TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add missing check of the OID

Browse Source
This commit is contained in:
Steffen Jaeckel 2014-08-25 20:09:44 +02:00
parent 6bba3a2a70
commit b06270645e
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/pk/asn1/der/sequence/der_decode_subject_public_key_info.c
View File

@ -46,6 +46,7 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
LTC_ARGCHK(in != NULL);
LTC_ARGCHK(inlen != 0);
LTC_ARGCHK(public_key_len != NULL);
err = pk_get_oid(algorithm, &oid);
if (err != CRYPT_OK) {
@ -63,8 +64,8 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0]));
LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, parameters_len);
/* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a **BIT** string ... so we have to extract it
then proceed to convert bit to octet
/* the actual format of the SSL DER key is odd, it stores a RSAPublicKey
* in a **BIT** string ... so we have to extract it then proceed to convert bit to octet
*/
LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2);
LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, MAX_RSA_SIZE*8);
@ -74,6 +75,13 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
goto LBL_ERR;
}
if ((alg_id[0].size != oid.OIDlen) ||
memcmp(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) {
/* OID mismatch */
err = CRYPT_PK_INVALID_TYPE;
goto LBL_ERR;
}
len = subject_pubkey[1].size/8;
if (*public_key_len > len) {
memcpy(public_key, subject_pubkey[1].data, len);