TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / bf88780e64945b568d98591159da2b8604444d73^! / . / library / x509write_csr.c
commitbf88780e64945b568d98591159da2b8604444d73[log] [tgz]
authorGilles Peskine <Gilles.Peskine@arm.com>Fri Nov 08 19:21:51 2019 +0100
committerGilles Peskine <Gilles.Peskine@arm.com>Wed Nov 13 15:32:11 2019 +0100
tree4481e3410739131b75108861cc31d7363fe2020c
parente1853a2b3eabefa97b61c0b3673f1d1f9eba3d0e [diff] [blame]
Use MBEDTLS_PK_SIGNATURE_MAX_SIZE in X.509

Use the constant that is now provided by the crypto submodule instead
of rolling our own definition which is not correct in all cases.

diff --git a/library/x509write_csr.c b/library/x509write_csr.c
index 0d62d1d..ffbf436 100644
--- a/library/x509write_csr.c
+++ b/library/x509write_csr.c

@@ -49,16 +49,6 @@
 #include "mbedtls/pem.h"
 #endif
 
-/*
- * For the currently used signature algorithms the buffer to store any signature
- * must be at least of size MAX(MBEDTLS_ECDSA_MAX_LEN, MBEDTLS_MPI_MAX_SIZE)
- */
-#if MBEDTLS_ECDSA_MAX_LEN > MBEDTLS_MPI_MAX_SIZE
-#define SIGNATURE_MAX_SIZE MBEDTLS_ECDSA_MAX_LEN
-#else
-#define SIGNATURE_MAX_SIZE MBEDTLS_MPI_MAX_SIZE
-#endif
-
 void mbedtls_x509write_csr_init( mbedtls_x509write_csr *ctx )
 {
     memset( ctx, 0, sizeof( mbedtls_x509write_csr ) );
@@ -148,7 +138,7 @@
     size_t sig_oid_len = 0;
     unsigned char *c, *c2;
     unsigned char hash[64];
-    unsigned char sig[SIGNATURE_MAX_SIZE];
+    unsigned char sig[MBEDTLS_PK_SIGNATURE_MAX_SIZE];
     unsigned char tmp_buf[2048];
     size_t pub_len = 0, sig_and_oid_len = 0, sig_len;
     size_t len = 0;