diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-27 16:53:57 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-03 11:57:52 +0200 |
commit | 4256ef71a7842830f7a27061c31c36554a6b97cc (patch) | |
tree | 0ed46372269b378c67093afe6eaa8fbb046f02f4 /lib/x509/key_decode.c | |
parent | 86da29a32b34bd2f84f914f5749c260d9ff11add (diff) | |
download | gnutls-4256ef71a7842830f7a27061c31c36554a6b97cc.tar.gz |
Added convention for missing SubjectPublicKeyInfo params field
That is, when that field is missing, the spki_st structure field
pk will be set to GNUTLS_PK_UNKNOWN. In that case other fields
are undefined.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/x509/key_decode.c')
-rw-r--r-- | lib/x509/key_decode.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c index 97f240e783..6f5f9eadb5 100644 --- a/lib/x509/key_decode.c +++ b/lib/x509/key_decode.c @@ -450,10 +450,16 @@ int _gnutls_x509_check_pubkey_params(gnutls_pk_algorithm_t algo, { switch (algo) { case GNUTLS_PK_RSA_PSS: { - unsigned bits = pubkey_to_bits(params); - const mac_entry_st *me = hash_to_entry(params->spki.rsa_pss_dig); + unsigned bits; + const mac_entry_st *me; size_t hash_size; + if (params->spki.pk == GNUTLS_PK_UNKNOWN) /* no params present */ + return 0; + + bits = pubkey_to_bits(params); + + me = hash_to_entry(params->spki.rsa_pss_dig); if (unlikely(me == NULL)) return gnutls_assert_val(GNUTLS_E_CERTIFICATE_ERROR); |