[tor-commits] [tor/release-0.4.2] When parsing tokens, reject early on spurious keys.
nickm at torproject.org
nickm at torproject.org
Wed Mar 18 13:34:40 UTC 2020
commit f160212ee855b6899063f2e9355abd59105d6a04
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Feb 5 11:57:31 2020 -0500
When parsing tokens, reject early on spurious keys.
---
src/feature/dirparse/parsecommon.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/feature/dirparse/parsecommon.c b/src/feature/dirparse/parsecommon.c
index 5b753f0f2..e8269f7ec 100644
--- a/src/feature/dirparse/parsecommon.c
+++ b/src/feature/dirparse/parsecommon.c
@@ -384,10 +384,16 @@ get_next_token(memarea_t *area,
RET_ERR("Couldn't parse object: missing footer or object much too big.");
if (!strcmp(tok->object_type, "RSA PUBLIC KEY")) { /* If it's a public key */
+ if (o_syn != NEED_KEY && o_syn != NEED_KEY_1024 && o_syn != OBJ_OK) {
+ RET_ERR("Unexpected public key.");
+ }
tok->key = crypto_pk_new();
if (crypto_pk_read_public_key_from_string(tok->key, obstart, eol-obstart))
RET_ERR("Couldn't parse public key.");
} else if (!strcmp(tok->object_type, "RSA PRIVATE KEY")) { /* private key */
+ if (o_syn != NEED_SKEY_1024 && o_syn != OBJ_OK) {
+ RET_ERR("Unexpected private key.");
+ }
tok->key = crypto_pk_new();
if (crypto_pk_read_private_key1024_from_string(tok->key,
obstart, eol-obstart))
More information about the tor-commits
mailing list