Commit 83bb9eb9 authored by Santino Mazza's avatar Santino Mazza Committed by Alexandre Julliard

bcrypt: Validate key size when importing RSA public key.

parent 9799fa80
......@@ -1413,6 +1413,7 @@ static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYP
return STATUS_NOT_SUPPORTED;
size = sizeof(*rsa_blob) + rsa_blob->cbPublicExp + rsa_blob->cbModulus;
if (size != input_len) return NTE_BAD_DATA;
return key_asymmetric_create( (struct key **)ret_key, alg, rsa_blob->BitLength, (BYTE *)rsa_blob, size );
}
else if (!wcscmp( type, BCRYPT_RSAPRIVATE_BLOB ) || !wcscmp( type, BCRYPT_RSAFULLPRIVATE_BLOB ))
......
......@@ -2122,11 +2122,9 @@ static void test_RSA(void)
ret = BCryptDestroyKey(key);
ok(!ret, "got %#lx\n", ret);
todo_wine
{
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, rsaPublicBlobWithInvalidPublicExpSize, sizeof(rsaPublicBlobWithInvalidPublicExpSize), 0);
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, rsaPublicBlobWithInvalidPublicExpSize,
sizeof(rsaPublicBlobWithInvalidPublicExpSize), 0);
ok(ret == NTE_BAD_DATA, "got %#lx\n", ret);
}
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, buf, size, 0);
ok(ret == STATUS_SUCCESS, "got %#lx\n", ret);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment