nts: don't load zero-length keys with unsupported algorithm

Don't load keys and cookies from the client's dump file if it has an
unsupported algorithm and unparseable keys (matching the algorithm's
expected length of zero). They would fail all SIV operations and trigger
new NTS-KE session.

diff --git a/nts_ntp_client.c b/nts_ntp_client.c
index 10cf0712205d2a3a0a8e536c9ca063a5d3ff7801..2f4b72835c89eeec0cbe56da73f02be78230d93c 100644 (file)
--- a/nts_ntp_client.c
+++ b/nts_ntp_client.c
@@ -650,6 +650,7 @@ load_cookies(NNC_Instance inst)
                                             sizeof (inst->context.c2s.key));
 
   if (inst->context.s2c.length != SIV_GetKeyLength(algorithm) ||
+      inst->context.s2c.length <= 0 ||
       inst->context.c2s.length != inst->context.s2c.length)
     goto error;