From 5ec36e6f84f80cc24a17dcbd468bd11d6a3e16cd Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sat, 21 Aug 2010 10:11:16 +0200
Subject: Prevent usage of wrapping keys for anything else except wrapping.

---
 ncr-sessions.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/ncr-sessions.c b/ncr-sessions.c
index c65db2f751e..f7e577757a9 100644
--- a/ncr-sessions.c
+++ b/ncr-sessions.c
@@ -537,6 +537,14 @@ static struct session_item_st *_ncr_session_init(struct ncr_lists *lists,
 					goto fail;
 				}
 
+				/* wrapping keys cannot be used for anything except wrapping.
+				 */
+				if (ns->key->flags & NCR_KEY_FLAG_WRAPPING) {
+					err();
+					ret = -EINVAL;
+					goto fail;
+				}
+
 				if (ns->algorithm->is_hmac && ns->key->type == NCR_KEY_TYPE_SECRET) {
 					if (ns->algorithm->is_pk) {
 						err();
-- 
cgit