feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Fix for wc_EccPublicKeyDecode to use the length from ASN sequence, not the provided inSz. Also checked the case where the sequence number is larger than supplied inSz and it will properly return ASN_PARSE_E. ZD 9791

Browse Source
This commit is contained in:
David Garske
2020-01-28 15:43:03 -08:00
parent a90cc51a5f
commit 9bfbdfe695
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
wolfcrypt/src/asn.c
View File

@@ -15028,7 +15028,7 @@ static int EccKeyParamCopy(char** dst, char* src)
int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
ecc_key* key, word32 inSz)
{
int length;
int tot_len, length;
int ret;
int curve_id = ECC_CURVE_DEF;
word32 oidSum, localIdx;
@@ -15037,7 +15037,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0)
return BAD_FUNC_ARG;
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
if (GetSequence(input, inOutIdx, &tot_len, inSz) < 0)
return ASN_PARSE_E;
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@@ -15211,7 +15211,7 @@ int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx,
return ret;
/* This is the raw point data compressed or uncompressed. */
if (wc_ecc_import_x963_ex(input + *inOutIdx, inSz - *inOutIdx, key,
if (wc_ecc_import_x963_ex(input + *inOutIdx, tot_len - *inOutIdx, key,
curve_id) != 0) {
return ASN_ECC_KEY_E;
}