From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 3 Aug 2017 14:29:18 +0000 (+0200)
Subject: gnutls_x509_privkey_set_spki: check validity of parameters set
X-Git-Tag: gnutls_3_6_0~158
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=78b693365707dfc5556040739dff7bcdcd70170c;p=thirdparty%2Fgnutls.git

gnutls_x509_privkey_set_spki: check validity of parameters set

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index b7c5038db0..c5236223df 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -1294,6 +1294,9 @@ gnutls_x509_privkey_get_spki(gnutls_x509_privkey_t key, gnutls_x509_spki_t spki,
 int
 gnutls_x509_privkey_set_spki(gnutls_x509_privkey_t key, const gnutls_x509_spki_t spki, unsigned int flags)
 {
+	gnutls_pk_params_st tparams;
+	int ret;
+
 	if (key == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_INVALID_REQUEST;
@@ -1302,6 +1305,12 @@ gnutls_x509_privkey_set_spki(gnutls_x509_privkey_t key, const gnutls_x509_spki_t
 	if (!_gnutls_pk_are_compat(key->params.algo, spki->pk))
                 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
+	memcpy(&tparams, &key->params, sizeof(gnutls_pk_params_st));
+	memcpy(&tparams.spki, spki, sizeof (gnutls_x509_spki_st));
+	ret = _gnutls_x509_check_pubkey_params(&tparams);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
+
 	memcpy(&key->params.spki, spki, sizeof (gnutls_x509_spki_st));
 
 	key->params.algo = spki->pk;