Fix sig->tag update in mbedtls_x509_get_sig()

This commit is contained in:
Andres AG 2016-09-19 16:58:45 +01:00
parent c49b808ae4
commit 4bdbe09f90
2 changed files with 6 additions and 1 deletions

View file

@ -22,6 +22,9 @@ Bugfix
enabled unless others were also present. Found by David Fernandez. #428 enabled unless others were also present. Found by David Fernandez. #428
* Fix for out-of-tree builds using CMake. Found by jwurzer, and fix based on * Fix for out-of-tree builds using CMake. Found by jwurzer, and fix based on
a contribution from Tobias Tangemann. #541 a contribution from Tobias Tangemann. #541
* Fix mbedtls_x509_get_sig() to update the ASN1 type in the mbedtls_x509_buf
data structure until after error checks are successful. Found by
subramanyam-c.
Changes Changes
* Extended test coverage of special cases, and added new timing test suite. * Extended test coverage of special cases, and added new timing test suite.

View file

@ -559,16 +559,18 @@ int mbedtls_x509_get_sig( unsigned char **p, const unsigned char *end, mbedtls_x
{ {
int ret; int ret;
size_t len; size_t len;
int tag_type;
if( ( end - *p ) < 1 ) if( ( end - *p ) < 1 )
return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + return( MBEDTLS_ERR_X509_INVALID_SIGNATURE +
MBEDTLS_ERR_ASN1_OUT_OF_DATA ); MBEDTLS_ERR_ASN1_OUT_OF_DATA );
sig->tag = **p; tag_type = **p;
if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 ) if( ( ret = mbedtls_asn1_get_bitstring_null( p, end, &len ) ) != 0 )
return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret ); return( MBEDTLS_ERR_X509_INVALID_SIGNATURE + ret );
sig->tag = tag_type;
sig->len = len; sig->len = len;
sig->p = *p; sig->p = *p;