Browse Source

[rsa] Actually check the unused-bits byte in the public key bit string

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 12 years ago
parent
commit
d6979e0d55
1 changed files with 4 additions and 3 deletions
  1. 4
    3
      src/crypto/rsa.c

+ 4
- 3
src/crypto/rsa.c View File

@@ -236,12 +236,13 @@ static int rsa_init ( void *ctx, const void *key, size_t key_len ) {
236 236
 
237 237
 		/* Check and skip unused-bits byte of bit string */
238 238
 		bit_string = cursor.data;
239
-		if ( cursor.len < 1 ) {
239
+		if ( ( cursor.len < sizeof ( *bit_string ) ) ||
240
+		     ( bit_string->unused != 0 ) ) {
240 241
 			rc = -EINVAL;
241 242
 			goto err_parse;
242 243
 		}
243
-		cursor.data++;
244
-		cursor.len--;
244
+		cursor.data = &bit_string->data;
245
+		cursor.len -= offsetof ( typeof ( *bit_string ), data );
245 246
 
246 247
 		/* Enter RSAPublicKey */
247 248
 		asn1_enter ( &cursor, ASN1_SEQUENCE );

Loading…
Cancel
Save