feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

sanity checks on ed25519 private key decode

Browse Source
This commit is contained in:
Jacob Barthelmeh
2021-09-10 21:51:18 -06:00
parent ae4766ae96
commit 602ec188ad
2 changed files with 26 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wolfcrypt/src/asn.c
View File

@@ -26821,6 +26821,9 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
if (GetOctetString(input, inOutIdx, &privSz, inSz) < 0)
return ASN_PARSE_E;
if ((word32)privSz > *privKeyLen)
return BUFFER_E;
priv = input + *inOutIdx;
*inOutIdx += privSz;
endKeyIdx = *inOutIdx;
@@ -26840,6 +26843,10 @@ static int DecodeAsymKey(const byte* input, word32* inOutIdx, word32 inSz,
if (GetOctetString(input, inOutIdx, &pubSz, inSz) < 0) {
return ASN_PARSE_E;
}
if ((word32)pubSz > *pubKeyLen)
return BUFFER_E;
pub = input + *inOutIdx;
*inOutIdx += pubSz;

19
wolfcrypt/test/test.c
View File

@@ -26023,6 +26023,20 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19,
0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60
};
static byte badPrivateEd25519[] = {
0x30,0x52,0x02,0x01,0x00,0x30,0x05,0x06,
0x03,0x2b,0x65,0x70,0x04,0x22,0x04,0x20,
0x9d,0x61,0xb1,0x9d,0xef,0xfd,0x5a,0x60,
0xba,0x84,0x4a,0xf4,0x92,0xec,0x2c,0xc4,
0x44,0x49,0xc5,0x69,0x7b,0x32,0x69,0x19,
0x70,0x3b,0xac,0x03,0x1c,0xae,0x7f,0x60,
0xa1,0x22,0x04,0x21,0xd7,0x5a,0x98,0x01, /* octet len 0x20 -> 0x21 */
0x82,0xb1,0x0a,0xb7,0xd5,0x4b,0xfe,0xd3,
0xc9,0x64,0x07,0x3a,0x0e,0xe1,0x72,0xf3,
0xda,0xa6,0x23,0x25,0xaf,0x02,0x1a,0x68,
0xf7,0x07,0x51,0x1a,
0x00 /* add additional bytes to make the pubkey bigger */
};
static byte publicEd25519[] = {
0x30,0x2a,0x30,0x05,0x06,0x03,0x2b,0x65,
0x70,0x03,0x21,0x00,0xd7,0x5a,0x98,0x01,
@@ -26174,6 +26188,11 @@ WOLFSSL_TEST_SUBROUTINE int ed25519_test(void)
sizeof(privateEd25519)) != 0)
return -11121;
idx = 0;
if (wc_Ed25519PrivateKeyDecode(badPrivateEd25519, &idx, &key3,
sizeof(badPrivateEd25519)) == 0)
return -11122;
if (wc_ed25519_sign_msg(msgs[0], msgSz[0], out, &outlen, &key3)
!= BAD_FUNC_ARG)
return -11131;