Google Git
Sign in
pigweed/third_party/github/ARMmbed/mbedtls/f8648d51b13efff1d829efe84f590ea3ea3159b9^!/./library/pem.c
commit
f8648d51b13efff1d829efe84f590ea3ea3159b9
[log]
author
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Wed Jul 03 21:01:35 2013 +0200
committer
Manuel Pégourié-Gonnard <mpg@elzevir.fr>
Mon Jul 08 17:32:26 2013 +0200
tree
ccff22656f19ee552df82bb27006d15e93c50e92
parent
e36634223384257e243cbeeaa1be011873948e5d [diff] [blame]
Fix undocumented feature of pem_read_buffer()

Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too,
and may even work with similar enough structures when they appear.

diff --git a/library/pem.c b/library/pem.c
index c4c5cb4..3e3e96d 100644
--- a/library/pem.c
+++ b/library/pem.c

@@ -332,8 +332,22 @@
             pem_aes_decrypt( pem_iv, 32, buf, len, pwd, pwdlen );
 #endif /* POLARSSL_AES_C */
 
-        if( buf[0] != 0x30 || buf[1] != 0x82 ||
-            buf[4] != 0x02 || buf[5] != 0x01 )
+        /*
+         * The result should look like RSAPrivateKey or ECPrivateKey
+         * We use the following heuristic:
+         *    len must be more than 6
+         *    byte 1 must be 0x30 (SEQUENCE tag)
+         *    then allow for one to 3 length bytes
+         *    then we must have 0x02 0x01 (INTEGER tag + length, for version)
+         *    version must be less than 4 (leaves some room)
+         */
+        if( ! ( len > 6 && buf[0] == 0x30 && (
+                   ( buf[1] <= 0x7f && /* 1 length byte */
+                     buf[2] == 0x02 && buf[3] == 0x01 && buf[4] < 4 ) ||
+                   ( buf[1] == 0x81 && /* 2 length bytes */
+                     buf[3] == 0x02 && buf[4] == 0x01 && buf[5] < 4 ) ||
+                   ( buf[1] == 0x82 && /* 2 length bytes */
+                     buf[4] == 0x02 && buf[5] == 0x01 && buf[6] < 4 ) ) ) )
         {
             polarssl_free( buf );
             return( POLARSSL_ERR_PEM_PASSWORD_MISMATCH );