|
|
@@ -46,6 +46,7 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
|
|
|
|
|
|
LTC_ARGCHK(in != NULL);
|
|
|
LTC_ARGCHK(inlen != 0);
|
|
|
+ LTC_ARGCHK(public_key_len != NULL);
|
|
|
|
|
|
err = pk_get_oid(algorithm, &oid);
|
|
|
if (err != CRYPT_OK) {
|
|
|
@@ -63,8 +64,8 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
|
|
|
LTC_SET_ASN1(alg_id, 0, LTC_ASN1_OBJECT_IDENTIFIER, tmpoid, sizeof(tmpoid)/sizeof(tmpoid[0]));
|
|
|
LTC_SET_ASN1(alg_id, 1, parameters_type, parameters, parameters_len);
|
|
|
|
|
|
- /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey in a **BIT** string ... so we have to extract it
|
|
|
- then proceed to convert bit to octet
|
|
|
+ /* the actual format of the SSL DER key is odd, it stores a RSAPublicKey
|
|
|
+ * in a **BIT** string ... so we have to extract it then proceed to convert bit to octet
|
|
|
*/
|
|
|
LTC_SET_ASN1(subject_pubkey, 0, LTC_ASN1_SEQUENCE, alg_id, 2);
|
|
|
LTC_SET_ASN1(subject_pubkey, 1, LTC_ASN1_RAW_BIT_STRING, tmpbuf, MAX_RSA_SIZE*8);
|
|
|
@@ -74,6 +75,13 @@ int der_decode_subject_public_key_info(const unsigned char *in, unsigned long in
|
|
|
goto LBL_ERR;
|
|
|
}
|
|
|
|
|
|
+ if ((alg_id[0].size != oid.OIDlen) ||
|
|
|
+ memcmp(oid.OID, alg_id[0].data, oid.OIDlen * sizeof(oid.OID[0]))) {
|
|
|
+ /* OID mismatch */
|
|
|
+ err = CRYPT_PK_INVALID_TYPE;
|
|
|
+ goto LBL_ERR;
|
|
|
+ }
|
|
|
+
|
|
|
len = subject_pubkey[1].size/8;
|
|
|
if (*public_key_len > len) {
|
|
|
memcpy(public_key, subject_pubkey[1].data, len);
|
Steffen Jaeckel