From 51172b3510e5cc36b27fd3a5170d598585b84806 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Thu, 20 Aug 2020 11:18:09 +0200
Subject: [PATCH] nts: avoid key corruption on failed loading

Don't save a loaded key to the server key slot until it is fully
decoded.
---
 nts_ke_server.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/nts_ke_server.c b/nts_ke_server.c
index 41c0606..2483d4b 100644
--- a/nts_ke_server.c
+++ b/nts_ke_server.c
@@ -560,6 +560,7 @@ static void
 load_keys(void)
 {
   char *dump_dir, line[1024], *words[MAX_WORDS];
+  unsigned char key[SIV_MAX_KEY_LENGTH];
   int i, index, key_length, algorithm;
   double key_age;
   FILE *f;
@@ -587,13 +588,15 @@ load_keys(void)
         sscanf(words[0], "%"PRIX32, &id) != 1)
       goto error;
 
-    index = id % MAX_SERVER_KEYS;
-
-    if (UTI_HexToBytes(words[1], server_keys[index].key,
-                       sizeof (server_keys[index].key)) != key_length)
+    if (UTI_HexToBytes(words[1], key, sizeof (key)) != key_length)
       goto error;
 
+    index = id % MAX_SERVER_KEYS;
+
     server_keys[index].id = id;
+    assert(sizeof (server_keys[index].key) == sizeof (key));
+    memcpy(server_keys[index].key, key, key_length);
+
     if (!SIV_SetKey(server_keys[index].siv, server_keys[index].key, key_length))
       LOG_FATAL("Could not set SIV key");