls_ssl_config *conf; /*!< configuration information          */
+#if defined(MBEDTLS_SSL_PROTO_DTLS)
    uint8_t disable_datagram_packing;  /*!< Disable packing multiple records
                                        *   within a single datagram.  */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    /* CID configuration to use in subsequent handshakes. */
    uint8_t own_cid_len;   /*!< The length of \c own_cid. */
    uint8_t negotiate_cid; /*!< This indicates whether the CID extension should
                            *   be negotiated in the next handshake or not.
                            *   Possible values are #MBEDTLS_SSL_CID_ENABLED
                            *   and #MBEDTLS_SSL_CID_DISABLED. */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    unsigned char pending_fatal_alert_msg; /*!< Type of a fatal alert
                                            *   pending to be delivered.    */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    uint16_t in_epoch;          /*!< DTLS epoch for incoming records  */
    uint16_t mtu;               /*!< path mtu, used to fragment outgoing messages */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
    const mbedtls_ssl_config *conf; /*!< configuration information          */
    /*
     * Miscellaneous
@ -1340,14 +1356,9 @@ struct mbedtls_ssl_context
    size_t in_msglen;           /*!< record header: message length    */
    size_t in_left;             /*!< amount of data read so far       */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    uint16_t in_epoch;          /*!< DTLS epoch for incoming records  */
    size_t next_record_offset;  /*!< offset of the next record in datagram
                                     (equal to in_left if none)       */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
    uint64_t in_window_top;     /*!< last validated record seq_num    */
    uint64_t in_window;         /*!< bitmask for replay detection     */
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
    size_t in_hslen;            /*!< current handshake message length,
                                     including the handshake header   */
@ -1356,11 +1367,6 @@ struct mbedtls_ssl_context
    int keep_current_message;   /*!< drop or reuse current message
                                     on next call to record layer? */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    uint8_t disable_datagram_packing;  /*!< Disable packing multiple records
                                        *   within a single datagram.  */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
    /*
     * Record layer (outgoing data)
     */
@ -1379,12 +1385,6 @@ struct mbedtls_ssl_context
    size_t out_msglen;          /*!< record header: message length    */
    size_t out_left;            /*!< amount of data not yet written   */
    unsigned char cur_out_ctr[8]; /*!<  Outgoing record sequence  number. */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    uint16_t mtu;               /*!< path mtu, used to fragment outgoing messages */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_ZLIB_SUPPORT)
    unsigned char *compress_buf;        /*!<  zlib data buffer        */
 #endif /* MBEDTLS_ZLIB_SUPPORT */
@ -1429,6 +1429,13 @@ struct mbedtls_ssl_context
    char peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]; /*!<  previous handshake verify data */
 #endif /* MBEDTLS_SSL_RENEGOTIATION */
    unsigned char cur_out_ctr[8]; /*!<  Outgoing record sequence  number. */
 #if defined(MBEDTLS_SSL_DTLS_ANTI_REPLAY)
    uint64_t in_window_top;     /*!< last validated record seq_num    */
    uint64_t in_window;         /*!< bitmask for replay detection     */
 #endif /* MBEDTLS_SSL_DTLS_ANTI_REPLAY */
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    /* CID configuration to use in subsequent handshakes. */
@ -1437,11 +1444,6 @@ struct mbedtls_ssl_context
     *  CID currently used in case the user has re-configured the CID
     *  after an initial handshake. */
    unsigned char own_cid[ MBEDTLS_SSL_CID_IN_LEN_MAX ];
    uint8_t own_cid_len;   /*!< The length of \c own_cid. */
    uint8_t negotiate_cid; /*!< This indicates whether the CID extension should
                            *   be negotiated in the next handshake or not.
