diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-03 11:03:44 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-04 10:38:16 +0200 |
commit | 3c3833b9a2225f45499d622ab91131c38ea94e83 (patch) | |
tree | efd0975ee01ed371f7386dbd4562415b3876904d | |
parent | a014a729c7ed16ce894399341fc68f1928ee51f3 (diff) | |
download | gnutls-3c3833b9a2225f45499d622ab91131c38ea94e83.tar.gz |
gnutls_x509_*_set_spki: removed arbitrary restrictions to setting parameters
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/x509/crq.c | 7 | ||||
-rw-r--r-- | lib/x509/x509_write.c | 15 |
2 files changed, 1 insertions, 21 deletions
diff --git a/lib/x509/crq.c b/lib/x509/crq.c index adb745edf5..d4ec81cd4a 100644 --- a/lib/x509/crq.c +++ b/lib/x509/crq.c @@ -3278,13 +3278,8 @@ gnutls_x509_crq_set_spki(gnutls_x509_crq_t crq, return result; } - if (params.rsa_pss_dig != spki->rsa_pss_dig || - params.salt_size > spki->salt_size) { - gnutls_assert(); - return GNUTLS_E_INVALID_REQUEST; - } - params.salt_size = spki->salt_size; + params.rsa_pss_dig = spki->rsa_pss_dig; } result = _gnutls_x509_write_spki_params(crq->crq, diff --git a/lib/x509/x509_write.c b/lib/x509/x509_write.c index 567e5fd11a..641940f26c 100644 --- a/lib/x509/x509_write.c +++ b/lib/x509/x509_write.c @@ -2069,21 +2069,6 @@ gnutls_x509_crt_set_spki(gnutls_x509_crt_t crt, return result; } - if (params.rsa_pss_dig != GNUTLS_DIG_UNKNOWN) { - if (params.rsa_pss_dig != spki->rsa_pss_dig) { - _gnutls_debug_log("Asked to set RSA-PSS SPKI with %s, while we have %s\n", - gnutls_digest_get_name(spki->rsa_pss_dig), - gnutls_digest_get_name(params.rsa_pss_dig)); - return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR); - } - - if (params.salt_size > spki->salt_size) { - _gnutls_debug_log("Asked to set RSA-PSS SPKI with salt size %d, while we have %d\n", - (int)spki->salt_size, (int)params.salt_size); - return gnutls_assert_val(GNUTLS_E_CONSTRAINT_ERROR); - } - } - params.salt_size = spki->salt_size; params.rsa_pss_dig = spki->rsa_pss_dig; } |