diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-20 16:49:11 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-21 14:24:56 +0200 |
commit | fae0a53388115ea429c752c1a958db85dbc402bb (patch) | |
tree | 2d59b067101e6a0a22ab236e2586d779b4b12754 /lib/x509/privkey_pkcs8.c | |
parent | 94629c8fdaa44a362cf983c0d998c31ed8526bbc (diff) | |
download | gnutls-fae0a53388115ea429c752c1a958db85dbc402bb.tar.gz |
_decode_pkcs8_eddsa_key: ensure that the key size read matches the curve size
That is, in the newly introduced ed25519 keys we didn't check
whether the input size in the PKCS#8 file matched the curve
size.
Found using oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/x509/privkey_pkcs8.c')
-rw-r--r-- | lib/x509/privkey_pkcs8.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 620357110f..e5d14a7c8d 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1056,6 +1056,10 @@ _decode_pkcs8_eddsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey, const c return gnutls_assert_val(ret); } + if (tmp.size != ce->size) { + gnutls_free(tmp.data); + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + } gnutls_free(pkey->params.raw_priv.data); pkey->params.algo = GNUTLS_PK_EDDSA_ED25519; pkey->params.raw_priv.data = tmp.data; @@ -1334,6 +1338,8 @@ gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key, goto cleanup; } + /* This part is necessary to get the public key on certain algorithms. + * In the import above we only get the private key. */ result = _gnutls_pk_fixup(key->pk_algorithm, GNUTLS_IMPORT, &key->params); if (result < 0) { |