diff options
-rw-r--r-- | lib/privkey.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/lib/privkey.c b/lib/privkey.c index 1010cdff7a..c5d466dde6 100644 --- a/lib/privkey.c +++ b/lib/privkey.c @@ -689,6 +689,10 @@ gnutls_privkey_import_ext(gnutls_privkey_t pkey, decrypt_func, NULL, flags); } +#define CHECK_EXT_PK(pk) \ + if (pk != GNUTLS_PK_RSA && pk != GNUTLS_PK_ECDSA && pk != GNUTLS_PK_DSA) \ + return gnutls_assert_val(GNUTLS_E_CERTIFICATE_ERROR) + /** * gnutls_privkey_import_ext2: * @pkey: The private key @@ -733,6 +737,8 @@ gnutls_privkey_import_ext2(gnutls_privkey_t pkey, return ret; } + CHECK_EXT_PK(pk); + if (sign_fn == NULL && decrypt_fn == NULL) return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); @@ -813,6 +819,8 @@ gnutls_privkey_import_ext3(gnutls_privkey_t pkey, pkey->pk_algorithm = pkey->key.ext.info_func(pkey, GNUTLS_PRIVKEY_INFO_PK_ALGO, pkey->key.ext.userdata); + CHECK_EXT_PK(pkey->pk_algorithm); + /* Ensure gnutls_privkey_deinit() calls the deinit_func */ if (deinit_fn) pkey->flags |= GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE; |