adding RSA-PSS macro guard around CRL use

2024-01-15 15:33:01 -07:00
parent b38e20a721
commit 114d11a8d8
1 changed files with 16 additions and 4 deletions
--- a/src/crl.c
+++ b/src/crl.c
@@ -138,7 +138,6 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
        crle->tbsSz = dcrl->sigIndex - dcrl->certBegin;
        crle->signatureSz = dcrl->sigLength;
        crle->signatureOID = dcrl->signatureOID;
-        crle->sigParamsSz = dcrl->sigParamsLength;
        crle->toBeSigned = (byte*)XMALLOC(crle->tbsSz, heap,
                                          DYNAMIC_TYPE_CRL_ENTRY);
        if (crle->toBeSigned == NULL)
@@ -151,6 +150,8 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
            return -1;
        }

+    #ifdef WC_RSA_PSS
+        crle->sigParamsSz = dcrl->sigParamsLength;
        if (dcrl->sigParamsLength > 0) {
            crle->sigParams = (byte*)XMALLOC(crle->sigParamsSz, heap,
                                             DYNAMIC_TYPE_CRL_ENTRY);
@@ -164,6 +165,7 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl, const byte* buff,
            XMEMCPY(crle->sigParams, buff + dcrl->sigParamsIndex,
                crle->sigParamsSz);
        }
+    #endif
        XMEMCPY(crle->toBeSigned, buff + dcrl->certBegin, crle->tbsSz);
        XMEMCPY(crle->signature, dcrl->signature, crle->signatureSz);
    #ifndef NO_SKID
@@ -221,8 +223,10 @@ static void CRL_Entry_free(CRL_Entry* crle, void* heap)
        XFREE(crle->signature, heap, DYNAMIC_TYPE_CRL_ENTRY);
    if (crle->toBeSigned != NULL)
        XFREE(crle->toBeSigned, heap, DYNAMIC_TYPE_CRL_ENTRY);
+#ifdef WC_RSA_PSS
    if (crle->sigParams != NULL)
        XFREE(crle->sigParams, heap, DYNAMIC_TYPE_CRL_ENTRY);
+#endif
 #if defined(OPENSSL_EXTRA)
    if (crle->issuer != NULL) {
        FreeX509Name(crle->issuer);
@@ -759,16 +763,24 @@ static CRL_Entry* DupCRL_Entry(const CRL_Entry* ent, void* heap)
                                          DYNAMIC_TYPE_CRL_ENTRY);
        dupl->signature = (byte*)XMALLOC(dupl->signatureSz, heap,
                                         DYNAMIC_TYPE_CRL_ENTRY);
+#ifdef WC_RSA_PSS
        dupl->sigParams = (byte*)XMALLOC(dupl->sigParamsSz, heap,
                                         DYNAMIC_TYPE_CRL_ENTRY);
-        if (dupl->toBeSigned == NULL || dupl->signature == NULL ||
-                dupl->sigParams == NULL) {
+#endif
+        if (dupl->toBeSigned == NULL || dupl->signature == NULL) {
            CRL_Entry_free(dupl, heap);
            return NULL;
        }
        XMEMCPY(dupl->toBeSigned, ent->toBeSigned, dupl->tbsSz);
-        XMEMCPY(dupl->sigParams, ent->sigParams, dupl->sigParamsSz);
        XMEMCPY(dupl->signature, ent->signature, dupl->signatureSz);
+
+#ifdef WC_RSA_PSS
+        if (dupl->sigParams == NULL) {
+            CRL_Entry_free(dupl, heap);
+            return NULL;
+        }
+        XMEMCPY(dupl->sigParams, ent->sigParams, dupl->sigParamsSz);
+#endif
    }
    else {
        dupl->toBeSigned = NULL;