lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-30 22:43:08 +03:00
Code Activity

Merge pull request #7438 from valeriosetti/issue7074

Browse Source 
Avoid parse/unparse private ECC keys in PK with USE_PSA when !ECP_C
This commit is contained in:
Manuel Pégourié-Gonnard
2023-06-01 10:06:45 +02:00
committed by GitHub
parent a1b416670e 449803abff
commit 7b1136836c
15 changed files with 332 additions and 156 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
library/ssl_tls.c
View File

@ -7367,13 +7367,12 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl,
/* and in the unlikely case the above assumption no longer holds
* we are making sure that pk_ec() here does not return a NULL
*/
const mbedtls_ecp_keypair *ec = mbedtls_pk_ec_ro(*pk);
if (ec == NULL) {
MBEDTLS_SSL_DEBUG_MSG(1, ("mbedtls_pk_ec_ro() returned NULL"));
mbedtls_ecp_group_id grp_id = mbedtls_pk_get_group_id(pk);
if (grp_id == MBEDTLS_ECP_DP_NONE) {
MBEDTLS_SSL_DEBUG_MSG(1, ("invalid group ID"));
return MBEDTLS_ERR_SSL_INTERNAL_ERROR;
}
if (mbedtls_ssl_check_curve(ssl, ec->grp.id) != 0) {
if (mbedtls_ssl_check_curve(ssl, grp_id) != 0) {
ssl->session_negotiate->verify_result |=
MBEDTLS_X509_BADCERT_BAD_KEY;