mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-11-14 04:02:31 +03:00
Revert change to mbedtls_pk_{sign,verify}_restartable and replace with ext version
Signed-off-by: Ben Taylor <ben.taylor@linaro.org>
This commit is contained in:
Ben Taylor
@@ -704,9 +704,9 @@ static int mbedtls_pkcs7_data_or_hash_verify(mbedtls_pkcs7 *pkcs7,
|
|||||||
* failed to validate'.
|
* failed to validate'.
|
||||||
*/
|
*/
|
||||||
for (signer = &pkcs7->signed_data.signers; signer; signer = signer->next) {
|
for (signer = &pkcs7->signed_data.signers; signer; signer = signer->next) {
|
||||||
ret = mbedtls_pk_verify_restartable(&pk_cxt, md_alg, hash,
|
ret = mbedtls_pk_verify_ext(MBEDTLS_PK_SIGALG_RSA_PKCS1V15, &pk_cxt, md_alg, hash,
|
||||||
mbedtls_md_get_size(md_info),
|
mbedtls_md_get_size(md_info),
|
||||||
signer->sig.p, signer->sig.len, NULL);
|
signer->sig.p, signer->sig.len);
|
||||||
|
|
||||||
if (ret == 0) {
|
if (ret == 0) {
|
||||||
break;
|
break;
|
||||||
|
|||||||
@@ -2880,11 +2880,11 @@ curve_matching_done:
|
|||||||
* after the call to ssl_prepare_server_key_exchange.
|
* after the call to ssl_prepare_server_key_exchange.
|
||||||
* ssl_write_server_key_exchange also takes care of incrementing
|
* ssl_write_server_key_exchange also takes care of incrementing
|
||||||
* ssl->out_msglen. */
|
* ssl->out_msglen. */
|
||||||
if ((ret = mbedtls_pk_sign_restartable(mbedtls_ssl_own_key(ssl),
|
if ((ret = mbedtls_pk_sign_ext((mbedtls_pk_sigalg_t) sig_alg, mbedtls_ssl_own_key(ssl),
|
||||||
md_alg, hash, hashlen,
|
md_alg, hash, hashlen,
|
||||||
ssl->out_msg + ssl->out_msglen + 2,
|
ssl->out_msg + ssl->out_msglen + 2,
|
||||||
out_buf_len - ssl->out_msglen - 2,
|
out_buf_len - ssl->out_msglen - 2,
|
||||||
signature_len, NULL)) != 0) {
|
signature_len)) != 0) {
|
||||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret);
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_sign", ret);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
@@ -3456,9 +3456,9 @@ static int ssl_parse_certificate_verify(mbedtls_ssl_context *ssl)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((ret = mbedtls_pk_verify_restartable(peer_pk,
|
if ((ret = mbedtls_pk_verify_ext((mbedtls_pk_sigalg_t) pk_alg, peer_pk,
|
||||||
md_alg, hash_start, hashlen,
|
md_alg, hash_start, hashlen,
|
||||||
ssl->in_msg + i, sig_len, NULL)) != 0) {
|
ssl->in_msg + i, sig_len)) != 0) {
|
||||||
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret);
|
MBEDTLS_SSL_DEBUG_RET(1, "mbedtls_pk_verify", ret);
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -571,9 +571,8 @@ int mbedtls_x509write_crt_der(mbedtls_x509write_cert *ctx,
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if ((ret = mbedtls_pk_sign_restartable(ctx->issuer_key, ctx->md_alg,
|
if ((ret = mbedtls_pk_sign_ext((mbedtls_pk_sigalg_t) pk_alg, ctx->issuer_key, ctx->md_alg,
|
||||||
hash, hash_length, sig, sizeof(sig), &sig_len,
|
hash, hash_length, sig, sizeof(sig), &sig_len)) != 0) {
|
||||||
NULL)) != 0) {
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1243,10 +1243,10 @@ static int ssl_async_resume(mbedtls_ssl_context *ssl,
|
|||||||
|
|
||||||
switch (ctx->operation_type) {
|
switch (ctx->operation_type) {
|
||||||
case ASYNC_OP_SIGN:
|
case ASYNC_OP_SIGN:
|
||||||
ret = mbedtls_pk_sign_restartable(key_slot->pk,
|
ret = mbedtls_pk_sign(key_slot->pk,
|
||||||
ctx->md_alg,
|
ctx->md_alg,
|
||||||
ctx->input, ctx->input_len,
|
ctx->input, ctx->input_len,
|
||||||
output, output_size, output_len, NULL);
|
output, output_size, output_len);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
mbedtls_printf(
|
mbedtls_printf(
|
||||||
|
|||||||
Reference in New Issue
Block a user