                            *   Possible values are #MBEDTLS_SSL_CID_ENABLED
                            *   and #MBEDTLS_SSL_CID_DISABLED. */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 };
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@ -385,17 +385,28 @@ struct mbedtls_ssl_handshake_params
    /*
     * Handshake specific crypto variables
     */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    unsigned char verify_cookie_len;    /*!<  Cli: cookie length
                                              Srv: flag for sending a cookie */
    unsigned char retransmit_state;     /*!<  Retransmission state           */
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    /* The state of CID configuration in this handshake. */
    uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
                         *   has been negotiated. Possible values are
                         *   #MBEDTLS_SSL_CID_ENABLED and
                         *   #MBEDTLS_SSL_CID_DISABLED. */
    uint8_t peer_cid_len;                                  /*!< The length of
                                                            *   \c peer_cid.  */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    uint16_t mtu;                       /*!<  Handshake mtu, used to fragment outgoing messages */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2) && \
    defined(MBEDTLS_KEY_EXCHANGE__WITH_CERT__ENABLED)
    mbedtls_ssl_sig_hash_set_t hash_algs;             /*!<  Set of suitable sig-hash pairs */
 #endif
 #if defined(MBEDTLS_DHM_C)
    mbedtls_dhm_context dhm_ctx;                /*!<  DHM key exchange        */
 #endif
 #if defined(MBEDTLS_ECDH_C)
    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
 #endif
 #if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
    mbedtls_ecjpake_context ecjpake_ctx;        /*!< EC J-PAKE key exchange */
 #if defined(MBEDTLS_SSL_CLI_C)
@ -409,12 +420,20 @@ struct mbedtls_ssl_handshake_params
    defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
    uint16_t curve_tls_id;                      /*!< TLS ID of EC for ECDHE. */
 #endif
    size_t pmslen;                      /*!<  premaster length        */
    int cli_exts;                       /*!< client extension presence*/
 #if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
    unsigned char *psk;                 /*!<  PSK from the callback         */
    size_t psk_len;                     /*!<  Length of PSK from callback   */
 #endif
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
    mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
 #if !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
    mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
 #endif /* !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
    int sni_authmode;                   /*!< authmode from SNI callback     */
    mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
@ -433,21 +452,13 @@ struct mbedtls_ssl_handshake_params
    } ecrs_state;                       /*!< current (or last) operation    */
    mbedtls_x509_crt *ecrs_peer_cert;   /*!< The peer's CRT chain.          */
 #endif
 #if defined(MBEDTLS_X509_CRT_PARSE_C) && \
    !defined(MBEDTLS_SSL_KEEP_PEER_CERTIFICATE)
    mbedtls_pk_context peer_pubkey;     /*!< The public key from the peer.  */
 #endif /* MBEDTLS_X509_CRT_PARSE_C && !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE */
 #if defined(MBEDTLS_SSL_PROTO_DTLS)
    unsigned int out_msg_seq;           /*!<  Outgoing handshake sequence number */
    unsigned int in_msg_seq;            /*!<  Incoming handshake sequence number */
    unsigned char *verify_cookie;       /*!<  Cli: HelloVerifyRequest cookie
                                              Srv: unused                    */
    unsigned char verify_cookie_len;    /*!<  Cli: cookie length
                                              Srv: flag for sending a cookie */
    uint32_t retransmit_timeout;        /*!<  Current value of timeout       */
    unsigned char retransmit_state;     /*!<  Retransmission state           */
    mbedtls_ssl_flight_item *flight;    /*!<  Current outgoing flight        */
    mbedtls_ssl_flight_item *cur_msg;   /*!<  Current message in flight      */
    unsigned char *cur_msg_p;           /*!<  Position in current message    */
@ -457,26 +468,20 @@ struct mbedtls_ssl_handshake_params
                                              resending messages             */
    unsigned char alt_out_ctr[8];       /*!<  Alternative record epoch/counter
                                              for resending messages         */
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    /* The state of CID configuration in this handshake. */
    uint8_t cid_in_use; /*!< This indicates whether the use of the CID extension
                         *   has been negotiated. Possible values are
                         *   #MBEDTLS_SSL_CID_ENABLED and
                         *   #MBEDTLS_SSL_CID_DISABLED. */
    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
    uint8_t peer_cid_len;                                  /*!< The length of
                                                            *   \c peer_cid.  */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    struct
    {
        uint8_t seen_ccs;               /*!< Indicates if a CCS message has
                                         *   been seen in the current flight. */
        size_t total_bytes_buffered;    /*!< Cumulative size of heap allocated
