From f84b4d64987b6b4aebbab19b5670261e61228909 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Mon, 12 Aug 2013 10:39:28 +0200
Subject: [PATCH] Check sig_pk for signature verification

---
 library/x509parse.c | 54 +++++++++++++++++++++------------------------
 1 file changed, 25 insertions(+), 29 deletions(-)

diff --git a/library/x509parse.c b/library/x509parse.c
index a44cf11c0..b68640368 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -3305,7 +3305,6 @@ int x509parse_revoked( const x509_cert *crt, const x509_crl *crl )
 static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
         x509_crl *crl_list)
 {
-    int ret;
     int flags = 0;
     unsigned char hash[POLARSSL_MD_MAX_SIZE];
     const md_info_t *md_info;
@@ -3346,14 +3345,12 @@ static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
         md( md_info, crl_list->tbs.p, crl_list->tbs.len, hash );
 
 #if defined(POLARSSL_RSA_C)
-        if( ca->pk.type == POLARSSL_PK_RSA )
+        if( crl_list->sig_pk == POLARSSL_PK_RSA )
         {
-            if( !rsa_pkcs1_verify( pk_rsa( ca->pk ), RSA_PUBLIC,
-                        crl_list->sig_md, 0, hash, crl_list->sig.p ) == 0 )
+            if( ca->pk.type != POLARSSL_PK_RSA ||
+                rsa_pkcs1_verify( pk_rsa( ca->pk ), RSA_PUBLIC,
+                        crl_list->sig_md, 0, hash, crl_list->sig.p ) != 0 )
             {
-                /*
-                 * CRL is not trusted
-                 */
                 flags |= BADCRL_NOT_TRUSTED;
                 break;
             }
@@ -3361,17 +3358,14 @@ static int x509parse_verifycrl(x509_cert *crt, x509_cert *ca,
         else
 #endif /* POLARSSL_RSA_C */
 #if defined(POLARSSL_ECDSA_C)
-        if( pk_can_ecdsa( ca->pk ) ) {
-            if( ( ret = pk_ec_to_ecdsa( &ca->pk ) ) != 0 )
-                return( ret );
-
-            if( ecdsa_read_signature( (ecdsa_context *) ca->pk.data,
+        if( crl_list->sig_pk == POLARSSL_PK_ECDSA )
+        {
+            if( ! pk_can_ecdsa( ca->pk ) ||
+                pk_ec_to_ecdsa( &ca->pk ) != 0 ||
+                ecdsa_read_signature( (ecdsa_context *) ca->pk.data,
                         hash, md_info->size,
                         crl_list->sig.p, crl_list->sig.len ) != 0 )
             {
-                /*
-                 * CRL is not trusted
-                 */
                 flags |= BADCRL_NOT_TRUSTED;
                 break;
             }
@@ -3490,9 +3484,10 @@ static int x509parse_verify_top(
         md( md_info, child->tbs.p, child->tbs.len, hash );
 
 #if defined(POLARSSL_RSA_C)
-        if( trust_ca->pk.type == POLARSSL_PK_RSA )
+        if( child->sig_pk == POLARSSL_PK_RSA )
         {
-            if( rsa_pkcs1_verify( pk_rsa( trust_ca->pk ), RSA_PUBLIC,
+            if( trust_ca->pk.type != POLARSSL_PK_RSA ||
+                rsa_pkcs1_verify( pk_rsa( trust_ca->pk ), RSA_PUBLIC,
                         child->sig_md, 0, hash, child->sig.p ) != 0 )
             {
                 trust_ca = trust_ca->next;
@@ -3502,11 +3497,11 @@ static int x509parse_verify_top(
         else
 #endif /* POLARSSL_RSA_C */
 #if defined(POLARSSL_ECDSA_C)
-        if( pk_can_ecdsa( trust_ca->pk ) ) {
-            if( ( ret = pk_ec_to_ecdsa( &trust_ca->pk ) ) != 0 )
-                return( ret );
-
-            if( ecdsa_read_signature( (ecdsa_context *) trust_ca->pk.data,
+        if( child->sig_pk == POLARSSL_PK_ECDSA )
+        {
+            if( ! pk_can_ecdsa( trust_ca->pk ) ||
+                pk_ec_to_ecdsa( &trust_ca->pk ) != 0 ||
+                ecdsa_read_signature( (ecdsa_context *) trust_ca->pk.data,
                         hash, md_info->size,
                         child->sig.p, child->sig.len ) != 0 )
             {
@@ -3588,9 +3583,10 @@ static int x509parse_verify_child(
         md( md_info, child->tbs.p, child->tbs.len, hash );
 
 #if defined(POLARSSL_RSA_C)
-        if( parent->pk.type == POLARSSL_PK_RSA )
+        if( child->sig_pk == POLARSSL_PK_RSA )
         {
-            if( rsa_pkcs1_verify( pk_rsa( parent->pk ), RSA_PUBLIC,
+            if( parent->pk.type != POLARSSL_PK_RSA ||
+                rsa_pkcs1_verify( pk_rsa( parent->pk ), RSA_PUBLIC,
                         child->sig_md, 0, hash, child->sig.p ) != 0 )
             {
                 *flags |= BADCERT_NOT_TRUSTED;
@@ -3599,11 +3595,11 @@ static int x509parse_verify_child(
         else
 #endif /* POLARSSL_RSA_C */
 #if defined(POLARSSL_ECDSA_C)
-        if( pk_can_ecdsa( parent->pk ) ) {
-            if( ( ret = pk_ec_to_ecdsa( &parent->pk ) ) != 0 )
-                return( ret );
-
-            if( ecdsa_read_signature( (ecdsa_context *) parent->pk.data,
+        if( child->sig_pk == POLARSSL_PK_ECDSA )
+        {
+            if( ! pk_can_ecdsa( parent->pk ) ||
+                pk_ec_to_ecdsa( &parent->pk ) != 0 ||
+                ecdsa_read_signature( (ecdsa_context *) parent->pk.data,
                         hash, md_info->size,
                         child->sig.p, child->sig.len ) != 0 )
             {