diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2008-05-30 11:54:51 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2008-05-30 11:54:51 +0000 |
| commit | 2f2f032497b00e4cb976ead5f5a536c1a68055c8 (patch) | |
| tree | 904efd48c500f7dd16690595dc51884ba0735aff /engines | |
| parent | feb200bbb3848f8ef7219cd93cb7d531b4515832 (diff) | |
Blob type and algorithm type sanity checks
Diffstat (limited to 'engines')
| -rw-r--r-- | engines/e_capi.c | 67 |
1 files changed, 42 insertions, 25 deletions
diff --git a/engines/e_capi.c b/engines/e_capi.c index c2ca152351..86fa204990 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -492,40 +492,57 @@ static EVP_PKEY *capi_load_privkey(ENGINE *eng, const char *key_id, } bh = (BLOBHEADER *)pubkey; - rp = (RSAPUBKEY *)(bh + 1); - rsa_modulus = (unsigned char *)(rp + 1); - rkey = RSA_new_method(eng); - if (!rkey) - goto memerr; + if (bh->bType != PUBLICKEYBLOB) + { + /* FIXME */ + fprintf(stderr, "Invalid public key blob\n"); + goto err; + } + if (bh->aiKeyAlg == CALG_RSA_SIGN || bh->aiKeyAlg == CALG_RSA_KEYX) + { + rp = (RSAPUBKEY *)(bh + 1); + rsa_modulus = (unsigned char *)(rp + 1); + rkey = RSA_new_method(eng); + if (!rkey) + goto memerr; - rkey->e = BN_new(); - rkey->n = BN_new(); + rkey->e = BN_new(); + rkey->n = BN_new(); - if (!rkey->e || !rkey->n) - goto memerr; + if (!rkey->e || !rkey->n) + goto memerr; - if (!BN_set_word(rkey->e, rp->pubexp)) - goto memerr; + if (!BN_set_word(rkey->e, rp->pubexp)) + goto memerr; - rsa_modlen = rp->bitlen / 8; + rsa_modlen = rp->bitlen / 8; - for(i = 0; i < rsa_modlen / 2; i++) - { - unsigned char c; - c = rsa_modulus[i]; - rsa_modulus[i] = rsa_modulus[rsa_modlen - i - 1]; - rsa_modulus[rsa_modlen - i - 1] = c; - } + for(i = 0; i < rsa_modlen / 2; i++) + { + unsigned char c; + c = rsa_modulus[i]; + rsa_modulus[i] = rsa_modulus[rsa_modlen - i - 1]; + rsa_modulus[rsa_modlen - i - 1] = c; + } - if (!BN_bin2bn(rsa_modulus, rsa_modlen, rkey->n)) - goto memerr; + if (!BN_bin2bn(rsa_modulus, rsa_modlen, rkey->n)) + goto memerr; - RSA_set_ex_data(rkey, rsa_capi_idx, key); + RSA_set_ex_data(rkey, rsa_capi_idx, key); + + if (!(ret = EVP_PKEY_new())) + goto memerr; + + EVP_PKEY_assign_RSA(ret, rkey); - if (!(ret = EVP_PKEY_new())) - goto memerr; - EVP_PKEY_assign_RSA(ret, rkey); + } + else + { + fprintf(stderr, "Unsupported Key Algorithm %x\n", + bh->aiKeyAlg); + goto err; + } err: if (pubkey) |