x509cert, x509crl, x509req, ns_spki: check sanity of public keyky/pkey-check-sanity

The pub_encode routine of an EVP_PKEY_ASN1_METHOD seems to assume the
parameters and public key component(s) to be set properly. Calling that,
for example, through X509_set_pubkey(), with an incomplete object may
cause segfault.

Use ossl_pkey_check_public_key() to check that. It doesn't look pretty,
but unfortunately there isn't a generic way to do that with the EVP API.

Something similar applies to the verify routine of an EVP_PKEY_METHOD.
Do the same check before calling *_verify().

Reference: http://blade.nagaokaut.ac.jp/cgi-bin/scat.rb/ruby/ruby-core/83688
Reference: https://bugs.ruby-lang.org/issues/14087

0 files changed, 0 insertions, 0 deletions