commit e373a254c42b661f50794250634a90554c3b95c0
author Demi Marie Obenour <demiobenour@gmail.com> Tue Dec 13 23:50:03 2022 -0500
committer Dave Rodgman <dave.rodgman@arm.com> Fri Feb 10 12:56:10 2023 +0000
tree 7489cdced17ed7ce79e74220e18b59fa03e6eade
parent 55d9df25ef63c8a6e5ad7d9bdfd47f38b7fa303c

pkcs7: do not store content type OIDs

They will always be constant.

Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>

library/pkcs7.c

diff --git a/library/pkcs7.c b/library/pkcs7.c
index 39d9f8f..9ef7608 100644
--- a/library/pkcs7.c
+++ b/library/pkcs7.c
@@ -490,12 +490,14 @@
         return MBEDTLS_ERR_PKCS7_INVALID_ALG;
     }
 
-    /* Do not expect any content */
-    ret = pkcs7_get_content_info_type(&p, end_set, &end_content_info,
-                                      &signed_data->content.oid);
+    mbedtls_pkcs7_buf content_type;
+    ret = pkcs7_get_content_info_type(&p, end, &end_content_info, &content_type);
     if (ret != 0) {
         return ret;
     }
+    if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &content_type)) {
+        return MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO;
+    }
 
     if (p != end_content_info) {
         /* Determine if valid content is present */
@@ -514,10 +516,6 @@
         return MBEDTLS_ERR_PKCS7_FEATURE_UNAVAILABLE;
     }
 
-    if (MBEDTLS_OID_CMP(MBEDTLS_OID_PKCS7_DATA, &signed_data->content.oid)) {
-        return MBEDTLS_ERR_PKCS7_INVALID_CONTENT_INFO;
-    }
-
     /* Look for certificates, there may or may not be any */
     mbedtls_x509_crt_init(&signed_data->certs);
     ret = pkcs7_get_certificates(&p, end, &signed_data->certs);