From: Demi Marie Obenour Date: Thu, 8 Dec 2022 20:24:23 +0000 (-0500) Subject: refactor(auth): avoid parsing signature algorithm twice X-Git-Tag: baikal/aarch64/sdk5.10~1^2~286^2 X-Git-Url: https://git.baikalelectronics.ru/sdk/?a=commitdiff_plain;h=63cc49d0aa431848e91a9322b52f4484312dce43;p=arm-tf.git refactor(auth): avoid parsing signature algorithm twice Since the two instances of the signature algorithm in a certificate must be bitwise identical, it is not necessary to parse both of them. Instead, it suffices to parse one of them, and then check that the other fits in the remaining buffer space and is equal to the first. Change-Id: Id0a0663165f147879ac83b6a540378fd4873b0dd Signed-off-by: Demi Marie Obenour --- diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c index 244f1c95e..f18f6b413 100644 --- a/drivers/auth/mbedtls/mbedtls_x509_parser.c +++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c @@ -145,7 +145,7 @@ static int cert_parse(void *img, unsigned int img_len) int ret, is_critical; size_t len; unsigned char *p, *end, *crt_end, *pk_end; - mbedtls_asn1_buf sig_alg1, sig_alg2; + mbedtls_asn1_buf sig_alg1; /* * The unique ASN.1 DER encoding of [0] EXPLICIT INTEGER { v3(2} }. */ @@ -396,26 +396,15 @@ static int cert_parse(void *img, unsigned int img_len) * -- end of TBSCertificate * * signatureAlgorithm AlgorithmIdentifier + * -- Does not need to be parsed. Ensuring it is bitwise + * -- identical (including the tag!) with the first signature + * -- algorithm is sufficient. */ - sig_alg2.p = p; - ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | - MBEDTLS_ASN1_SEQUENCE); - if (ret != 0) { - return IMG_PARSER_ERR_FORMAT; - } - if ((end - p) < 1) { - return IMG_PARSER_ERR_FORMAT; - } - sig_alg2.len = (p + len) - sig_alg2.p; - p += len; - - /* Compare both signature algorithms */ - if (sig_alg1.len != sig_alg2.len) { - return IMG_PARSER_ERR_FORMAT; - } - if (0 != memcmp(sig_alg1.p, sig_alg2.p, sig_alg1.len)) { + if ((sig_alg1.len >= (size_t)(end - p)) || + (0 != memcmp(sig_alg1.p, p, sig_alg1.len))) { return IMG_PARSER_ERR_FORMAT; } + p += sig_alg1.len; memcpy(&sig_alg, &sig_alg1, sizeof(sig_alg)); /*