yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

pkcs7.c: Do not ignore return value of mbedlts_md

Browse source 
CI was failing due to the return value of mbedtls_md being ignored.
If this function does fail, return early and propogate the md error.

Signed-off-by: Nick Child <nick.child@ibm.com>
This commit is contained in:
Nick Child 2022-02-22 17:19:59 -06:00
parent 600bd30427
commit 6671841d91
2 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
library/pkcs7.c
View file

@ -523,8 +523,12 @@ int mbedtls_pkcs7_signed_data_verify( mbedtls_pkcs7 *pkcs7,
return( MBEDTLS_ERR_PKCS7_ALLOC_FAILED );
}
mbedtls_md( md_info, data, datalen, hash );
ret = mbedtls_md( md_info, data, datalen, hash );
if( ret != 0 )
{
mbedtls_free( hash );
return( ret );
}
ret = mbedtls_pk_verify( &pk_cxt, md_alg, hash, 0,
pkcs7->signed_data.signers.sig.p,
pkcs7->signed_data.signers.sig.len );

5
tests/suites/test_suite_pkcs7.function
View file

@ -285,9 +285,10 @@ void pkcs7_verify_hash( char *pkcs7_file, char *crt, char *filetobesigned )
md_info = mbedtls_md_info_from_type( md_alg );
mbedtls_md( md_info, data, datalen, hash );
res = mbedtls_md( md_info, data, datalen, hash );
TEST_ASSERT( res == 0 );
res = mbedtls_pkcs7_signed_hash_verify( &pkcs7, &x509, hash, sizeof(hash));
res = mbedtls_pkcs7_signed_hash_verify( &pkcs7, &x509, hash, sizeof(hash) );
TEST_ASSERT( res == 0 );
exit: