TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-05-11 14:38:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Move point of re-entry for restartable X.509 verification

Browse Source
This commit is contained in:
Hanno Becker
2019-02-22 17:56:43 +00:00
parent b59d3f1692
commit 10e6b9b2b5
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
library/x509_crt.c
View File

@@ -2275,8 +2275,6 @@ static int x509_crt_verify_chain(
/* restore derived state */
cur = &ver_chain->items[ver_chain->len - 1];
child = cur->crt;
flags = &cur->flags;
goto find_parent;
}
#endif /* MBEDTLS_ECDSA_C && MBEDTLS_ECP_RESTARTABLE */
@@ -2292,6 +2290,11 @@ static int x509_crt_verify_chain(
cur->crt = child;
cur->flags = 0;
ver_chain->len++;
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
find_parent:
#endif
flags = &cur->flags;
/* Check time-validity (all certificates) */
@@ -2319,9 +2322,6 @@ static int x509_crt_verify_chain(
return( 0 );
}
#if defined(MBEDTLS_ECDSA_C) && defined(MBEDTLS_ECP_RESTARTABLE)
find_parent:
#endif
/* Look for a parent in trusted CAs or up the chain */
ret = x509_crt_find_parent( child, trust_ca, &parent,
&parent_is_trusted, &signature_is_good,