commit efa14e8b0c126f688260b3e721344f8fa82ef858
author Hanno Becker <hanno.becker@arm.com> Wed Oct 11 19:45:19 2017 +0100
committer Hanno Becker <hanno.becker@arm.com> Wed Oct 11 19:45:19 2017 +0100
tree 8b40148e75caeb0a5dde267dfa5d09d4998d0cc6
parent e167fe6a53eaded3a23d41f5b13cde3b6db043fb

Reduce number of MPI's used in `pk_parse_key_pkcs1_der`

As the optional RSA parameters DP, DQ and QP are effectively discarded (they are only considered for their length to
ensure that the key fills the entire buffer), it is not necessary to read them into separate MPI's.

library/pkparse.c

diff --git a/library/pkparse.c b/library/pkparse.c
index 57f966f..805d5a3 100644
--- a/library/pkparse.c
+++ b/library/pkparse.c
@@ -661,11 +661,8 @@
     size_t len;
     unsigned char *p, *end;
 
-    mbedtls_mpi DP, DQ, QP;
-
-    mbedtls_mpi_init( &DP );
-    mbedtls_mpi_init( &DQ );
-    mbedtls_mpi_init( &QP );
+    mbedtls_mpi T;
+    mbedtls_mpi_init( &T );
 
     p = (unsigned char *) key;
     end = p + keylen;
@@ -749,9 +746,9 @@
         goto cleanup;
 
     /* Check optional parameters */
-    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &DP ) ) != 0 ||
-        ( ret = mbedtls_asn1_get_mpi( &p, end, &DQ ) ) != 0 ||
-        ( ret = mbedtls_asn1_get_mpi( &p, end, &QP ) ) != 0 )
+    if( ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
+        ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 ||
+        ( ret = mbedtls_asn1_get_mpi( &p, end, &T ) ) != 0 )
         goto cleanup;
 
     if( p != end )
@@ -762,12 +759,11 @@
 
 cleanup:
 
-    mbedtls_mpi_free( &DP );
-    mbedtls_mpi_free( &DQ );
-    mbedtls_mpi_free( &QP );
+    mbedtls_mpi_free( &T );
 
     if( ret != 0 )
     {
+        /* Wrap error code if it's coming from a lower level */
         if( ( ret & 0xff80 ) == 0 )
             ret = MBEDTLS_ERR_PK_KEY_INVALID_FORMAT + ret;
         else