eden-emu/mbedtls
20
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix direct uses of x509_cert.rsa, now use pk_rsa()

Browse source
This commit is contained in:
Manuel Pégourié-Gonnard 2013-07-11 10:46:21 +02:00 committed by Paul Bakker
parent 893879adbd
commit ff56da3a26
3 changed files with 44 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

11
library/ssl_srv.c
View file

@ -1968,7 +1968,11 @@ static int ssl_parse_certificate_verify( ssl_context *ssl )
md_alg = POLARSSL_MD_NONE;
}
n1 = ssl->session_negotiate->peer_cert->rsa.len;
/* EC NOT IMPLEMENTED YET */
if( ssl->session_negotiate->peer_cert->pk.type != POLARSSL_PK_RSA )
return( POLARSSL_ERR_SSL_FEATURE_UNAVAILABLE );
n1 = pk_rsa( ssl->session_negotiate->peer_cert->pk )->len;
n2 = ( ssl->in_msg[4 + n] << 8 ) | ssl->in_msg[5 + n];
if( n + n1 + 6 != ssl->in_hslen || n1 != n2 )
@ -1977,8 +1981,9 @@ static int ssl_parse_certificate_verify( ssl_context *ssl )
return( POLARSSL_ERR_SSL_BAD_HS_CERTIFICATE_VERIFY );
}
ret = rsa_pkcs1_verify( &ssl->session_negotiate->peer_cert->rsa, RSA_PUBLIC,
md_alg, hashlen, hash, ssl->in_msg + 6 + n );
ret = rsa_pkcs1_verify( pk_rsa( ssl->session_negotiate->peer_cert->pk ),
RSA_PUBLIC, md_alg, hashlen, hash,
ssl->in_msg + 6 + n );
if( ret != 0 )
{
SSL_DEBUG_RET( 1, "rsa_pkcs1_verify", ret );