Added convention for missing SubjectPublicKeyInfo params field

That is, when that field is missing, the spki_st structure field pk will be set to GNUTLS_PK_UNKNOWN. In that case other fields are undefined. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-07-27 16:53:57 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-08-03 11:57:52 +0200
commit: 4256ef71a7842830f7a27061c31c36554a6b97cc (patch)
tree: 0ed46372269b378c67093afe6eaa8fbb046f02f4 /lib/x509/key_decode.c
parent: 86da29a32b34bd2f84f914f5749c260d9ff11add (diff)
download: gnutls-4256ef71a7842830f7a27061c31c36554a6b97cc.tar.gz
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c
index 97f240e783..6f5f9eadb5 100644
--- a/lib/x509/key_decode.c
+++ b/lib/x509/key_decode.c
@@ -450,10 +450,16 @@ int _gnutls_x509_check_pubkey_params(gnutls_pk_algorithm_t algo,
 {
 	switch (algo) {
 	case GNUTLS_PK_RSA_PSS: {
-		unsigned bits = pubkey_to_bits(params);
-		const mac_entry_st *me = hash_to_entry(params->spki.rsa_pss_dig);
+		unsigned bits;
+		const mac_entry_st *me;
 		size_t hash_size;
 
+		if (params->spki.pk == GNUTLS_PK_UNKNOWN) /* no params present */
+			return 0;
+
+		bits = pubkey_to_bits(params);
+
+		me = hash_to_entry(params->spki.rsa_pss_dig);
 		if (unlikely(me == NULL))
 			return gnutls_assert_val(GNUTLS_E_CERTIFICATE_ERROR);
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-07-27 16:53:57 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-08-03 11:57:52 +0200
commit	4256ef71a7842830f7a27061c31c36554a6b97cc (patch)
tree	0ed46372269b378c67093afe6eaa8fbb046f02f4 /lib/x509/key_decode.c
parent	86da29a32b34bd2f84f914f5749c260d9ff11add (diff)
download	gnutls-4256ef71a7842830f7a27061c31c36554a6b97cc.tar.gz