From 9469cd334f29ca9437e13eb951b53b7690f10be9 Mon Sep 17 00:00:00 2001 From: Sree Harsha Totakura Date: Wed, 27 May 2015 07:42:45 +0000 Subject: [PATCH] validate the parsed RSA private key --- src/util/crypto_rsa.c | 12 +++++++++--- src/util/test_crypto_rsa.c | 9 +++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/src/util/crypto_rsa.c b/src/util/crypto_rsa.c index 9896d8dce..2aadf2fc4 100644 --- a/src/util/crypto_rsa.c +++ b/src/util/crypto_rsa.c @@ -222,7 +222,6 @@ GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, size_t len) { struct GNUNET_CRYPTO_rsa_PrivateKey *key; - key = GNUNET_new (struct GNUNET_CRYPTO_rsa_PrivateKey); if (0 != gcry_sexp_new (&key->sexp, @@ -230,11 +229,18 @@ GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, len, 0)) { - GNUNET_break_op (0); + LOG (GNUNET_ERROR_TYPE_WARNING, + "Decoded private key is not valid\n"); GNUNET_free (key); return NULL; } - /* FIXME: verify that this is an RSA private key */ + if (0 != gcry_pk_testkey (key->sexp)) + { + LOG (GNUNET_ERROR_TYPE_WARNING, + "Decoded private key is not valid\n"); + GNUNET_CRYPTO_rsa_private_key_free (key); + return NULL; + } return key; } diff --git a/src/util/test_crypto_rsa.c b/src/util/test_crypto_rsa.c index fc41dc24f..b2d749ab9 100644 --- a/src/util/test_crypto_rsa.c +++ b/src/util/test_crypto_rsa.c @@ -54,6 +54,15 @@ main (int argc, char *enc; enc = NULL; size = GNUNET_CRYPTO_rsa_private_key_encode (priv, &enc); + /* Decoding */ + GNUNET_CRYPTO_rsa_private_key_free (priv); + priv = NULL; + priv = GNUNET_CRYPTO_rsa_private_key_decode (enc, size); + GNUNET_assert (NULL != priv); + GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, + enc, size); + GNUNET_assert (NULL == GNUNET_CRYPTO_rsa_private_key_decode (enc, size)); + (void) fprintf (stderr, "The above warning is expected.\n"); GNUNET_free (enc); /* try ordinary sig first */ -- 2.25.1