diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-10-05 15:39:24 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-10-05 15:39:24 +0200 |
commit | c7f1a82028eecda12231390e76ebd9d8bdf14882 (patch) | |
tree | 6ba66cacc70c104b326e91d967facf9020f80910 /openpgp/src | |
parent | ed938836a6928ae4daae9ac3ce8dc68ed21f3407 (diff) |
openpgp: Fix crash in the CNG backend.
Diffstat (limited to 'openpgp/src')
-rw-r--r-- | openpgp/src/crypto/backend/cng/asymmetric.rs | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/openpgp/src/crypto/backend/cng/asymmetric.rs b/openpgp/src/crypto/backend/cng/asymmetric.rs index 5f9addc7..c573acc4 100644 --- a/openpgp/src/crypto/backend/cng/asymmetric.rs +++ b/openpgp/src/crypto/backend/cng/asymmetric.rs @@ -194,8 +194,13 @@ impl Signer for KeyPair { let blob: DsaPrivateBlob = match version { Version::V1 => { let mut group = [0; 20]; - assert!(q.value().len() >= 20); - group[..q.value().len()].copy_from_slice(q.value()); + if let Ok(v) = q.value_padded(group.len()) { + group[..].copy_from_slice(&v); + } else { + return Err(Error::InvalidOperation( + "DSA keys' group parameter exceeds 160 bits" + .to_string()).into()); + } DsaPrivateBlob::V1(Blob::<DsaKeyPrivateBlob>::clone_from_parts( &winapi::shared::bcrypt::BCRYPT_DSA_KEY_BLOB { @@ -485,8 +490,13 @@ impl<P: key::KeyParts, R: key::KeyRole> Key<P, R> { let blob: DsaPublicBlob = match version { Version::V1 => { let mut group = [0; 20]; - assert!(q.value().len() >= 20); - group[..q.value().len()].copy_from_slice(q.value()); + if let Ok(v) = q.value_padded(group.len()) { + group[..].copy_from_slice(&v); + } else { + return Err(Error::InvalidOperation( + "DSA keys' group parameter exceeds 160 bits" + .to_string()).into()); + } DsaPublicBlob::V1(Blob::<DsaKeyPublicBlob>::clone_from_parts( &winapi::shared::bcrypt::BCRYPT_DSA_KEY_BLOB { |