                                         *   buffers used for message buffering. */
-        uint8_t seen_ccs;               /*!< Indicates if a CCS message has
+        struct
-                                         *   been seen in the current flight. */
+        {
            unsigned char *data;
            size_t len;
            unsigned epoch;
        } future_record;
        struct mbedtls_ssl_hs_buffer
        {
@ -486,46 +491,20 @@ struct mbedtls_ssl_handshake_params
            unsigned char *data;
            size_t data_len;
        } hs[MBEDTLS_SSL_MAX_BUFFERED_HS];
        struct
        {
            unsigned char *data;
            size_t len;
            unsigned epoch;
        } future_record;
    } buffering;
-
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-    uint16_t mtu;                       /*!<  Handshake mtu, used to fragment outgoing messages */
+    /* The state of CID configuration in this handshake. */
    unsigned char peer_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ]; /*! The peer's CID */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 #endif /* MBEDTLS_SSL_PROTO_DTLS */
-
+    unsigned char randbytes[64];        /*!<  random bytes            */
-    /*
+    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
-     * Checksum contexts
+                                        /*!<  premaster secret        */
     */
 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
    defined(MBEDTLS_SSL_PROTO_TLS1_1)
       mbedtls_md5_context fin_md5;
      mbedtls_sha1_context fin_sha1;
 #endif
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #if defined(MBEDTLS_SHA256_C)
    mbedtls_sha256_context fin_sha256;
 #endif
 #if defined(MBEDTLS_SHA512_C)
    mbedtls_sha512_context fin_sha512;
 #endif
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 #if !defined(MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE)
    mbedtls_ssl_ciphersuite_handle_t ciphersuite_info;
 #endif /* !MBEDTLS_SSL_CONF_SINGLE_CIPHERSUITE */
    size_t pmslen;                      /*!<  premaster length        */
    unsigned char randbytes[64];        /*!<  random bytes            */
    unsigned char premaster[MBEDTLS_PREMASTER_SIZE];
                                        /*!<  premaster secret        */
 #if !defined(MBEDTLS_SSL_NO_SESSION_RESUMPTION)
    int resume;                         /*!<  session resume indicator*/
 #endif /* !MBEDTLS_SSL_NO_SESSION_RESUMPTION */
@ -537,7 +516,6 @@ struct mbedtls_ssl_handshake_params
    int max_minor_ver;                  /*!< max. minor version client*/
 #endif /* MBEDTLS_SSL_SRV_C && ( MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ||
                                 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED ) */
    int cli_exts;                       /*!< client extension presence*/
 #if defined(MBEDTLS_SSL_SESSION_TICKETS)
    int new_session_ticket;             /*!< use NewSessionTicket?    */
@ -564,6 +542,30 @@ struct mbedtls_ssl_handshake_params
    uint8_t ecdh_privkey[NUM_ECC_BYTES];
    uint8_t ecdh_peerkey[2*NUM_ECC_BYTES];
 #endif /* MBEDTLS_USE_TINYCRYPT */
    /*
     * Checksum contexts
     */
 #if defined(MBEDTLS_SSL_PROTO_SSL3) || defined(MBEDTLS_SSL_PROTO_TLS1) || \
    defined(MBEDTLS_SSL_PROTO_TLS1_1)
       mbedtls_md5_context fin_md5;
      mbedtls_sha1_context fin_sha1;
 #endif
 #if defined(MBEDTLS_SSL_PROTO_TLS1_2)
 #if defined(MBEDTLS_SHA256_C)
    mbedtls_sha256_context fin_sha256;
 #endif
 #if defined(MBEDTLS_SHA512_C)
    mbedtls_sha512_context fin_sha512;
 #endif
 #endif /* MBEDTLS_SSL_PROTO_TLS1_2 */
 #if defined(MBEDTLS_DHM_C)
    mbedtls_dhm_context dhm_ctx;                /*!<  DHM key exchange        */
 #endif
 #if defined(MBEDTLS_ECDH_C)
    mbedtls_ecdh_context ecdh_ctx;              /*!<  ECDH key exchange       */
 #endif
 };
 /*
@ -698,6 +700,10 @@ typedef struct mbedtls_ssl_hs_buffer mbedtls_ssl_hs_buffer;
 */
 struct mbedtls_ssl_transform
 {
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    uint8_t in_cid_len;
    uint8_t out_cid_len;
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
    /*
     * Session specific crypto layer
     */
@ -726,16 +732,11 @@ struct mbedtls_ssl_transform
 #endif /* MBEDTLS_SSL_SOME_MODES_USE_MAC */
    mbedtls_cipher_context_t cipher_ctx_enc;    /*!<  encryption context      */
    mbedtls_cipher_context_t cipher_ctx_dec;    /*!<  decryption context      */
 #if !defined(MBEDTLS_SSL_CONF_FIXED_MINOR_VER)
    int minor_ver;
 #endif
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    uint8_t in_cid_len;
    uint8_t out_cid_len;
    unsigned char in_cid [ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
    unsigned char out_cid[ MBEDTLS_SSL_CID_OUT_LEN_MAX ];
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
@ -748,6 +749,9 @@ struct mbedtls_ssl_transform
    z_stream ctx_inflate;               /*!<  decompression context   */
 #endif
    mbedtls_cipher_context_t cipher_ctx_enc;    /*!<  encryption context      */
    mbedtls_cipher_context_t cipher_ctx_dec;    /*!<  decryption context      */
 #if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
    /* We need the Hello random bytes in order to re-derive keys from the
     * Master Secret and other session info, see ssl_populate_transform() */
@ -808,14 +812,9 @@ static inline int mbedtls_ssl_transform_uses_aead(
 typedef struct
 {
-    uint8_t ctr[8];         /* In TLS:  The implicit record sequence number.
