diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-06-26 08:07:01 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-06-26 08:18:02 +0200 |
commit | 88690fb18480f80c90c9a25cfdf0813d5c971416 (patch) | |
tree | b5abb0a2841ecefa790613ff6238f44e603fcad5 /lib | |
parent | af495377638fa82e8443f3b198e221317fd187bb (diff) | |
download | gnutls-88690fb18480f80c90c9a25cfdf0813d5c971416.tar.gz |
enhanced header matching code for private keys to skip unrelated data
Diffstat (limited to 'lib')
-rw-r--r-- | lib/x509/privkey.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index c4044e60eb..e1cdf71394 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -654,13 +654,29 @@ gnutls_x509_privkey_import2(gnutls_x509_privkey_t key, unsigned head_enc = 1; if (format == GNUTLS_X509_FMT_PEM) { - unsigned size; - char *ptr = memmem(data->data, data->size, "-----BEGIN ", sizeof("-----BEGIN ")-1); + size_t left; + char *ptr; + + ptr = memmem(data->data, data->size, "PRIVATE KEY-----", sizeof("PRIVATE KEY-----")-1); + if (ptr != NULL) { - ptr += sizeof("-----BEGIN ")-1; - size = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data); + left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data); + + if (data->size - left > 15) { + ptr -= 15; + left += 15; + } else { + ptr = (char*)data->data; + left = data->size; + } + + ptr = memmem(ptr, left, "-----BEGIN ", sizeof("-----BEGIN ")-1); + if (ptr != NULL) { + ptr += sizeof("-----BEGIN ")-1; + left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data); + } - if (size > sizeof(PEM_KEY_RSA)) { + if (ptr != NULL && left > sizeof(PEM_KEY_RSA)) { if (memcmp(ptr, PEM_KEY_RSA, sizeof(PEM_KEY_RSA)-1) == 0 || memcmp(ptr, PEM_KEY_ECC, sizeof(PEM_KEY_ECC)-1) == 0 || memcmp(ptr, PEM_KEY_DSA, sizeof(PEM_KEY_DSA)-1) == 0) { |