Move the ECC key initializer before checking the cert.

2022-05-09 21:35:32 -07:00 · 2022-05-09 21:35:32 -07:00 · 269c7f56df
parent 2385e0d266
commit 269c7f56df
1 changed files with 7 additions and 7 deletions
--- a/src/internal.c
+++ b/src/internal.c
@ -4707,13 +4707,6 @@ static int DoUserAuthRequestEccCert(WOLFSSH* ssh, WS_UserAuthData_PublicKey* pk,
 #endif
    }

-#ifdef WOLFSSH_CERTS
-    if (ret == WS_SUCCESS) {
-        ret = wolfSSH_CERTMAN_VerifyCert_buffer(ssh->ctx->certMan,
-                pk->publicKey, pk->publicKeySz);
-    }
-#endif /* WOLFSSH_CERTS */
-
    if (ret == WS_SUCCESS) {
        ret = wc_ecc_init_ex(key_ptr, ssh->ctx->heap, INVALID_DEVID);
        if (ret == 0) {
@ -4721,6 +4714,13 @@ static int DoUserAuthRequestEccCert(WOLFSSH* ssh, WS_UserAuthData_PublicKey* pk,
        }
    }

+#ifdef WOLFSSH_CERTS
+    if (ret == WS_SUCCESS) {
+        ret = wolfSSH_CERTMAN_VerifyCert_buffer(ssh->ctx->certMan,
+                pk->publicKey, pk->publicKeySz);
+    }
+#endif /* WOLFSSH_CERTS */
+
    if (ret == WS_SUCCESS) {
        byte big[1024];
        word32 bigSz = sizeof big;