TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 5922cb9309ac0a22a066111b6183c5616b8fedd9^! / . / library / pkparse.c
commit5922cb9309ac0a22a066111b6183c5616b8fedd9[log] [tgz]
authorValerio Setti <valerio.setti@nordicsemi.no>Fri Feb 02 09:21:25 2024 +0100
committerValerio Setti <valerio.setti@nordicsemi.no>Fri Feb 02 09:21:25 2024 +0100
tree2494072aaa42ce9dbb205448060c3d2cf88923d2
parent56cfe2fab6e5c529be54256fa15c657952502323 [diff] [blame]
pkparse: keep legacy PK error codes when RSA key parsing fails

This helps in reverting the changes to test_suite_x509parse.data
when the RSA key parsing fails.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

diff --git a/library/pkparse.c b/library/pkparse.c
index a47815b..91d6eb5 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c

@@ -851,6 +851,15 @@
 #if defined(MBEDTLS_RSA_C)
     if (pk_alg == MBEDTLS_PK_RSA) {
         ret = mbedtls_rsa_parse_pubkey(mbedtls_pk_rsa(*pk), *p, (size_t) (end - *p));
+        if (ret == 0) {
+            /* On success all the input has been consumed by the parsing function. */
+            *p += end - *p;
+        } else if (ret & 0x7f) {
+            /* In case of ASN1 error codes add MBEDTLS_ERR_PK_INVALID_PUBKEY. */
+            ret = MBEDTLS_ERROR_ADD(MBEDTLS_ERR_PK_INVALID_PUBKEY, ret);
+        } else {
+            ret = MBEDTLS_ERR_PK_INVALID_PUBKEY;
+        }
     } else
 #endif /* MBEDTLS_RSA_C */
 #if defined(MBEDTLS_PK_HAVE_ECC_KEYS)