RSAKey construction is incorrect. In current implementation problem exists only for RSAKey construction from istream (just luck).
Reason is - using BIO_seek() instead of BIO_reset() between PEM_read_bio_RSAPublicKey() and PEM_read_bio_RSA_PUBKEY()
This works for construction from file (File BIO), but incorrect for stream (Memory BIO)
Here is patch:
109c109
< int rc = BIO_seek(bio, 0);
---
> int rc = BIO_reset(bio);
170,171c170,171
< int rc = BIO_seek(bio, 0);
< if (rc != 0) throw Poco::FileException("Failed to load public key");
---
> int rc = BIO_reset(bio);
> if (rc != 1) throw Poco::FileException("Failed to load public key");Affected versions 1.4.6p2 - 1.4.6.p4 may be other.
RSAKey construction is incorrect. In current implementation problem exists only for RSAKey construction from istream (just luck).
Reason is - using BIO_seek() instead of BIO_reset() between PEM_read_bio_RSAPublicKey() and PEM_read_bio_RSA_PUBKEY()
This works for construction from file (File BIO), but incorrect for stream (Memory BIO)
Here is patch:
Affected versions 1.4.6p2 - 1.4.6.p4 may be other.