summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJustus Winter <justus@sequoia-pgp.org>2021-10-05 15:39:24 +0200
committerJustus Winter <justus@sequoia-pgp.org>2021-10-05 15:39:24 +0200
commitc7f1a82028eecda12231390e76ebd9d8bdf14882 (patch)
tree6ba66cacc70c104b326e91d967facf9020f80910
parented938836a6928ae4daae9ac3ce8dc68ed21f3407 (diff)
openpgp: Fix crash in the CNG backend.
Diffstat
-rw-r--r--openpgp/src/crypto/backend/cng/asymmetric.rs18
1 files changed, 14 insertions, 4 deletions
diff --git a/openpgp/src/crypto/backend/cng/asymmetric.rs b/openpgp/src/crypto/backend/cng/asymmetric.rs
index 5f9addc7..c573acc4 100644
--- a/openpgp/src/crypto/backend/cng/asymmetric.rs
+++ b/openpgp/src/crypto/backend/cng/asymmetric.rs
@@ -194,8 +194,13 @@ impl Signer for KeyPair {
let blob: DsaPrivateBlob = match version {
Version::V1 => {
let mut group = [0; 20];
- assert!(q.value().len() >= 20);
- group[..q.value().len()].copy_from_slice(q.value());
+ if let Ok(v) = q.value_padded(group.len()) {
+ group[..].copy_from_slice(&v);
+ } else {
+ return Err(Error::InvalidOperation(
+ "DSA keys' group parameter exceeds 160 bits"
+ .to_string()).into());
+ }
DsaPrivateBlob::V1(Blob::<DsaKeyPrivateBlob>::clone_from_parts(
&winapi::shared::bcrypt::BCRYPT_DSA_KEY_BLOB {
@@ -485,8 +490,13 @@ impl<P: key::KeyParts, R: key::KeyRole> Key<P, R> {
let blob: DsaPublicBlob = match version {
Version::V1 => {
let mut group = [0; 20];
- assert!(q.value().len() >= 20);
- group[..q.value().len()].copy_from_slice(q.value());
+ if let Ok(v) = q.value_padded(group.len()) {
+ group[..].copy_from_slice(&v);
+ } else {
+ return Err(Error::InvalidOperation(
+ "DSA keys' group parameter exceeds 160 bits"
+ .to_string()).into());
+ }
DsaPublicBlob::V1(Blob::<DsaKeyPublicBlob>::clone_from_parts(
&winapi::shared::bcrypt::BCRYPT_DSA_KEY_BLOB {
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 20:38:20 +0000