feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #5222 from tmael/rsa_sanity

Browse Source 
Add a sanity check in RsaPad_OAEP
This commit is contained in:
David Garske
2022-06-09 08:04:16 -07:00
committed by GitHub
parent 9fb1143eba 2748bfc737
commit 9954afa538
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wolfcrypt/src/asn.c
View File

@@ -19192,7 +19192,7 @@ void FreeSigner(Signer* signer, void* heap)
FreeDer(&signer->derCert); FreeDer(&signer->derCert);
#endif #endif
XFREE(signer, heap, DYNAMIC_TYPE_SIGNER); XFREE(signer, heap, DYNAMIC_TYPE_SIGNER);
(void)signer;
(void)heap; (void)heap;
} }

6
wolfcrypt/src/rsa.c
View File

@@ -1167,6 +1167,10 @@ static int RsaPad_OAEP(const byte* input, word32 inputLen, byte* pkcsBlock,
XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER); XFREE(seed, heap, DYNAMIC_TYPE_RSA_BUFFER);
return MEMORY_E; return MEMORY_E;
} }
#else
if (pkcsBlockLen - hLen - 1 > sizeof(dbMask)) {
return MEMORY_E;
}
#endif #endif
XMEMSET(dbMask, 0, pkcsBlockLen - hLen - 1); /* help static analyzer */ XMEMSET(dbMask, 0, pkcsBlockLen - hLen - 1); /* help static analyzer */
ret = RsaMGF(mgf, seed, hLen, dbMask, pkcsBlockLen - hLen - 1, heap); ret = RsaMGF(mgf, seed, hLen, dbMask, pkcsBlockLen - hLen - 1, heap);
@@ -3117,7 +3121,7 @@ static int RsaPublicEncryptEx(const byte* in, word32 inLen, byte* out,
return RSA_BUFFER_E; return RSA_BUFFER_E;
} }
if (sz < RSA_MIN_PAD_SZ) { if (sz < RSA_MIN_PAD_SZ || sz > (int)RSA_MAX_SIZE/8) {
return WC_KEY_SIZE_E; return WC_KEY_SIZE_E;
} }