mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 09:25:38 +00:00
Rm sig_params from various X509 structures
This commit is contained in:
parent
9113603b6b
commit
dddbb1d1eb
|
@ -95,7 +95,6 @@ typedef struct _x509_crl
|
||||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||||
x509_buf sig_params; /**< Parameters for the signature algorithm */
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
struct _x509_crl *next;
|
struct _x509_crl *next;
|
||||||
|
|
|
@ -95,7 +95,6 @@ typedef struct _x509_crt
|
||||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||||
x509_buf sig_params; /**< Parameters for the signature algorithm */
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
|
struct _x509_crt *next; /**< Next certificate in the CA-chain. */
|
||||||
|
|
|
@ -69,7 +69,6 @@ typedef struct _x509_csr
|
||||||
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
pk_type_t sig_pk; /**< Internal representation of the Public Key algorithm of the signature algorithm, e.g. POLARSSL_PK_RSA */
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
||||||
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
void *sig_opts; /**< Signature options to be passed to pk_verify_ext(), eg for RSASSA-PSS */
|
||||||
x509_buf sig_params; /**< Parameters for the signature algorithm */
|
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
x509_csr;
|
x509_csr;
|
||||||
|
|
|
@ -256,14 +256,15 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
size_t len;
|
size_t len;
|
||||||
unsigned char *p, *end;
|
unsigned char *p, *end;
|
||||||
x509_crl *crl;
|
x509_crl *crl;
|
||||||
x509_buf sig_params;
|
x509_buf sig_params1, sig_params2;
|
||||||
|
|
||||||
#if defined(POLARSSL_PEM_PARSE_C)
|
#if defined(POLARSSL_PEM_PARSE_C)
|
||||||
size_t use_len;
|
size_t use_len;
|
||||||
pem_context pem;
|
pem_context pem;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
memset( &sig_params, 0, sizeof( x509_buf ) );
|
memset( &sig_params1, 0, sizeof( x509_buf ) );
|
||||||
|
memset( &sig_params2, 0, sizeof( x509_buf ) );
|
||||||
|
|
||||||
crl = chain;
|
crl = chain;
|
||||||
|
|
||||||
|
@ -383,7 +384,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
* signature AlgorithmIdentifier
|
* signature AlgorithmIdentifier
|
||||||
*/
|
*/
|
||||||
if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
|
if( ( ret = x509_crl_get_version( &p, end, &crl->version ) ) != 0 ||
|
||||||
( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params ) ) != 0 )
|
( ret = x509_get_alg( &p, end, &crl->sig_oid1, &sig_params1 ) ) != 0 )
|
||||||
{
|
{
|
||||||
x509_crl_free( crl );
|
x509_crl_free( crl );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -397,7 +398,7 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
|
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params,
|
if( ( ret = x509_get_sig_alg( &crl->sig_oid1, &sig_params1,
|
||||||
&crl->sig_md, &crl->sig_pk,
|
&crl->sig_md, &crl->sig_pk,
|
||||||
&crl->sig_opts ) ) != 0 )
|
&crl->sig_opts ) ) != 0 )
|
||||||
{
|
{
|
||||||
|
@ -405,10 +406,6 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
|
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
memcpy( &crl->sig_params, &sig_params, sizeof( x509_buf ) );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* issuer Name
|
* issuer Name
|
||||||
*/
|
*/
|
||||||
|
@ -493,20 +490,16 @@ int x509_crl_parse( x509_crl *chain, const unsigned char *buf, size_t buflen )
|
||||||
* signatureAlgorithm AlgorithmIdentifier,
|
* signatureAlgorithm AlgorithmIdentifier,
|
||||||
* signatureValue BIT STRING
|
* signatureValue BIT STRING
|
||||||
*/
|
*/
|
||||||
if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params ) ) != 0 )
|
if( ( ret = x509_get_alg( &p, end, &crl->sig_oid2, &sig_params2 ) ) != 0 )
|
||||||
{
|
{
|
||||||
x509_crl_free( crl );
|
x509_crl_free( crl );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( crl->sig_oid1.len != crl->sig_oid2.len ||
|
if( crl->sig_oid1.len != crl->sig_oid2.len ||
|
||||||
memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0
|
memcmp( crl->sig_oid1.p, crl->sig_oid2.p, crl->sig_oid1.len ) != 0 ||
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
sig_params1.len != sig_params2.len ||
|
||||||
||
|
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0)
|
||||||
crl->sig_params.len != sig_params.len ||
