diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-01-04 09:26:07 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-01-04 13:41:14 +0100 |
commit | 365fe5725b7c1000605fc48696ded2ead22ca37c (patch) | |
tree | 4dc0b74e4e33ebc5c5f67dd840b4b47448ebd0a9 | |
parent | 78b99fbcc9881c7c34bdac237301c635bd85d681 (diff) | |
download | gnutls-365fe5725b7c1000605fc48696ded2ead22ca37c.tar.gz |
_gnutls_x509_read_dsa_params: update params structure parameters size on successful read
That will allow proper deinitialization of the parameters even if
the structure fill up doesn't succeed.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/x509/key_decode.c | 12 | ||||
-rw-r--r-- | lib/x509/mpi.c | 39 |
2 files changed, 29 insertions, 22 deletions
diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c index f1ce99f6b3..1e5cc43c3a 100644 --- a/lib/x509/key_decode.c +++ b/lib/x509/key_decode.c @@ -173,6 +173,9 @@ _gnutls_x509_read_dsa_params(uint8_t * der, int dersize, asn1_delete_structure(&spk); + params->params_nr = 3; /* public key is missing */ + params->algo = GNUTLS_PK_DSA; + return 0; } @@ -231,6 +234,8 @@ _gnutls_x509_read_ecc_params(uint8_t * der, int dersize, } +/* This function must be called after _gnutls_x509_read_params() + */ int _gnutls_x509_read_pubkey(gnutls_pk_algorithm_t algo, uint8_t * der, int dersize, gnutls_pk_params_st * params) { @@ -245,6 +250,9 @@ int _gnutls_x509_read_pubkey(gnutls_pk_algorithm_t algo, uint8_t * der, } break; case GNUTLS_PK_DSA: + if (params->params_nr != 3) /* _gnutls_x509_read_pubkey_params must have been called */ + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + ret = _gnutls_x509_read_dsa_pubkey(der, dersize, params); if (ret >= 0) { params->algo = GNUTLS_PK_DSA; @@ -265,6 +273,8 @@ int _gnutls_x509_read_pubkey(gnutls_pk_algorithm_t algo, uint8_t * der, return ret; } +/* This function must be called prior to _gnutls_x509_read_pubkey() + */ int _gnutls_x509_read_pubkey_params(gnutls_pk_algorithm_t algo, uint8_t * der, int dersize, gnutls_pk_params_st * params) @@ -289,7 +299,5 @@ int _gnutls_x509_read_dsa_pubkey(uint8_t * der, int dersize, gnutls_pk_params_st * params) { - /* do not set a number */ - params->params_nr = 0; return _gnutls_x509_read_der_int(der, dersize, ¶ms->params[3]); } diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c index 559e0284c5..4852941763 100644 --- a/lib/x509/mpi.c +++ b/lib/x509/mpi.c @@ -91,25 +91,6 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root, /* Read the algorithm's parameters */ - _asnstr_append_name(name, sizeof(name), root, ".subjectPublicKey"); - result = _gnutls_x509_read_value(asn, name, &tmp); - - if (result < 0) { - gnutls_assert(); - return result; - } - - if ((result = - _gnutls_x509_read_pubkey(pk_algorithm, tmp.data, tmp.size, - params)) < 0) { - gnutls_assert(); - goto error; - } - - /* Now read the parameters - */ - _gnutls_free_datum(&tmp); - _asnstr_append_name(name, sizeof(name), root, ".algorithm.parameters"); @@ -132,11 +113,29 @@ _gnutls_get_asn_mpis(ASN1_TYPE asn, const char *root, gnutls_assert(); goto error; } + + _gnutls_free_datum(&tmp); + } + + /* Now read the public key */ + _asnstr_append_name(name, sizeof(name), root, ".subjectPublicKey"); + + result = _gnutls_x509_read_value(asn, name, &tmp); + if (result < 0) { + gnutls_assert(); + goto error; + } + + if ((result = + _gnutls_x509_read_pubkey(pk_algorithm, tmp.data, tmp.size, + params)) < 0) { + gnutls_assert(); + goto error; } result = 0; - error: + error: if (result < 0) gnutls_pk_params_release(params); _gnutls_free_datum(&tmp); |