diff options
author | Jakub Jelen <jjelen@redhat.com> | 2020-02-28 18:40:42 +0100 |
---|---|---|
committer | Jakub Jelen <jjelen@redhat.com> | 2020-03-18 09:31:42 +0100 |
commit | 45a3f29fc37111d4f78138f1b069ca6fdee74189 (patch) | |
tree | 38f017abae1f2a6822579c1c7883ce2c70b1b3aa /lib | |
parent | 287f02228ed659ba0912e4359fb20171cd47ccb1 (diff) | |
download | gnutls-45a3f29fc37111d4f78138f1b069ca6fdee74189.tar.gz |
pkcs11_write: Copy data to avoid double-free crashes and properly encode EC_POINT attribute
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/pkcs11_write.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index ab740dcd62..3ce794b076 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -358,7 +358,7 @@ static int add_pubkey(gnutls_pubkey_t pubkey, struct ck_attribute *a, unsigned * break; } case GNUTLS_PK_EDDSA_ED25519: { - gnutls_datum_t params; + gnutls_datum_t params, ecpoint; ret = _gnutls_x509_write_ecc_params(pubkey->params.curve, @@ -373,9 +373,18 @@ static int add_pubkey(gnutls_pubkey_t pubkey, struct ck_attribute *a, unsigned * a[*a_val].value_len = params.size; (*a_val)++; + ret = _gnutls_x509_encode_string(ASN1_ETYPE_OCTET_STRING, + pubkey->params.raw_pub.data, + pubkey->params.raw_pub.size, + &ecpoint); + if (ret < 0) { + gnutls_assert(); + return ret; + } + a[*a_val].type = CKA_EC_POINT; - a[*a_val].value = pubkey->params.raw_pub.data; - a[*a_val].value_len = pubkey->params.raw_pub.size; + a[*a_val].value = ecpoint.data; + a[*a_val].value_len = ecpoint.size; (*a_val)++; break; } |