|
|
||||||
memcmp( crl->sig_params.p, sig_params.p, sig_params.len ) != 0
|
|
||||||
#endif
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
x509_crl_free( crl );
|
x509_crl_free( crl );
|
||||||
return( POLARSSL_ERR_X509_SIG_MISMATCH );
|
return( POLARSSL_ERR_X509_SIG_MISMATCH );
|
||||||
|
|
|
@ -534,9 +534,10 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||||
int ret;
|
int ret;
|
||||||
size_t len;
|
size_t len;
|
||||||
unsigned char *p, *end, *crt_end;
|
unsigned char *p, *end, *crt_end;
|
||||||
x509_buf sig_params;
|
x509_buf sig_params1, sig_params2;
|
||||||
|
|
||||||
memset( &sig_params, 0, sizeof( x509_buf ) );
|
memset( &sig_params1, 0, sizeof( x509_buf ) );
|
||||||
|
memset( &sig_params2, 0, sizeof( x509_buf ) );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check for valid input
|
* Check for valid input
|
||||||
|
@ -601,7 +602,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||||
if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
|
if( ( ret = x509_get_version( &p, end, &crt->version ) ) != 0 ||
|
||||||
( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
|
( ret = x509_get_serial( &p, end, &crt->serial ) ) != 0 ||
|
||||||
( ret = x509_get_alg( &p, end, &crt->sig_oid1,
|
( ret = x509_get_alg( &p, end, &crt->sig_oid1,
|
||||||
&sig_params ) ) != 0 )
|
&sig_params1 ) ) != 0 )
|
||||||
{
|
{
|
||||||
x509_crt_free( crt );
|
x509_crt_free( crt );
|
||||||
return( ret );
|
return( ret );
|
||||||
|
@ -615,7 +616,7 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
|
return( POLARSSL_ERR_X509_UNKNOWN_VERSION );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params,
|
if( ( ret = x509_get_sig_alg( &crt->sig_oid1, &sig_params1,
|
||||||
&crt->sig_md, &crt->sig_pk,
|
&crt->sig_md, &crt->sig_pk,
|
||||||
&crt->sig_opts ) ) != 0 )
|
&crt->sig_opts ) ) != 0 )
|
||||||
{
|
{
|
||||||
|
@ -623,10 +624,6 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
memcpy( &crt->sig_params, &sig_params, sizeof( x509_buf ) );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* issuer Name
|
* issuer Name
|
||||||
*/
|
*/
|
||||||
|
@ -747,20 +744,16 @@ static int x509_crt_parse_der_core( x509_crt *crt, const unsigned char *buf,
|
||||||
* signatureAlgorithm AlgorithmIdentifier,
|
* signatureAlgorithm AlgorithmIdentifier,
|
||||||
* signatureValue BIT STRING
|
* signatureValue BIT STRING
|
||||||
*/
|
*/
|
||||||
if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params ) ) != 0 )
|
if( ( ret = x509_get_alg( &p, end, &crt->sig_oid2, &sig_params2 ) ) != 0 )
|
||||||
{
|
{
|
||||||
x509_crt_free( crt );
|
x509_crt_free( crt );
|
||||||
return( ret );
|
return( ret );
|
||||||
}
|
}
|
||||||
|
|
||||||
if( crt->sig_oid1.len != crt->sig_oid2.len ||
|
if( crt->sig_oid1.len != crt->sig_oid2.len ||
|
||||||
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0
|
memcmp( crt->sig_oid1.p, crt->sig_oid2.p, crt->sig_oid1.len ) != 0 ||
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
sig_params1.len != sig_params2.len ||
|
||||||
||
|
memcmp( sig_params1.p, sig_params2.p, sig_params1.len ) != 0)
|
||||||
crt->sig_params.len != sig_params.len ||
|
|
||||||
memcmp( crt->sig_params.p, sig_params.p, sig_params.len ) != 0
|
|
||||||
#endif
|
|
||||||
)
|
|
||||||
{
|
{
|
||||||
x509_crt_free( crt );
|
x509_crt_free( crt );
|
||||||
return( POLARSSL_ERR_X509_SIG_MISMATCH );
|
return( POLARSSL_ERR_X509_SIG_MISMATCH );
|
||||||
|
|
|
@ -99,6 +99,8 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||||
pem_context pem;
|
pem_context pem;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
memset( &sig_params, 0, sizeof( x509_buf ) );
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check for valid input
|
* Check for valid input
|
||||||
*/
|
*/
|
||||||
|
@ -262,10 +264,6 @@ int x509_csr_parse( x509_csr *csr, const unsigned char *buf, size_t buflen )
|
||||||
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
|
return( POLARSSL_ERR_X509_UNKNOWN_SIG_ALG );
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
|
|
||||||
memcpy( &csr->sig_params, &sig_params, sizeof( x509_buf ) );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 )
|
if( ( ret = x509_get_sig( &p, end, &csr->sig ) ) != 0 )
|
||||||
{
|
{
|
||||||
x509_csr_free( csr );
|
x509_csr_free( csr );
|
||||||
|
|
Loading…
Reference in a new issue