mbedtls_asn1_buf signature;
mbedtls_md_type_t md_alg;
mbedtls_pk_type_t pk_alg;
- mbedtls_pk_context pk;
+ mbedtls_pk_context pk = {0};
int rc;
void *sig_opts = NULL;
const mbedtls_md_info_t *md_info;
}
/* Get the actual signature algorithm (MD + PK) */
- rc = mbedtls_oid_get_sig_alg(&sig_oid, &md_alg, &pk_alg);
+ rc = mbedtls_x509_get_sig_alg(&sig_oid, &sig_params, &md_alg, &pk_alg, &sig_opts);
if (rc != 0) {
return CRYPTO_ERR_SIGNATURE;
}
end = (unsigned char *)(p + pk_len);
rc = mbedtls_pk_parse_subpubkey(&p, end, &pk);
if (rc != 0) {
- return CRYPTO_ERR_SIGNATURE;
+ rc = CRYPTO_ERR_SIGNATURE;
+ goto end2;
}
/* Get the signature (bitstring) */
rc = mbedtls_asn1_get_bitstring_null(&p, end, &signature.len);
if (rc != 0) {
rc = CRYPTO_ERR_SIGNATURE;
- goto end;
+ goto end1;
}
signature.p = p;
md_info = mbedtls_md_info_from_type(md_alg);
if (md_info == NULL) {
rc = CRYPTO_ERR_SIGNATURE;
- goto end;
+ goto end1;
}
p = (unsigned char *)data_ptr;
rc = mbedtls_md(md_info, p, data_len, hash);
if (rc != 0) {
rc = CRYPTO_ERR_SIGNATURE;
- goto end;
+ goto end1;
}
/* Verify the signature */
signature.p, signature.len);
if (rc != 0) {
rc = CRYPTO_ERR_SIGNATURE;
- goto end;
+ goto end1;
}
/* Signature verification success */
rc = CRYPTO_SUCCESS;
-end:
+end1:
mbedtls_pk_free(&pk);
+end2:
+ mbedtls_free(sig_opts);
return rc;
}
/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */
#define MBEDTLS_PLATFORM_SNPRINTF_ALT
+#if !ERROR_DEPRECATED
#define MBEDTLS_PKCS1_V15
+#endif
#define MBEDTLS_PKCS1_V21
#define MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
#define MBEDTLS_X509_CHECK_KEY_USAGE
#define MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE
+#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_ASN1_WRITE_C
projects / project / bcm63xx / atf.git / commitdiff