Permalink
Browse files

Add sanity checks

  • Loading branch information...
1 parent 432808b commit 2356d5c8fda5d799f072aa83d6e7555043e44daf @cmouse cmouse committed May 16, 2015
Showing with 3 additions and 1 deletion.
  1. +3 −1 pdns/pkcs11signers.cc
@@ -352,7 +352,9 @@ class Pkcs11Token {
if (!GetAttributeValue2(d_public_key, attr)) {
d_ecdsa_params = attr[0].str();
if (d_ecdsa_params == "\x06\x08\x2a\x86\x48\xce\x3d\x03\x01\x07") d_bits = 256;
- if (d_ecdsa_params == "\x06\x05\x2b\x81\x04\x00\x22") d_bits = 384;
+ else if (d_ecdsa_params == "\x06\x05\x2b\x81\x04\x00\x22") d_bits = 384;
+ else throw PDNSException("Unsupported EC key");
+ if (attr[1].str().length() != (d_bits*2/8 + 3)) throw PDNSException("EC Point data invalid");
d_ec_point = attr[1].str().substr(3);
} else {
throw PDNSException("Cannot load attributes for PCKS#11 public key " + d_label);

0 comments on commit 2356d5c

Please sign in to comment.