Merge pull request #5980 from mprse/md_dep_fix

Remove MD dependencies from mbedtls_x509_sig_alg_gets(), ssl_tls13_parse_certificate_verify()
This commit is contained in:
Manuel Pégourié-Gonnard 2022-06-29 10:18:41 +02:00 committed by GitHub
commit 2f244c43b4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 48 additions and 11 deletions

View file

@ -256,13 +256,9 @@ static int ssl_tls13_parse_certificate_verify( mbedtls_ssl_context *ssl,
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if( sig_alg == MBEDTLS_PK_RSASSA_PSS )
{
const mbedtls_md_info_t* md_info;
rsassa_pss_options.mgf1_hash_id = md_alg;
if( ( md_info = mbedtls_md_info_from_type( md_alg ) ) == NULL )
{
return( MBEDTLS_ERR_SSL_INTERNAL_ERROR );
}
rsassa_pss_options.expected_salt_len = mbedtls_md_get_size( md_info );
rsassa_pss_options.expected_salt_len = PSA_HASH_LENGTH( hash_alg );
options = (const void*) &rsassa_pss_options;
}
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */

View file

@ -131,6 +131,48 @@ int mbedtls_x509_get_alg( unsigned char **p, const unsigned char *end,
return( 0 );
}
/*
* Convert md type to string
*/
static inline const char* md_type_to_string( mbedtls_md_type_t md_alg )
{
switch( md_alg )
{
#if defined(MBEDTLS_MD5_C)
case MBEDTLS_MD_MD5:
return( "MD5" );
#endif
#if defined(MBEDTLS_SHA1_C)
case MBEDTLS_MD_SHA1:
return( "SHA1" );
#endif
#if defined(MBEDTLS_SHA224_C)
case MBEDTLS_MD_SHA224:
return( "SHA224" );
#endif
#if defined(MBEDTLS_SHA256_C)
case MBEDTLS_MD_SHA256:
return( "SHA256" );
#endif
#if defined(MBEDTLS_SHA384_C)
case MBEDTLS_MD_SHA384:
return( "SHA384" );
#endif
#if defined(MBEDTLS_SHA512_C)
case MBEDTLS_MD_SHA512:
return( "SHA512" );
#endif
#if defined(MBEDTLS_RIPEMD160_C)
case MBEDTLS_MD_RIPEMD160:
return( "RIPEMD160" );
#endif
case MBEDTLS_MD_NONE:
return( NULL );
default:
return( NULL );
}
}
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
/*
* HashAlgorithm ::= AlgorithmIdentifier
@ -862,16 +904,15 @@ int mbedtls_x509_sig_alg_gets( char *buf, size_t size, const mbedtls_x509_buf *s
if( pk_alg == MBEDTLS_PK_RSASSA_PSS )
{
const mbedtls_pk_rsassa_pss_options *pss_opts;
const mbedtls_md_info_t *md_info, *mgf_md_info;
pss_opts = (const mbedtls_pk_rsassa_pss_options *) sig_opts;
md_info = mbedtls_md_info_from_type( md_alg );
mgf_md_info = mbedtls_md_info_from_type( pss_opts->mgf1_hash_id );
const char *name = md_type_to_string( md_alg );
const char *mgf_name = md_type_to_string( pss_opts->mgf1_hash_id );
ret = mbedtls_snprintf( p, n, " (%s, MGF1-%s, 0x%02X)",
md_info ? mbedtls_md_get_name( md_info ) : "???",
mgf_md_info ? mbedtls_md_get_name( mgf_md_info ) : "???",
name ? name : "???",
mgf_name ? mgf_name : "???",
(unsigned int) pss_opts->expected_salt_len );
MBEDTLS_X509_SAFE_SNPRINTF;
}