Do not segfault for ECC keys in PKCS#11

This commit is contained in:
Jakub Jelen 2017-11-14 12:53:12 +01:00
parent a464c88ee6
commit 2087929a90

View File

@ -2594,7 +2594,7 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
}
} else {
cp = attribs[2].pValue;
@@ -525,17 +538,18 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
@@ -525,17 +538,19 @@ pkcs11_fetch_keys_filter(struct pkcs11_p
== NULL) {
error("d2i_X509 failed");
} else if ((evp = X509_get_pubkey(x509)) == NULL ||
@ -2612,7 +2612,8 @@ diff -up openssh/ssh-pkcs11.c.openssl openssh/ssh-pkcs11.c
X509_free(x509);
}
- if (rsa && rsa->n && rsa->e &&
+ RSA_get0_key(rsa, &n, &e, NULL);
+ if (rsa)
+ RSA_get0_key(rsa, &n, &e, NULL);
+ if (rsa && n && e &&
pkcs11_rsa_wrap(p, slotidx, &attribs[0], rsa) == 0) {
if ((key = sshkey_new(KEY_UNSPEC)) == NULL)