[rsa] Actually check the unused-bits byte in the public key bit string

Signed-off-by: Michael Brown <mcb30@ipxe.org>

diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c
index a0bf39eb8a74f3e75af2457a1fa6cee2679c695c..6aa6e8971d7069b556472e6e5a05a9d41affa809 100644 (file)
--- a/src/crypto/rsa.c
+++ b/src/crypto/rsa.c
@@ -236,12 +236,13 @@ static int rsa_init ( void *ctx, const void *key, size_t key_len ) {
 
                /* Check and skip unused-bits byte of bit string */
                bit_string = cursor.data;
-               if ( cursor.len < 1 ) {
+               if ( ( cursor.len < sizeof ( *bit_string ) ) ||
+                    ( bit_string->unused != 0 ) ) {
                        rc = -EINVAL;
                        goto err_parse;
                }
-               cursor.data++;
-               cursor.len--;
+               cursor.data = &bit_string->data;
+               cursor.len -= offsetof ( typeof ( *bit_string ), data );
 
                /* Enter RSAPublicKey */
                asn1_enter ( &cursor, ASN1_SEQUENCE );