Improve handling of md errors in X.509
md() already checks for md_info == NULL. Also, in the future it might also return other errors (eg hardware errors if acceleration is used), so it make more sense to check its return value than to check for NULL ourselves and then assume no other error can occur. Also, currently, md_info == NULL can never happen except if the MD and OID modules get out of sync, or if the user messes with members of the x509_crt structure directly. This commit does not change the current behaviour, which is to treat MD errors the same way as a bad signature or no trusted root.
This commit is contained in:
parent
a4a206e834
commit
329e78c7fa
1 changed files with 5 additions and 12 deletions
|
@ -1675,17 +1675,13 @@ static int x509_crt_verifycrl( mbedtls_x509_crt *crt, mbedtls_x509_crt *ca,
|
|||
flags |= MBEDTLS_X509_BADCRL_BAD_PK;
|
||||
|
||||
md_info = mbedtls_md_info_from_type( crl_list->sig_md );
|
||||
if( md_info == NULL )
|
||||
if( mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash ) != 0 )
|
||||
{
|
||||
/*
|
||||
* Cannot check 'unknown' hash
|
||||
*/
|
||||
/* Note: this can't happen except after an internal error */
|
||||
flags |= MBEDTLS_X509_BADCRL_NOT_TRUSTED;
|
||||
break;
|
||||
}
|
||||
|
||||
mbedtls_md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
|
||||
|
||||
if( x509_profile_check_key( profile, crl_list->sig_pk, &ca->pk ) != 0 )
|
||||
flags |= MBEDTLS_X509_BADCERT_BAD_KEY;
|
||||
|
||||
|
@ -1930,15 +1926,12 @@ static int x509_crt_verify_top(
|
|||
*flags |= MBEDTLS_X509_BADCERT_NOT_TRUSTED;
|
||||
|
||||
md_info = mbedtls_md_info_from_type( child->sig_md );
|
||||
if( md_info == NULL )
|
||||
if( mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash ) != 0 )
|
||||
{
|
||||
/*
|
||||
* Cannot check 'unknown', no need to try any CA
|
||||
*/
|
||||
/* Note: this can't happen except after an internal error */
|
||||
/* Cannot check signature, no need to try any CA */
|
||||
trust_ca = NULL;
|
||||
}
|
||||
else
|
||||
mbedtls_md( md_info, child->tbs.p, child->tbs.len, hash );
|
||||
|
||||
for( /* trust_ca */ ; trust_ca != NULL; trust_ca = trust_ca->next )
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue