soter: make sure we have the RSA private key before trying to decrypt…

… data (#334) Some OpenSSL versions do not handle gracefully, when you try to do RSA decryption with a public key (no private part in the RSA structure) and just crash the whole process. So we add an explicit check we have the private part before attempting the decryption.
cossacklabs · Nov 1, 2018 · 1a86f53 · 1a86f53
1 parent 43d1f4a
commit 1a86f53
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/src/soter/openssl/soter_asym_cipher.c b/src/soter/openssl/soter_asym_cipher.c
@@ -208,6 +208,7 @@ soter_status_t soter_asym_cipher_decrypt(soter_asym_cipher_t* asym_cipher, const
 {
 	EVP_PKEY *pkey;
 	RSA *rsa;
+	const BIGNUM *d = NULL;
 	int rsa_mod_size;
 	size_t output_length;
 
@@ -243,6 +244,18 @@ soter_status_t soter_asym_cipher_decrypt(soter_asym_cipher_t* asym_cipher, const
 		return SOTER_INVALID_PARAMETER;
 	}
 
+	/* we can only decrypt, if we have the private key */
+	/* some versions of OpenSSL just crash, if you send RSA public key to EVP_PKEY_decrypt, so we do checks here */
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	d = rsa->d;
+#else
+	RSA_get0_key(rsa, NULL, NULL, &d);
+#endif
+	if (NULL == d)
+	{
+		return SOTER_INVALID_PARAMETER;
+	}
+
 	/* Currently we support only OAEP padding for RSA encryption */
 	/* TODO: should we support "no padding" or PKCS1.5 padding? */
 	if (!EVP_PKEY_decrypt_init(asym_cipher->pkey_ctx))
@@ -328,4 +341,4 @@ soter_status_t soter_asym_cipher_destroy(soter_asym_cipher_t* asym_cipher)
 	{
 		return status;
 	}
-}
+}