giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge PR#288 from philipWendland:upstream-ecc-fix 

add the possibility to store public ECC keys encoded according to SPKI
EC pubkey storing: Check if params are available before copying.
pkcs15-lib.c / sc_pkcs15init_store_public_key may be called with keyargs->key.u.ec.params.value == NULL. In this case, allocating and copying the parameters will fail. Add a check to prevent this.
This commit is contained in:
Philip Wendland 2014-09-25 17:12:02 +02:00 committed by Viktor Tarasov
parent 4e73d0e36f
commit 955a339148
2 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/libopensc/pkcs15-pubkey.c
View File

@ -944,7 +944,10 @@ sc_pkcs15_read_pubkey(struct sc_pkcs15_card *p15card, const struct sc_pkcs15_obj
r = sc_pkcs15_read_file(p15card, &info->path, &data, &len);
LOG_TEST_RET(ctx, r, "Failed to read public key file.");
r = sc_pkcs15_decode_pubkey(ctx, pubkey, data, len);
if (algorithm == SC_ALGORITHM_EC && *data == (SC_ASN1_TAG_SEQUENCE | SC_ASN1_TAG_CONSTRUCTED))
r = sc_pkcs15_pubkey_from_spki_sequence(ctx, data, len, &pubkey);
else
r = sc_pkcs15_decode_pubkey(ctx, pubkey, data, len);
LOG_TEST_RET(ctx, r, "Decode public key error");
}
else {

13
src/pkcs15init/pkcs15-lib.c
View File

@ -1547,6 +1547,14 @@ sc_pkcs15init_store_public_key(struct sc_pkcs15_card *p15card, struct sc_profile
}
else if (key.algorithm == SC_ALGORITHM_EC) {
key_info->field_length = keybits;
if (key.u.ec.params.der.value) {
key_info->params.data = malloc(key.u.ec.params.der.len);
if (!key_info->params.data) {
LOG_TEST_RET(ctx, SC_ERROR_OUT_OF_MEMORY, "Cannot allocate EC params");
}
key_info->params.len = key.u.ec.params.der.len;
memcpy(key_info->params.data, key.u.ec.params.der.value, key.u.ec.params.der.len);
}
}
/* Select a intrinsic Key ID if the user didn't specify one */
@ -1579,7 +1587,10 @@ sc_pkcs15init_store_public_key(struct sc_pkcs15_card *p15card, struct sc_profile
LOG_TEST_RET(ctx, r, "SPKI encode public key error");
/* Now create key file and store key */
r = sc_pkcs15init_store_data(p15card, profile, object, &object->content, &key_info->path);
if (type == SC_PKCS15_TYPE_PUBKEY_EC)
r = sc_pkcs15init_store_data(p15card, profile, object, &key_info->direct.spki, &key_info->path);
else
r = sc_pkcs15init_store_data(p15card, profile, object, &object->content, &key_info->path);
path = &key_info->path;
if (path->count == 0) {