Avoid crashes on malformed RSA keys

vapor / open-crypto

🔑 Hashing (BCrypt, SHA2, HMAC), encryption (AES), public-key (RSA), and random data generation.

MIT License

134 stars 34 forks source link

Avoid crashes on malformed RSA keys #88

Closed vzsg closed 5 years ago

vzsg commented 5 years ago

This PR fixes #87.

The OpenSSL C APIs can return null pointers if PEM_read_bio_PUBKEY and co. fail to parse the provided input. Only the certificate parsing code path was properly guarded, which lead to fatal errors.

penny-coin commented 5 years ago

Hey @vzsg, you just merged a pull request, have a coin!

You now have 2062 coins.

gwynne commented 5 years ago

And this is why importing Unsafe[Mutable][Raw]Pointers from C APIs as implicitly-unwrapped optionals is Bad™. 🎺