From 3b521fbc223cafd360def97841544d34d7396dc2 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 25 Aug 2010 18:04:20 +0200 Subject: enforce the key wrap version. --- ncr-key-wrap.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c index 2f2695de6d7..08689cb4759 100644 --- a/ncr-key-wrap.c +++ b/ncr-key-wrap.c @@ -34,6 +34,8 @@ #include "ncr-int.h" #include "cryptodev_int.h" +#define KEY_WRAP_VERSION 0 + typedef uint8_t val64_t[8]; static const val64_t initA = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"; @@ -826,7 +828,7 @@ static int key_to_packed_data( uint8_t** sdata, size_t * sdata_size, const struc uint8_t * derkey = NULL; uint32_t pkey_size; int ret, err; - unsigned long zero = 0; + unsigned long version = KEY_WRAP_VERSION; unsigned long type; unsigned long derlen; @@ -887,7 +889,7 @@ static int key_to_packed_data( uint8_t** sdata, size_t * sdata_size, const struc } err = der_encode_sequence_multi(derkey, &derlen, - LTC_ASN1_SHORT_INTEGER, 1UL, &zero, + LTC_ASN1_SHORT_INTEGER, 1UL, &version, LTC_ASN1_SHORT_INTEGER, 1UL, &type, LTC_ASN1_OCTET_STRING, (unsigned long)pkey_size, pkey, LTC_ASN1_EOL, 0UL, NULL); @@ -998,6 +1000,12 @@ static int key_from_packed_data(unsigned int flags, goto fail; } + if (version != KEY_WRAP_VERSION) { + err(); + ret = -EINVAL; + goto fail; + } + pkey_size = list[2].size; ret = packed_type_to_key_type(type, key); -- cgit