diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-20 16:43:18 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-21 14:25:01 +0200 |
| commit | a761afe3dce139beffa7857c10c7136f83320c3d (patch) | |
| tree | 174324da45f138d68e7cf973a31012298277bcee | |
| parent | fae0a53388115ea429c752c1a958db85dbc402bb (diff) | |
| download | gnutls-a761afe3dce139beffa7857c10c7136f83320c3d.tar.gz | |
Ensure that public key parameters are initialized on import
Previously we depended on initialization during the _init()
call, however, there can be cases where this re-initialization
is needed (e.g., on multiple tries to load a key).
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/nettle/pk.c | 3 | ||||
| -rw-r--r-- | lib/x509/privkey.c | 4 | ||||
| -rw-r--r-- | lib/x509/privkey_pkcs8.c | 6 |
3 files changed, 12 insertions, 1 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 1fda529ed0..c2ad4efd30 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -2323,6 +2323,9 @@ wrap_nettle_pk_fixup(gnutls_pk_algorithm_t algo, if (params->flags != GNUTLS_ECC_CURVE_ED25519) return gnutls_assert_val(GNUTLS_E_ECC_UNSUPPORTED_CURVE); + if (params->raw_priv.data == NULL) + return gnutls_assert_val(GNUTLS_E_PK_INVALID_PRIVKEY); + if (params->raw_pub.data == NULL) { params->raw_pub.data = gnutls_malloc(params->raw_priv.size); } diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index 7ecdab0129..b4af486dfc 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -1033,6 +1033,8 @@ gnutls_x509_privkey_import_dsa_raw(gnutls_x509_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } + gnutls_pk_params_init(&key->params); + siz = p->size; if (_gnutls_mpi_init_scan_nz(&key->params.params[0], p->data, siz)) { gnutls_assert(); @@ -1127,6 +1129,8 @@ gnutls_x509_privkey_import_ecc_raw(gnutls_x509_privkey_t key, return GNUTLS_E_INVALID_REQUEST; } + gnutls_pk_params_init(&key->params); + key->params.flags = curve; if (curve_is_eddsa(curve)) { diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index e5d14a7c8d..23b27ec8c3 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -1,6 +1,6 @@ /* * Copyright (C) 2003-2016 Free Software Foundation, Inc. - * Copyright (C) 2014-2016 Red Hat + * Copyright (C) 2014-2017 Red Hat * Copyright (C) 2014-2016 Nikos Mavrogiannopoulos * * Author: Nikos Mavrogiannopoulos @@ -1042,6 +1042,8 @@ _decode_pkcs8_eddsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey, const c gnutls_ecc_curve_t curve = GNUTLS_ECC_CURVE_INVALID; const gnutls_ecc_curve_entry_st *ce; + gnutls_pk_params_init(&pkey->params); + curve = gnutls_oid_to_ecc_curve(oid); if (curve == GNUTLS_ECC_CURVE_INVALID) { _gnutls_debug_log("PKCS#8: unknown curve OID %s\n", oid); @@ -1081,6 +1083,8 @@ _decode_pkcs8_dsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey) int ret; gnutls_datum_t tmp; + gnutls_pk_params_init(&pkey->params); + ret = _gnutls_x509_read_value(pkcs8_asn, "privateKey", &tmp); if (ret < 0) { gnutls_assert(); |