From d4258272c679c8bd42430fc2df57402cdc03d711 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 1 Dec 2025 16:02:54 +0000 Subject: [crypto] Construct signatures using ASN.1 builders Signed-off-by: Michael Brown --- src/drivers/net/iphone.c | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) (limited to 'src/drivers') diff --git a/src/drivers/net/iphone.c b/src/drivers/net/iphone.c index bcc9949fe..11f763553 100644 --- a/src/drivers/net/iphone.c +++ b/src/drivers/net/iphone.c @@ -362,7 +362,6 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, struct asn1_builder raw = { NULL, 0 }; uint8_t digest_ctx[SHA256_CTX_SIZE]; uint8_t digest_out[SHA256_DIGEST_SIZE]; - int len; int rc; /* Construct subjectPublicKeyInfo */ @@ -399,20 +398,12 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, digest_final ( digest, digest_ctx, digest_out ); /* Construct signature using "private" key */ - if ( ( rc = asn1_grow ( &raw, - pubkey_max_len ( pubkey, private ) ) ) != 0 ) { - DBGC ( icert, "ICERT %p could not build signature: %s\n", - icert, strerror ( rc ) ); - goto err_grow; - } - if ( ( len = pubkey_sign ( pubkey, private, digest, digest_out, - raw.data ) ) < 0 ) { - rc = len; + if ( ( rc = pubkey_sign ( pubkey, private, digest, digest_out, + &raw ) ) != 0 ) { DBGC ( icert, "ICERT %p could not sign: %s\n", icert, strerror ( rc ) ); goto err_pubkey_sign; } - assert ( ( ( size_t ) len ) == raw.len ); /* Construct raw certificate data */ if ( ( rc = ( asn1_prepend_raw ( &raw, icert_nul, @@ -438,12 +429,11 @@ static int icert_cert ( struct icert *icert, struct asn1_cursor *subject, err_x509: err_raw: err_pubkey_sign: + err_tbs: + err_spki: free ( raw.data ); - err_grow: free ( tbs.data ); - err_tbs: free ( spki.data ); - err_spki: return rc; } -- cgit v1.2.3-55-g7522