min
/
boring2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check rsa.is_null() before passing it to RSA_size 

RSA_size will cause an segmentation fault if it is null
This commit is contained in:
Mathijs van de Nes 2015-09-10 12:58:52 +02:00
parent 02b109bf04
commit 0eb2f0ecfa
1 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
openssl/src/crypto/pkey.rs
View File

@ -205,7 +205,13 @@ impl PKey {
*/ */
pub fn size(&self) -> usize { pub fn size(&self) -> usize {
unsafe { unsafe {
ffi::RSA_size(ffi::EVP_PKEY_get1_RSA(self.evp)) as usize let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
if rsa.is_null() {
0
}
else {
ffi::RSA_size(rsa) as usize
}
} }
} }
@ -244,6 +250,9 @@ impl PKey {
pub fn max_data(&self) -> usize { pub fn max_data(&self) -> usize {
unsafe { unsafe {
let rsa = ffi::EVP_PKEY_get1_RSA(self.evp); let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
if rsa.is_null() {
return 0;
}
let len = ffi::RSA_size(rsa); let len = ffi::RSA_size(rsa);
// 41 comes from RSA_public_encrypt(3) for OAEP // 41 comes from RSA_public_encrypt(3) for OAEP
@ -254,6 +263,9 @@ impl PKey {
pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Vec<u8> { pub fn encrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Vec<u8> {
unsafe { unsafe {
let rsa = ffi::EVP_PKEY_get1_RSA(self.evp); let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
if rsa.is_null() {
panic!("Could not get RSA key for encryption");
}
let len = ffi::RSA_size(rsa); let len = ffi::RSA_size(rsa);
assert!(s.len() < self.max_data()); assert!(s.len() < self.max_data());
@ -279,6 +291,9 @@ impl PKey {
pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Vec<u8> { pub fn decrypt_with_padding(&self, s: &[u8], padding: EncryptionPadding) -> Vec<u8> {
unsafe { unsafe {
let rsa = ffi::EVP_PKEY_get1_RSA(self.evp); let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
if rsa.is_null() {
panic!("Could not get RSA key for decryption");
}
let len = ffi::RSA_size(rsa); let len = ffi::RSA_size(rsa);
assert_eq!(s.len() as c_int, ffi::RSA_size(rsa)); assert_eq!(s.len() as c_int, ffi::RSA_size(rsa));
@ -337,6 +352,9 @@ impl PKey {
unsafe { unsafe {
let rsa = ffi::EVP_PKEY_get1_RSA(self.evp); let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
let len = ffi::RSA_size(rsa); let len = ffi::RSA_size(rsa);
if rsa.is_null() {
panic!("Could not get RSA key for signing");
}
let mut r = repeat(0u8).take(len as usize + 1).collect::<Vec<_>>(); let mut r = repeat(0u8).take(len as usize + 1).collect::<Vec<_>>();
let mut len = 0; let mut len = 0;
@ -360,6 +378,9 @@ impl PKey {
pub fn verify_with_hash(&self, h: &[u8], s: &[u8], hash: hash::Type) -> bool { pub fn verify_with_hash(&self, h: &[u8], s: &[u8], hash: hash::Type) -> bool {
unsafe { unsafe {
let rsa = ffi::EVP_PKEY_get1_RSA(self.evp); let rsa = ffi::EVP_PKEY_get1_RSA(self.evp);
if rsa.is_null() {
panic!("Could not get RSA key for verification");
}
let rv = ffi::RSA_verify( let rv = ffi::RSA_verify(
openssl_hash_nid(hash), openssl_hash_nid(hash),