cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-09-29 16:32:32 -04:00
Code Issues Packages Projects Releases Wiki Activity

pk: check PK context type in mbedtls_pk_verify_ext() before trying RSA PSS

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti 2024-03-18 16:22:33 +01:00
parent d59caf4e51
commit 07500fd874
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
library/pk.c
View File

@ -1126,6 +1126,12 @@ int mbedtls_pk_verify_ext(mbedtls_pk_type_t type, const void *options,
return mbedtls_pk_verify(ctx, md_alg, hash, hash_len, sig, sig_len); return mbedtls_pk_verify(ctx, md_alg, hash, hash_len, sig, sig_len);
} }
/* Ensure the PK context is of the right type otherwise mbedtls_pk_rsa()
* below would return a NULL pointer. */
if (mbedtls_pk_get_type(ctx) != MBEDTLS_PK_RSA) {
return MBEDTLS_ERR_PK_FEATURE_UNAVAILABLE;
}
#if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21) #if defined(MBEDTLS_RSA_C) && defined(MBEDTLS_PKCS1_V21)
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
const mbedtls_pk_rsassa_pss_options *pss_opts; const mbedtls_pk_rsassa_pss_options *pss_opts;