-some input sanitization for identity and abd

3 files changed, 32 insertions, 10 deletions

diff --git a/src/abd/gnunet-abd.c b/src/abd/gnunet-abd.c
index cf3733abd..9f5fef958 100644
--- a/src/abd/gnunet-abd.c
+++ b/src/abd/gnunet-abd.c
@@ -560,6 +560,14 @@ store_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego)
     return;
   }
 
+  if (NULL == ego)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                _("Ego does not exist!\n"));
+    GNUNET_SCHEDULER_shutdown ();
+    return;
+  }
+
   // Key handling
   zone_pkey = *GNUNET_IDENTITY_ego_get_private_key (ego);
 
@@ -611,12 +619,12 @@ store_cb (void *cls, struct GNUNET_IDENTITY_Ego *ego)
     {
       if (typestring == NULL)
       {
-        fputs ("No value for unknown record type\n", stderr);
+        fputs ("Value for unknown record type not well-formed.\n", stderr);
       }
       else if (subject == NULL)
       {
         fprintf (stderr,
-                 "No value for record type`%s'\n",
+                 "Value for record type `%s' not well-formed.\n",
                  typestring);
       }
       else
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 01f36b840..4a7a69211 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -954,7 +954,22 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h)
 }
 
 
-ssize_t
+static enum GNUNET_GenericReturnValue
+check_key_type (uint32_t type)
+{
+  switch (type)
+  {
+  case GNUNET_IDENTITY_TYPE_ECDSA:
+  case GNUNET_IDENTITY_TYPE_EDDSA:
+    return GNUNET_OK;
+  default:
+    return GNUNET_SYSERR;
+  }
+  return GNUNET_SYSERR;
+}
+
+
+static ssize_t
 private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key)
 {
   switch (ntohl (key->type))
@@ -1085,7 +1100,7 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
 }
 
 
-int
+enum GNUNET_GenericReturnValue
 GNUNET_IDENTITY_sign_ (const struct
                        GNUNET_IDENTITY_PrivateKey *priv,
                        const struct
@@ -1111,7 +1126,7 @@ GNUNET_IDENTITY_sign_ (const struct
 }
 
 
-int
+enum GNUNET_GenericReturnValue
 GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
                                    const struct
                                    GNUNET_CRYPTO_EccSignaturePurpose *validate,
@@ -1233,7 +1248,6 @@ GNUNET_IDENTITY_private_key_to_string (const struct
                                               size);
 }
 
-
 enum GNUNET_GenericReturnValue
 GNUNET_IDENTITY_public_key_from_string (const char *str,
                                         struct GNUNET_IDENTITY_PublicKey *key)
@@ -1245,7 +1259,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str,
                                        sizeof (*key));
   if (GNUNET_OK != ret)
     return GNUNET_SYSERR;
-  return GNUNET_OK;
+  return check_key_type (ntohl (key->type));
 
 }
 
@@ -1261,7 +1275,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str,
                                        sizeof (*key));
   if (GNUNET_OK != ret)
     return GNUNET_SYSERR;
-  return GNUNET_OK;
+  return check_key_type (ntohl (key->type));
 }
 
 
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index e40a741bf..b2a45577f 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -509,7 +509,7 @@ GNUNET_IDENTITY_write_signature_to_buffer (const struct
  * @param[out] sig where to write the signature
  * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
  */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_IDENTITY_sign_ (const struct
                        GNUNET_IDENTITY_PrivateKey *priv,
                        const struct
@@ -558,7 +558,7 @@ GNUNET_IDENTITY_sign_ (const struct
  * @param pub public key of the signer
  * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
  */
-int
+enum GNUNET_GenericReturnValue
 GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
                                    const struct
                                    GNUNET_CRYPTO_EccSignaturePurpose *validate,