yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Use pk_verify_ext() in x509_crt.c

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-06-05 16:34:18 +02:00
parent bf696d030b
commit 46db4b070c
1 changed files with 6 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
library/x509_crt.c
View file

@ -1659,24 +1659,9 @@ static int x509_crt_verify_top(
continue;
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( child->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
if( pk_can_do( &trust_ca->pk, POLARSSL_PK_RSA ) == 0 ||
rsa_rsassa_pss_verify( pk_rsa( trust_ca->pk ),
NULL, NULL, RSA_PUBLIC,
child->sig_md,
md_info->size, hash,
child->sig.p ) != 0 )
{
continue;
}
}
else
#endif
if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 ||
pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
if( pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
{
continue;
}
@ -1763,24 +1748,9 @@ static int x509_crt_verify_child(
{
md( md_info, child->tbs.p, child->tbs.len, hash );
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( child->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
if( pk_can_do( &parent->pk, POLARSSL_PK_RSA ) == 0 ||
rsa_rsassa_pss_verify( pk_rsa( parent->pk ),
NULL, NULL, RSA_PUBLIC,
child->sig_md,
md_info->size, hash,
child->sig.p ) != 0 )
{
*flags |= BADCERT_NOT_TRUSTED;
}
}
else
#endif
if( pk_can_do( &parent->pk, child->sig_pk ) == 0 ||
pk_verify( &parent->pk, child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
if( pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
{
*flags |= BADCERT_NOT_TRUSTED;
}