feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

sanity check for RSA key size and hash digest size

Browse Source
This commit is contained in:
Jacob Barthelmeh
2016-03-16 15:25:52 -06:00
parent 4c3ddac23c
commit 2dd5efd969
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
wolfcrypt/src/rsa.c
View File

@ -427,10 +427,19 @@ static int wc_RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
size aproaches 0. In decryption if k is less than or equal -- then there size aproaches 0. In decryption if k is less than or equal -- then there
is no possible room for msg. is no possible room for msg.
k = RSA key size k = RSA key size
hLen = hash digest size hLen = hash digest size -- will always be >= 0 at this point
*/ */
if ((int)inputLen > ((int)pkcsBlockLen - 2 * hLen - 2)) { if ((word32)(2 * hLen + 2) > pkcsBlockLen) {
WOLFSSL_MSG("OAEP pad error, message too long or hash to big for RSA key size"); WOLFSSL_MSG("OAEP pad error hash to big for RSA key size");
#ifdef WOLFSSL_SMALL_STACK
XFREE(lHash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return BAD_FUNC_ARG;
}
if (inputLen > (pkcsBlockLen - 2 * hLen - 2)) {
WOLFSSL_MSG("OAEP pad error message too long");
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
XFREE(lHash, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(lHash, NULL, DYNAMIC_TYPE_TMP_BUFFER);
XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER); XFREE(seed, NULL, DYNAMIC_TYPE_TMP_BUFFER);