lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

library: pass NULL options parameter to mbedtls_pk_verify_ext()

Browse Source 
Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>
This commit is contained in:
Valerio Setti
2025-04-23 11:29:51 +02:00
parent d24dfad7af
commit 7f6f4e6907
4 changed files with 5 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
library/ssl_tls13_generic.c
View File

@ -227,11 +227,6 @@ static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl,
unsigned char verify_hash[PSA_HASH_MAX_SIZE];
size_t verify_hash_len;
void const *options = NULL;
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
mbedtls_pk_rsassa_pss_options rsassa_pss_options;
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
/*
* struct {
* SignatureScheme algorithm;
@ -304,16 +299,8 @@ static int ssl_tls13_parse_certificate_verify(mbedtls_ssl_context *ssl,
}
MBEDTLS_SSL_DEBUG_BUF(3, "verify hash", verify_hash, verify_hash_len);
#if defined(MBEDTLS_X509_RSASSA_PSS_SUPPORT)
if (sig_alg == MBEDTLS_PK_RSASSA_PSS) {
rsassa_pss_options.mgf1_hash_id = md_alg;
rsassa_pss_options.expected_salt_len = PSA_HASH_LENGTH(hash_alg);
options = (const void *) &rsassa_pss_options;
}
#endif /* MBEDTLS_X509_RSASSA_PSS_SUPPORT */
if ((ret = mbedtls_pk_verify_ext(sig_alg, options,
if ((ret = mbedtls_pk_verify_ext(sig_alg, NULL,
&ssl->session_negotiate->peer_cert->pk,
md_alg, verify_hash, verify_hash_len,
p, signature_len)) == 0) {