crypto/x509: test for negative RSA parameters.

Someone found software that generates negative numbers for the RSA modulus in an X.509 certificate. Our error messages were very poor in this case so this change improves that. Update #4728 Return more helpful errors when RSA parameters are negative or zero. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/7228072

crypto/x509: test for negative RSA parameters.
Someone found software that generates negative numbers for the RSA modulus in an X.509 certificate. Our error messages were very poor in this case so this change improves that. Update #4728 Return more helpful errors when RSA parameters are negative or zero. R=golang-dev, rsc CC=golang-dev https://golang.org/cl/7228072
5c659d73 · Adam Langley · 8b6534b7 · 5c659d73
Commit 5c659d73 authored Jan 31, 2013 by Adam Langley
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 0 deletions

x509.go src/pkg/crypto/x509/x509.go +7 -0

No files found.
--- a/src/pkg/crypto/x509/x509.go
+++ b/src/pkg/crypto/x509/x509.go
@@ -660,6 +660,13 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{
 			return nil, err
 		}

+		if p.N.Sign() <= 0 {
+			return nil, errors.New("x509: RSA modulus is not a positive number")
+		}
+		if p.E <= 0 {
+			return nil, errors.New("x509: RSA public exponent is not a positive number")
+		}
+
 		pub := &rsa.PublicKey{
 			E: p.E,
 			N: p.N,