cuberite/polarssl
1
0
Fork 0
mirror of https://github.com/cuberite/polarssl.git synced 2025-11-04 04:32:24 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use pk_verify_ext() in x509_crt.c

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2014-06-05 16:34:18 +02:00
parent bf696d030b
commit 46db4b070c
1 changed files with 6 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
library/x509_crt.c
View File

@ -1659,23 +1659,8 @@ static int x509_crt_verify_top(
continue;
}
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( child->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
if( pk_can_do( &trust_ca->pk, POLARSSL_PK_RSA ) == 0 ||
rsa_rsassa_pss_verify( pk_rsa( trust_ca->pk ),
NULL, NULL, RSA_PUBLIC,
child->sig_md,
md_info->size, hash,
child->sig.p ) != 0 )
{
continue;
}
}
else
#endif
if( pk_can_do( &trust_ca->pk, child->sig_pk ) == 0 ||
pk_verify( &trust_ca->pk, child->sig_md, hash, md_info->size,
if( pk_verify_ext( child->sig_pk, child->sig_opts, &trust_ca->pk,
child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
{
continue;
@ -1763,23 +1748,8 @@ static int x509_crt_verify_child(
{
md( md_info, child->tbs.p, child->tbs.len, hash );
#if defined(POLARSSL_RSASSA_PSS_CERTIFICATES)
if( child->sig_pk == POLARSSL_PK_RSASSA_PSS )
{
if( pk_can_do( &parent->pk, POLARSSL_PK_RSA ) == 0 ||
rsa_rsassa_pss_verify( pk_rsa( parent->pk ),
NULL, NULL, RSA_PUBLIC,
child->sig_md,
md_info->size, hash,
child->sig.p ) != 0 )
{
*flags |= BADCERT_NOT_TRUSTED;
}
}
else
#endif
if( pk_can_do( &parent->pk, child->sig_pk ) == 0 ||
pk_verify( &parent->pk, child->sig_md, hash, md_info->size,
if( pk_verify_ext( child->sig_pk, child->sig_opts, &parent->pk,
child->sig_md, hash, md_info->size,
child->sig.p, child->sig.len ) != 0 )
{
*flags |= BADCERT_NOT_TRUSTED;