diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-12-24 19:08:54 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-12-24 19:25:10 +0200 |
| commit | 8ea2ef59b4eecaed0106093038ffeb98fe710f65 (patch) | |
| tree | f3c7adac6350cf946b5381dab3f085e2b7321b74 | |
| parent | 4e1f75e90a9f8ea99cf48b8653c4c3b664d59735 (diff) | |
| download | gnutls-8ea2ef59b4eecaed0106093038ffeb98fe710f65.tar.gz | |
Corrected encoding and decoding of ANSI X9.62
That affects gnutls_pubkey_export_ecc_x962() and
gnutls_pubkey_import_ecc_x962().
| -rw-r--r-- | lib/gnutls_pubkey.c | 30 |
1 files changed, 26 insertions, 4 deletions
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c index 99d5f24a5e..555580610b 100644 --- a/lib/gnutls_pubkey.c +++ b/lib/gnutls_pubkey.c @@ -961,21 +961,33 @@ int gnutls_pubkey_export_ecc_x962(gnutls_pubkey_t key, gnutls_datum_t * ecpoint) { int ret; + gnutls_datum_t raw_point = {NULL,0}; if (key == NULL || key->pk_algorithm != GNUTLS_PK_EC) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); - ret = _gnutls_x509_write_ecc_pubkey(&key->params, ecpoint); + ret = _gnutls_x509_write_ecc_pubkey(&key->params, &raw_point); if (ret < 0) return gnutls_assert_val(ret); + ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING, + raw_point.data, raw_point.size, ecpoint); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + ret = _gnutls_x509_write_ecc_params(key->params.flags, parameters); if (ret < 0) { _gnutls_free_datum(ecpoint); - return gnutls_assert_val(ret); + gnutls_assert(); + goto cleanup; } - return 0; + ret = 0; + cleanup: + gnutls_free(raw_point.data); + return ret; } /** @@ -1374,6 +1386,7 @@ gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, const gnutls_datum_t * ecpoint) { int ret; + gnutls_datum_t raw_point = {NULL,0}; if (key == NULL) { gnutls_assert(); @@ -1390,7 +1403,14 @@ gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, goto cleanup; } - ret = _gnutls_ecc_ansi_x963_import(ecpoint->data, ecpoint->size, + ret = _gnutls_x509_decode_string(ASN1_ETYPE_OCTET_STRING, + ecpoint->data, ecpoint->size, &raw_point); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = _gnutls_ecc_ansi_x963_import(raw_point.data, raw_point.size, &key->params.params[ECC_X], &key->params.params[ECC_Y]); if (ret < 0) { @@ -1400,10 +1420,12 @@ gnutls_pubkey_import_ecc_x962(gnutls_pubkey_t key, key->params.params_nr += 2; key->pk_algorithm = GNUTLS_PK_EC; + gnutls_free(raw_point.data); return 0; cleanup: gnutls_pk_params_release(&key->params); + gnutls_free(raw_point.data); return ret; } |