mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-12-23 13:45:29 +00:00
Preserve old behavior by checking public key in RSA parsing function
The function `pk_get_rsapubkey` originally performed some basic sanity checks (e.g. on the size of public exponent) on the parsed RSA public key by a call to `mbedtls_rsa_check_pubkey`. This check was dropped because it is not possible to thoroughly check full parameter sanity (i.e. that (-)^E is a bijection on Z/NZ). Still, for the sake of not silently changing existing behavior, this commit puts back the call to `mbedtls_rsa_check_pubkey`.
This commit is contained in:
parent
efeef6cf03
commit
895c5ab88e
|
@ -543,8 +543,11 @@ static int pk_get_rsapubkey( unsigned char **p,
|
|||
|
||||
*p += len;
|
||||
|
||||
if( ( ret = mbedtls_rsa_complete( rsa ) ) != 0 )
|
||||
if( mbedtls_rsa_complete( rsa ) != 0 ||
|
||||
mbedtls_rsa_check_pubkey( rsa ) != 0 )
|
||||
{
|
||||
return( MBEDTLS_ERR_PK_INVALID_PUBKEY );
|
||||
}
|
||||
|
||||
if( *p != end )
|
||||
return( MBEDTLS_ERR_PK_INVALID_PUBKEY +
|
||||
|
|
Loading…
Reference in a new issue