ASN.1 parsing: check for badly encode negative INTEGER

When encoding a negative number, when the first byte is 0xff then the next byte can't have top bit set.
2024-03-14 09:01:22 +10:00 · 2024-03-14 09:01:22 +10:00 · 40681226aa
parent 448378ce90
commit 40681226aa
1 changed files with 10 additions and 0 deletions
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@ -1065,6 +1065,16 @@ static int GetASN_Integer(const byte* input, word32 idx, int length,
        #endif
        }
    }
+    /* check for invalid padding on negative integer.
+     * c.f. X.690 (ISO/IEC 8825-2:2003 (E)) 10.4.6; RFC 5280 4.1
+     */
+    else if ((length > 1) && (input[idx] == 0xff) &&
+             ((input[idx + 1] & 0x80) != 0)) {
+        WOLFSSL_MSG("Bad INTEGER encoding of negative");
+    #ifndef WOLFSSL_ASN_INT_LEAD_0_ANY
+        return ASN_EXPECT_0_E;
+    #endif /* WOLFSSL_ASN_INT_LEAD_0_ANY */
+    }
    /* Check whether a leading zero byte was required. */
    else if (positive && (input[idx] & 0x80)) {
        WOLFSSL_MSG("INTEGER is negative");