Skip to content

Commit 25d14f1

Browse files
dgarskedgarske
committed
Fail with NOT_COMPILED_IN if someone tries to use ConfirmSignature with NO_ASN_CRYPT. Also default to signature failed.
1 parent a18d016 commit 25d14f1

1 file changed

Lines changed: 3 additions & 3 deletions

File tree

wolfcrypt/src/asn.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16612,7 +16612,7 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
1661216612
const byte* sigParams, word32 sigParamsSz,
1661316613
byte* rsaKeyIdx)
1661416614
{
16615-
int ret = 0;
16615+
int ret = ASN_SIG_CONFIRM_E; /* default to failure */
1661616616
#if defined(WOLFSSL_RENESAS_TSIP_TLS) || defined(WOLFSSL_RENESAS_FSPSM_TLS)
1661716617
CertAttribute* certatt = NULL;
1661816618
#endif
@@ -17749,8 +17749,8 @@ static int ConfirmSignature(SignatureCtx* sigCtx,
1774917749
exit_cs:
1775017750

1775117751
#else
17752-
/* Warning: The NO_ASN_CRYPT option skips signature checking! */
17753-
ret = 0; /* allow unchecked signature */
17752+
/* For NO_ASN_CRYPT return "not compiled in" */
17753+
ret = NOT_COMPILED_IN;
1775417754
#endif /* !NO_ASN_CRYPT */
1775517755

1775617756
(void)keyOID;

0 commit comments

Comments
 (0)