From: Nikos Mavrogiannopoulos Date: Tue, 13 Nov 2018 21:49:26 +0000 (+0100) Subject: _gnutls_x509_read_eddsa_pubkey(): sanity check the input values X-Git-Tag: gnutls_3_6_5~25^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d6cb0fb1272292a52b5bc6b3a293fbf7ec043ca4;p=thirdparty%2Fgnutls.git _gnutls_x509_read_eddsa_pubkey(): sanity check the input values Signed-off-by: Nikos Mavrogiannopoulos --- diff --git a/lib/x509/key_decode.c b/lib/x509/key_decode.c index 02b381ec85..c20b841654 100644 --- a/lib/x509/key_decode.c +++ b/lib/x509/key_decode.c @@ -38,8 +38,9 @@ static int _gnutls_x509_read_dsa_pubkey(uint8_t * der, int dersize, gnutls_pk_params_st * params); static int _gnutls_x509_read_ecc_pubkey(uint8_t * der, int dersize, gnutls_pk_params_st * params); -static int _gnutls_x509_read_eddsa_pubkey(uint8_t * der, int dersize, - gnutls_pk_params_st * params); +static int _gnutls_x509_read_eddsa_pubkey(gnutls_ecc_curve_t curve, + uint8_t * der, int dersize, + gnutls_pk_params_st * params); static int _gnutls_x509_read_gost_pubkey(uint8_t * der, int dersize, gnutls_pk_params_st * params); @@ -114,9 +115,14 @@ _gnutls_x509_read_ecc_pubkey(uint8_t * der, int dersize, ¶ms->params[ECC_Y]); } -int _gnutls_x509_read_eddsa_pubkey(uint8_t * der, int dersize, +int _gnutls_x509_read_eddsa_pubkey(gnutls_ecc_curve_t curve, + uint8_t * der, int dersize, gnutls_pk_params_st * params) { + int size = gnutls_ecc_curve_get_size(curve); + if (dersize != size) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + return _gnutls_set_datum(¶ms->raw_pub, der, dersize); } @@ -554,7 +560,7 @@ int _gnutls_x509_read_pubkey(gnutls_pk_algorithm_t algo, uint8_t * der, } break; case GNUTLS_PK_EDDSA_ED25519: - ret = _gnutls_x509_read_eddsa_pubkey(der, dersize, params); + ret = _gnutls_x509_read_eddsa_pubkey(GNUTLS_ECC_CURVE_ED25519, der, dersize, params); break; case GNUTLS_PK_GOST_01: case GNUTLS_PK_GOST_12_256: