From 64912b37f6a332bd106a4c55923df4742a2edb49 Mon Sep 17 00:00:00 2001 From: Chris Conlon Date: Mon, 23 Dec 2013 14:07:58 -0700 Subject: [PATCH] adjust key buffer length when using ToTraditional() or ToTraditionalEnc() --- ctaocrypt/src/asn.c | 2 +- src/ssl.c | 22 ++++++++++++++++++---- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/ctaocrypt/src/asn.c b/ctaocrypt/src/asn.c index 8b4463229..fa3080a34 100644 --- a/ctaocrypt/src/asn.c +++ b/ctaocrypt/src/asn.c @@ -764,7 +764,7 @@ int ToTraditional(byte* input, word32 sz) XMEMMOVE(input, input + inOutIdx, length); - return 0; + return length; } diff --git a/src/ssl.c b/src/ssl.c index d9edaa946..e2ca23d6a 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1563,6 +1563,7 @@ int CyaSSL_Init(void) char* consumedEnd; char* bufferEnd = (char*)(buff + longSz); long neededSz; + int ret = 0; int pkcs8 = 0; int pkcs8Enc = 0; int dynamicType = 0; @@ -1714,8 +1715,15 @@ int CyaSSL_Init(void) &der->length) < 0) return SSL_BAD_FILE; - if (pkcs8) - return ToTraditional(der->buffer, der->length); + if (pkcs8) { + /* convert and adjust length */ + if ( (ret = ToTraditional(der->buffer, der->length)) < 0 ) { + return ret; + } else { + der->length = ret; + return 0; + } + } #if defined(OPENSSL_EXTRA) && !defined(NO_PWDBASED) if (pkcs8Enc) { @@ -1726,8 +1734,14 @@ int CyaSSL_Init(void) return SSL_BAD_FILE; /* no callback error */ passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0, info->ctx->userdata); - return ToTraditionalEnc(der->buffer, der->length, password, - passwordSz); + /* convert and adjust length */ + if ( (ret = ToTraditionalEnc(der->buffer, der->length, password, + passwordSz)) < 0 ) { + return ret; + } else { + der->length = ret; + return 0; + } } #endif