diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-14 10:43:45 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-12-14 11:12:20 +0100 |
| commit | aaa0275e1b517dca2f369b434c9e431bd7ae4d26 (patch) | |
| tree | f0ea2476fcc918f85d784a3981f071de268a9fa8 | |
| parent | c1271082daa4cd0eceeec9ac8fe0378cf4cfa911 (diff) | |
| download | gnutls-aaa0275e1b517dca2f369b434c9e431bd7ae4d26.tar.gz | |
PKCS#5,7 decryption: fail without leak on unknown MAC
| -rw-r--r-- | lib/x509/privkey_pkcs8.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 46eee35269..ccfb652d0a 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1669,7 +1669,10 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, kdf_params->iter_count, kdf_params->salt_size, kdf_params->salt, key_size, key); - else return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + else { + result = gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + goto error; + } } else if (p != NULL) { /* PKCS 12 schema */ result = _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1), |