PKCS12 and unicode password size check improvement

This commit is contained in:
Ruby Martin
2026-04-30 16:30:29 -06:00
parent 3ff02a7a95
commit 1bf33bcc0b
2 changed files with 5 additions and 2 deletions
+2 -1
View File
@@ -558,7 +558,8 @@ static int wc_PKCS12_create_mac(WC_PKCS12* pkcs12, byte* data, word32 dataSz,
return MEMORY_E; });
/* unicode set up from asn.c */
if ((pswSz * 2 + 2) > MAX_UNICODE_SZ) {
if (pswSz >= MAX_UNICODE_SZ ||
(pswSz * 2 + 2) > MAX_UNICODE_SZ) {
WOLFSSL_MSG("PKCS12 max unicode size too small");
ret = UNICODE_SIZE_E;
goto exit_mac;
+3 -1
View File
@@ -467,7 +467,9 @@ int wc_CryptKey(const char* password, int passwordSz, const byte* salt,
int i, idx = 0;
byte unicodePasswd[MAX_UNICODE_SZ];
if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
if (passwordSz < 0 ||
passwordSz >= (int)sizeof(unicodePasswd) ||
(passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) {
ret = UNICODE_SIZE_E;
break;
}