forked from wolfSSL/wolfssl
fix pkcs7 memory leaks and XMALLOC result verification.
This commit is contained in:
Moisés Guimarães
@ -508,8 +508,12 @@ int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
|||||||
esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq);
|
esd.outerSeqSz = SetSequence(totalSz, esd.outerSeq);
|
||||||
totalSz += esd.outerSeqSz;
|
totalSz += esd.outerSeqSz;
|
||||||
|
|
||||||
if (outputSz < totalSz)
|
if (outputSz < totalSz) {
|
||||||
|
if (flatSignedAttribs)
|
||||||
|
XFREE(flatSignedAttribs, 0, NULL);
|
||||||
|
|
||||||
return BUFFER_E;
|
return BUFFER_E;
|
||||||
|
}
|
||||||
|
|
||||||
idx = 0;
|
idx = 0;
|
||||||
XMEMCPY(output + idx, esd.outerSeq, esd.outerSeqSz);
|
XMEMCPY(output + idx, esd.outerSeq, esd.outerSeqSz);
|
||||||
@ -845,12 +849,16 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
|
|||||||
issuerSerialSeq);
|
issuerSerialSeq);
|
||||||
|
|
||||||
/* KeyEncryptionAlgorithmIdentifier, only support RSA now */
|
/* KeyEncryptionAlgorithmIdentifier, only support RSA now */
|
||||||
if (keyEncAlgo != RSAk)
|
if (keyEncAlgo != RSAk) {
|
||||||
|
FreeDecodedCert(&decoded);
|
||||||
return ALGO_ID_E;
|
return ALGO_ID_E;
|
||||||
|
}
|
||||||
|
|
||||||
keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0);
|
keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0);
|
||||||
if (keyEncAlgSz == 0)
|
if (keyEncAlgSz == 0) {
|
||||||
|
FreeDecodedCert(&decoded);
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
|
}
|
||||||
|
|
||||||
/* EncryptedKey */
|
/* EncryptedKey */
|
||||||
ret = InitRsaKey(&pubKey, 0);
|
ret = InitRsaKey(&pubKey, 0);
|
||||||
@ -858,6 +866,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
|
|||||||
if (RsaPublicKeyDecode(decoded.publicKey, &idx, &pubKey,
|
if (RsaPublicKeyDecode(decoded.publicKey, &idx, &pubKey,
|
||||||
decoded.pubKeySize) < 0) {
|
decoded.pubKeySize) < 0) {
|
||||||
CYASSL_MSG("ASN RSA key decode error");
|
CYASSL_MSG("ASN RSA key decode error");
|
||||||
|
FreeDecodedCert(&decoded);
|
||||||
return PUBLIC_KEY_E;
|
return PUBLIC_KEY_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -866,6 +875,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
|
|||||||
FreeRsaKey(&pubKey);
|
FreeRsaKey(&pubKey);
|
||||||
if (*keyEncSz < 0) {
|
if (*keyEncSz < 0) {
|
||||||
CYASSL_MSG("RSA Public Encrypt failed");
|
CYASSL_MSG("RSA Public Encrypt failed");
|
||||||
|
FreeDecodedCert(&decoded);
|
||||||
return *keyEncSz;
|
return *keyEncSz;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -879,6 +889,7 @@ CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
|
|||||||
if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz +
|
if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz +
|
||||||
keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) {
|
keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) {
|
||||||
CYASSL_MSG("RecipientInfo output buffer too small");
|
CYASSL_MSG("RecipientInfo output buffer too small");
|
||||||
|
FreeDecodedCert(&decoded);
|
||||||
return BUFFER_E;
|
return BUFFER_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1037,8 +1048,13 @@ int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
|
|||||||
* adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */
|
* adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */
|
||||||
contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
|
contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo,
|
||||||
blkType, ivOctetStringSz + DES_BLOCK_SIZE);
|
blkType, ivOctetStringSz + DES_BLOCK_SIZE);
|
||||||
if (contentEncAlgoSz == 0)
|
|
||||||
|
if (contentEncAlgoSz == 0) {
|
||||||
|
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (dynamicFlag)
|
||||||
|
XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
return BAD_FUNC_ARG;
|
return BAD_FUNC_ARG;
|
||||||
|
}
|
||||||
|
|
||||||
/* encrypt content */
|
/* encrypt content */
|
||||||
if (pkcs7->encryptOID == DESb) {
|
if (pkcs7->encryptOID == DESb) {
|
||||||
@ -1324,6 +1340,8 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
|||||||
|
|
||||||
encryptedContent = XMALLOC(encryptedContentSz, NULL,
|
encryptedContent = XMALLOC(encryptedContentSz, NULL,
|
||||||
DYNAMIC_TYPE_TMP_BUFFER);
|
DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
|
if (encryptedContent == NULL)
|
||||||
|
return MEMORY_E;
|
||||||
|
|
||||||
XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz);
|
XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz);
|
||||||
|
|
||||||
@ -1331,8 +1349,10 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
|||||||
keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz,
|
keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz,
|
||||||
&decryptedKey, &privKey);
|
&decryptedKey, &privKey);
|
||||||
FreeRsaKey(&privKey);
|
FreeRsaKey(&privKey);
|
||||||
if (keySz <= 0)
|
if (keySz <= 0) {
|
||||||
|
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
return keySz;
|
return keySz;
|
||||||
|
}
|
||||||
|
|
||||||
/* decrypt encryptedContent */
|
/* decrypt encryptedContent */
|
||||||
if (encOID == DESb) {
|
if (encOID == DESb) {
|
||||||
@ -1361,6 +1381,7 @@ CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
CYASSL_MSG("Unsupported content encryption OID type");
|
CYASSL_MSG("Unsupported content encryption OID type");
|
||||||
|
XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER);
|
||||||
return ALGO_ID_E;
|
return ALGO_ID_E;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user