summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2015-06-26 08:07:01 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2015-06-26 08:18:02 +0200
commit88690fb18480f80c90c9a25cfdf0813d5c971416 (patch)
treeb5abb0a2841ecefa790613ff6238f44e603fcad5 /lib
parentaf495377638fa82e8443f3b198e221317fd187bb (diff)
downloadgnutls-88690fb18480f80c90c9a25cfdf0813d5c971416.tar.gz
enhanced header matching code for private keys to skip unrelated data
Diffstat (limited to 'lib')
-rw-r--r--lib/x509/privkey.c26
1 files changed, 21 insertions, 5 deletions
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index c4044e60eb..e1cdf71394 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -654,13 +654,29 @@ gnutls_x509_privkey_import2(gnutls_x509_privkey_t key,
unsigned head_enc = 1;
if (format == GNUTLS_X509_FMT_PEM) {
- unsigned size;
- char *ptr = memmem(data->data, data->size, "-----BEGIN ", sizeof("-----BEGIN ")-1);
+ size_t left;
+ char *ptr;
+
+ ptr = memmem(data->data, data->size, "PRIVATE KEY-----", sizeof("PRIVATE KEY-----")-1);
+
if (ptr != NULL) {
- ptr += sizeof("-----BEGIN ")-1;
- size = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data);
+ left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data);
+
+ if (data->size - left > 15) {
+ ptr -= 15;
+ left += 15;
+ } else {
+ ptr = (char*)data->data;
+ left = data->size;
+ }
+
+ ptr = memmem(ptr, left, "-----BEGIN ", sizeof("-----BEGIN ")-1);
+ if (ptr != NULL) {
+ ptr += sizeof("-----BEGIN ")-1;
+ left = data->size - ((ptrdiff_t)ptr - (ptrdiff_t)data->data);
+ }
- if (size > sizeof(PEM_KEY_RSA)) {
+ if (ptr != NULL && left > sizeof(PEM_KEY_RSA)) {
if (memcmp(ptr, PEM_KEY_RSA, sizeof(PEM_KEY_RSA)-1) == 0 ||
memcmp(ptr, PEM_KEY_ECC, sizeof(PEM_KEY_ECC)-1) == 0 ||
memcmp(ptr, PEM_KEY_DSA, sizeof(PEM_KEY_DSA)-1) == 0) {
View Lorry Controller Status