Browse files

soter: make sure we have the RSA private key before trying to decrypt…

… data (#334)

Some OpenSSL versions do not handle gracefully, when you try to do RSA
decryption with a public key (no private part in the RSA structure) and just
crash the whole process. So we add an explicit check we have the private part
before attempting the decryption.
  • Loading branch information...
secumod authored and vixentael committed Nov 1, 2018
1 parent 43d1f4a commit 1a86f536ee2be3c3917db1c8d215f04dcd98ec57
Showing with 14 additions and 1 deletion.
  1. +14 −1 src/soter/openssl/soter_asym_cipher.c
@@ -208,6 +208,7 @@ soter_status_t soter_asym_cipher_decrypt(soter_asym_cipher_t* asym_cipher, const
EVP_PKEY *pkey;
RSA *rsa;
const BIGNUM *d = NULL;
int rsa_mod_size;
size_t output_length;
@@ -243,6 +244,18 @@ soter_status_t soter_asym_cipher_decrypt(soter_asym_cipher_t* asym_cipher, const
/* we can only decrypt, if we have the private key */
/* some versions of OpenSSL just crash, if you send RSA public key to EVP_PKEY_decrypt, so we do checks here */
d = rsa->d;
RSA_get0_key(rsa, NULL, NULL, &d);
if (NULL == d)
/* Currently we support only OAEP padding for RSA encryption */
/* TODO: should we support "no padding" or PKCS1.5 padding? */
if (!EVP_PKEY_decrypt_init(asym_cipher->pkey_ctx))
@@ -328,4 +341,4 @@ soter_status_t soter_asym_cipher_destroy(soter_asym_cipher_t* asym_cipher)
return status;

0 comments on commit 1a86f53

Please sign in to comment.