fixed bug causing a security breach by storing private GXS keys into the public key cache. Added a few asserts to totally remove that possibility. Ideally we should have 2 incompatible key types.

git-svn-id: http://svn.code.sf.net/p/retroshare/code/trunk@7829 b45a01b8-16f6-495d-af2f-9b41ad6348cc
2025-06-13 09:03:33 -04:00 · 2015-01-10 07:30:26 +00:00 · 2015-01-10 07:30:26 +00:00 · c83d27924e
commit c83d27924e
parent 48e47fabd3
2 changed files with 16 additions and 2 deletions
--- a/libretroshare/src/gxs/gxssecurity.cc
+++ b/libretroshare/src/gxs/gxssecurity.cc
@ -56,6 +56,8 @@ static RsGxsId getRsaKeyFingerprint(RSA *pubkey)

 static RSA *extractPublicKey(const RsTlvSecurityKey& key)
 {
+    assert(!(key.keyFlags & RSTLV_KEY_TYPE_FULL)) ;
+
        const unsigned char *keyptr = (const unsigned char *) key.keyData.bin_data;
        long keylen = key.keyData.bin_len;