+#if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
-                             * In DTLS: The 2-byte epoch followed by
+    uint8_t cid_len;        /* Length of the CID (0 if not present)          */
-                             *          the 6-byte sequence number.
+#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
                             * This is stored as a raw big endian byte array
                             * as opposed to a uint64_t because we rarely
                             * need to perform arithmetic on this, but do
                             * need it as a Byte array for the purpose of
                             * MAC computations.                             */
    uint8_t type;           /* The record content type.                      */
    uint8_t ver[2];         /* SSL/TLS version as present on the wire.
                             * Convert to internal presentation of versions
@ -827,9 +826,15 @@ typedef struct
    size_t buf_len;         /* Buffer length                                 */
    size_t data_offset;     /* Offset of record content                      */
    size_t data_len;        /* Length of record content                      */
-
+    uint8_t ctr[8];         /* In TLS:  The implicit record sequence number.
                             * In DTLS: The 2-byte epoch followed by
                             *          the 6-byte sequence number.
                             * This is stored as a raw big endian byte array
                             * as opposed to a uint64_t because we rarely
                             * need to perform arithmetic on this, but do
                             * need it as a Byte array for the purpose of
                             * MAC computations.                             */
 #if defined(MBEDTLS_SSL_DTLS_CONNECTION_ID)
    uint8_t cid_len;        /* Length of the CID (0 if not present)          */
    unsigned char cid[ MBEDTLS_SSL_CID_LEN_MAX ]; /* The CID                 */
 #endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
 } mbedtls_record;
--- a/include/mbedtls/ssl_ticket.h
+++ b/include/mbedtls/ssl_ticket.h
@ -63,15 +63,15 @@ mbedtls_ssl_ticket_key;
 */
 typedef struct mbedtls_ssl_ticket_context
 {
    mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
    unsigned char active;           /*!< index of the currently active key  */
    uint32_t ticket_lifetime;       /*!< lifetime of tickets in seconds     */
    /** Callback for getting (pseudo-)random numbers                        */
    int  (*f_rng)(void *, unsigned char *, size_t);
    void *p_rng;                    /*!< context for the RNG function       */
    mbedtls_ssl_ticket_key keys[2]; /*!< ticket protection keys             */
 #if defined(MBEDTLS_THREADING_C)
    mbedtls_threading_mutex_t mutex;
 #endif
--- a/include/mbedtls/x509_crl.h
+++ b/include/mbedtls/x509_crl.h
@ -69,13 +69,21 @@ mbedtls_x509_crl_entry;
 */
 typedef struct mbedtls_x509_crl
 {
    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
    int version;            /**< CRL version (1=v1, 2=v2) */
    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
    struct mbedtls_x509_crl *next;
    mbedtls_x509_buf_raw issuer_raw;           /**< The raw issuer data (DER). */
    mbedtls_x509_buf raw;           /**< The raw certificate data (DER). */
    mbedtls_x509_buf tbs;           /**< The raw certificate body (DER). The part that is To Be Signed. */
    int version;            /**< CRL version (1=v1, 2=v2) */
    mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */
-    mbedtls_x509_buf_raw issuer_raw;           /**< The raw issuer data (DER). */
+    mbedtls_x509_buf sig_oid;       /**< CRL signature type identifier */
    mbedtls_x509_name issuer;       /**< The parsed issuer data (named information object). */
@ -88,11 +96,6 @@ typedef struct mbedtls_x509_crl
    mbedtls_x509_buf sig_oid2;
    mbedtls_x509_buf sig;
    mbedtls_md_type_t sig_md;           /**< Internal representation of the MD algorithm of the signature algorithm, e.g. MBEDTLS_MD_SHA256 */
    mbedtls_pk_type_t sig_pk;           /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. MBEDTLS_PK_RSA */
    void *sig_opts;             /**< Signature options to be passed to mbedtls_pk_verify_ext(), e.g. for RSASSA-PSS */
    struct mbedtls_x509_crl *next;
 }
 mbedtls_x509_crl;
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@ -2070,10 +2070,10 @@ typedef struct mbedtls_x509_crt_sig_info
    mbedtls_md_type_t sig_md;
    mbedtls_pk_type_t sig_pk;
    void *sig_opts;
    uint8_t crt_hash[MBEDTLS_MD_MAX_SIZE];
    size_t crt_hash_len;
    mbedtls_x509_buf_raw sig;
    mbedtls_x509_buf_raw issuer_raw;
    uint8_t crt_hash[MBEDTLS_MD_MAX_SIZE];
 } mbedtls_x509_crt_sig_info;
 static void x509_crt_free_sig_info( mbedtls_x509_crt_sig_info *info )