ARMmbed/mbedtls
1
0
Fork 0
mirror of https://github.com/ARMmbed/mbedtls.git synced 2025-05-12 01:42:21 +08:00
Code Issues Releases Wiki Activity

Avoid comparing size between RSA and EC keys

Browse Source
This commit is contained in:
Manuel Pégourié-Gonnard 2017-10-24 10:51:26 +02:00
parent 08c36635cb
commit 19773ff835
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
library/x509_crt.c
View File

@ -193,9 +193,18 @@ static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile,
mbedtls_pk_type_t pk_alg, mbedtls_pk_type_t pk_alg,
const mbedtls_pk_context *pk ) const mbedtls_pk_context *pk )
{ {
const mbedtls_pk_type_t pk_type = mbedtls_pk_get_type( pk );
#if defined(MBEDTLS_RSA_C) #if defined(MBEDTLS_RSA_C)
if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS ) if( pk_alg == MBEDTLS_PK_RSA || pk_alg == MBEDTLS_PK_RSASSA_PSS )
{ {
/* Avoid comparing size between RSA and ECC */
if( pk_type != MBEDTLS_PK_RSA &&
pk_type != MBEDTLS_PK_RSASSA_PSS )
{
return( -1 );
}
if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen ) if( mbedtls_pk_get_bitlen( pk ) >= profile->rsa_min_bitlen )
return( 0 ); return( 0 );
@ -209,10 +218,8 @@ static int x509_profile_check_key( const mbedtls_x509_crt_profile *profile,
pk_alg == MBEDTLS_PK_ECKEY_DH ) pk_alg == MBEDTLS_PK_ECKEY_DH )
{ {
mbedtls_ecp_group_id gid; mbedtls_ecp_group_id gid;
mbedtls_pk_type_t pk_type;
/* Avoid calling pk_ec() if this is not an EC key */ /* Avoid calling pk_ec() if this is not an EC key */
pk_type = mbedtls_pk_get_type( pk );
if( pk_type != MBEDTLS_PK_ECDSA && if( pk_type != MBEDTLS_PK_ECDSA &&
pk_type != MBEDTLS_PK_ECKEY && pk_type != MBEDTLS_PK_ECKEY &&
pk_type != MBEDTLS_PK_ECKEY_DH ) pk_type != MBEDTLS_PK_ECKEY_DH )