refactor(auth): avoid parsing signature algorithm twice
Since the two instances of the signature algorithm in a certificate must
be bitwise identical, it is not necessary to parse both of them.
Instead, it suffices to parse one of them, and then check that the other
fits in the remaining buffer space and is equal to the first.
Change-Id: Id0a0663165f147879ac83b6a540378fd4873b0dd
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
diff --git a/drivers/auth/mbedtls/mbedtls_x509_parser.c b/drivers/auth/mbedtls/mbedtls_x509_parser.c
index 244f1c9..f18f6b4 100644
--- a/drivers/auth/mbedtls/mbedtls_x509_parser.c
+++ b/drivers/auth/mbedtls/mbedtls_x509_parser.c
@@ -145,7 +145,7 @@
int ret, is_critical;
size_t len;
unsigned char *p, *end, *crt_end, *pk_end;
- mbedtls_asn1_buf sig_alg1, sig_alg2;
+ mbedtls_asn1_buf sig_alg1;
/*
* The unique ASN.1 DER encoding of [0] EXPLICIT INTEGER { v3(2} }.
*/
@@ -396,26 +396,15 @@
* -- end of TBSCertificate
*
* signatureAlgorithm AlgorithmIdentifier
+ * -- Does not need to be parsed. Ensuring it is bitwise
+ * -- identical (including the tag!) with the first signature
+ * -- algorithm is sufficient.
*/
- sig_alg2.p = p;
- ret = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
- MBEDTLS_ASN1_SEQUENCE);
- if (ret != 0) {
- return IMG_PARSER_ERR_FORMAT;
- }
- if ((end - p) < 1) {
- return IMG_PARSER_ERR_FORMAT;
- }
- sig_alg2.len = (p + len) - sig_alg2.p;
- p += len;
-
- /* Compare both signature algorithms */
- if (sig_alg1.len != sig_alg2.len) {
- return IMG_PARSER_ERR_FORMAT;
- }
- if (0 != memcmp(sig_alg1.p, sig_alg2.p, sig_alg1.len)) {
+ if ((sig_alg1.len >= (size_t)(end - p)) ||
+ (0 != memcmp(sig_alg1.p, p, sig_alg1.len))) {
return IMG_PARSER_ERR_FORMAT;
}
+ p += sig_alg1.len;
memcpy(&sig_alg, &sig_alg1, sizeof(sig_alg));
/*