From cb21e629743317fa1e900fdad72474ec7d011ab3 Mon Sep 17 00:00:00 2001
From: Miloslav Trmač <mitr@redhat.com>
Date: Sun, 8 Aug 2010 04:23:45 +0200
Subject: Ensure sign_hash is valid in RSA sign/verify

---
 ncr-pk.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ncr-pk.c b/ncr-pk.c
index 392ff07..1e83163 100644
--- a/ncr-pk.c
+++ b/ncr-pk.c
@@ -558,6 +558,10 @@ void * input, *output;
 
 	switch(ctx->algorithm->algo) {
 		case NCR_ALG_RSA:
+			if (ctx->sign_hash == NULL) {
+				err();
+				return -EINVAL;
+			}
 			cret = rsa_sign_hash_ex( input, isg_size, output, &osize, 
 				ctx->type, ctx->sign_hash, ctx->salt_len, &ctx->key->key.pk.rsa);
 			if (cret != CRYPT_OK) {
@@ -618,6 +622,10 @@ uint8_t* sig;
 
 	switch(ctx->algorithm->algo) {
 		case NCR_ALG_RSA:
+			if (ctx->sign_hash == NULL) {
+				err();
+				return -EINVAL;
+			}
 			cret = rsa_verify_hash_ex( sig, sign_sg_size, 
 				hash, hash_size, ctx->type, ctx->sign_hash,
 				ctx->salt_len, &stat, &ctx->key->key.pk.rsa);
-- 
cgit