From 374e4b87d43c81ca0c869445bd43454376cc6478 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Manuel=20P=C3=A9gouri=C3=A9-Gonnard?= <mpg@elzevir.fr>
Date: Tue, 9 Jul 2013 10:21:34 +0200
Subject: [PATCH] pk_set_type() cannot be used to reset key type

---
 include/polarssl/pk.h | 8 +++++++-
 library/error.c       | 2 ++
 library/pk.c          | 8 +++++++-
 library/x509parse.c   | 8 ++++++++
 4 files changed, 24 insertions(+), 2 deletions(-)

diff --git a/include/polarssl/pk.h b/include/polarssl/pk.h
index 00f8cfcb1..707f138d4 100644
--- a/include/polarssl/pk.h
+++ b/include/polarssl/pk.h
@@ -28,6 +28,7 @@
 #define POLARSSL_PK_H
 
 #define POLARSSL_ERR_PK_MALLOC_FAILED       -0x2F80  /**< Memory alloation failed. */
+#define POLARSSL_ERR_PK_TYPE_MISMATCH       -0x2F00  /**< Type mismatch, eg attempt to use a RSA key as EC, or to modify key type */
 
 #ifdef __cplusplus
 extern "C" {
@@ -72,7 +73,12 @@ void pk_free( pk_context *ctx );
  * \param ctx       Context to initialize
  * \param type      Type of key
  *
- * \return          O on success, or POLARSSL_ERR_PK_MALLOC_FAILED
+ * \note            Once the type of a key has been set, it cannot be reset.
+ *                  If you want to do so, you need to use pk_free() first.
+ *
+ * \return          O on success,
+ *                  POLARSSL_ERR_PK_MALLOC_FAILED on memory allocation fail,
+ *                  POLARSSL_ERR_PK_TYPE_MISMATCH on attempts to reset type.
  */
 int pk_set_type( pk_context *ctx, pk_type_t type );
 
diff --git a/library/error.c b/library/error.c
index 0a739b5d5..560c54cff 100644
--- a/library/error.c
+++ b/library/error.c
@@ -250,6 +250,8 @@ void polarssl_strerror( int ret, char *buf, size_t buflen )
 #if defined(POLARSSL_PK_C)
         if( use_ret == -(POLARSSL_ERR_PK_MALLOC_FAILED) )
             snprintf( buf, buflen, "PK - Memory alloation failed" );
+        if( use_ret == -(POLARSSL_ERR_PK_TYPE_MISMATCH) )
+            snprintf( buf, buflen, "PK - Type mismatch, eg attempt to use a RSA key as EC, or to modify key type" );
 #endif /* POLARSSL_PK_C */
 
 #if defined(POLARSSL_PKCS12_C)
diff --git a/library/pk.c b/library/pk.c
index 71505ed2e..0591b3f1c 100644
--- a/library/pk.c
+++ b/library/pk.c
@@ -88,6 +88,12 @@ int pk_set_type( pk_context *ctx, pk_type_t type )
 {
     size_t size = 0;
 
+    if( ctx->type == type )
+        return( 0 );
+
+    if( ctx->type != POLARSSL_PK_NONE )
+        return( POLARSSL_ERR_PK_TYPE_MISMATCH );
+
     switch( type )
     {
 #if defined(POLARSSL_RSA_C)
@@ -104,7 +110,7 @@ int pk_set_type( pk_context *ctx, pk_type_t type )
 #endif
 
         case POLARSSL_PK_NONE:
-            ; /* Should not happen */
+            ; /* Cannot happen, but the cmpiler doesn't know */
     }
 
     if( ( ctx->data = malloc( size ) ) == NULL )
diff --git a/library/x509parse.c b/library/x509parse.c
index 12f06ca20..c801967b1 100644
--- a/library/x509parse.c
+++ b/library/x509parse.c
@@ -3120,6 +3120,8 @@ int x509parse_key( pk_context *ctx,
         return( 0 );
     }
 
+    pk_free( ctx );
+
     if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
         return( ret );
 
@@ -3128,6 +3130,8 @@ int x509parse_key( pk_context *ctx,
         return( 0 );
     }
 
+    pk_free( ctx );
+
     return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
 }
 
@@ -3145,12 +3149,16 @@ int x509parse_public_key( pk_context *ctx,
     if( ( ret = x509parse_public_key_rsa( ctx->data, key, keylen ) ) == 0 )
         return( 0 );
 
+    pk_free( ctx );
+
     if ( ( ret = pk_set_type( ctx, POLARSSL_PK_ECKEY ) ) != 0 )
         return( ret );
 
     if( ( ret = x509parse_public_key_ec( ctx->data, key, keylen ) ) == 0 )
         return( 0 );
 
+    pk_free( ctx );
+
     return( POLARSSL_ERR_X509_CERT_UNKNOWN_FORMAT );
 }