diff options
| author | Michael Brown | 2012-03-18 21:42:03 +0100 |
|---|---|---|
| committer | Michael Brown | 2012-03-18 21:46:38 +0100 |
| commit | d6979e0d55c9a796fdf947909be37e2bcdca918d (patch) | |
| tree | 4d008afe71d9508cb86c87d58a28cb5b65deef47 /src/crypto | |
| parent | [crypto] Force caller to provide temporary storage for modular calculations (diff) | |
| download | ipxe-d6979e0d55c9a796fdf947909be37e2bcdca918d.tar.gz ipxe-d6979e0d55c9a796fdf947909be37e2bcdca918d.tar.xz ipxe-d6979e0d55c9a796fdf947909be37e2bcdca918d.zip | |
[rsa] Actually check the unused-bits byte in the public key bit string
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Diffstat (limited to 'src/crypto')
| -rw-r--r-- | src/crypto/rsa.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/crypto/rsa.c b/src/crypto/rsa.c index a0bf39eb8..6aa6e8971 100644 --- a/src/crypto/rsa.c +++ b/src/crypto/rsa.c @@ -236,12 +236,13 @@ static int rsa_init ( void *ctx, const void *key, size_t key_len ) { /* Check and skip unused-bits byte of bit string */ bit_string = cursor.data; - if ( cursor.len < 1 ) { + if ( ( cursor.len < sizeof ( *bit_string ) ) || + ( bit_string->unused != 0 ) ) { rc = -EINVAL; goto err_parse; } - cursor.data++; - cursor.len--; + cursor.data = &bit_string->data; + cursor.len -= offsetof ( typeof ( *bit_string ), data ); /* Enter RSAPublicKey */ asn1_enter ( &cursor, ASN1_SEQUENCE ); |