mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-26 04:05:44 +01:00
Preserve old behavior by checking public key in RSA parsing function
The function `pk_get_rsapubkey` originally performed some basic sanity checks (e.g. on the size of public exponent) on the parsed RSA public key by a call to `mbedtls_rsa_check_pubkey`. This check was dropped because it is not possible to thoroughly check full parameter sanity (i.e. that (-)^E is a bijection on Z/NZ). Still, for the sake of not silently changing existing behavior, this commit puts back the call to `mbedtls_rsa_check_pubkey`.
This commit is contained in:
parent
efeef6cf03
commit
895c5ab88e
@ -543,8 +543,11 @@ static int pk_get_rsapubkey( unsigned char **p,
|
|||||||
|
|
||||||
*p += len;
|
*p += len;
|
||||||
|
|
||||||
if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 )
|
if( mbedtls_rsa_complete( rsa ) != 0 ||
|
||||||
|
mbedtls_rsa_check_pubkey( rsa ) != 0 )
|
||||||
|
{
|
||||||
return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
|
return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
|
||||||
|
}
|
||||||
|
|
||||||
if( *p != end )
|
if( *p != end )
|
||||||
return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
|
return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
|
||||||
|
Loading…
Reference in New Issue
Block a user