WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #742 from dgarske/fix_asn_getlen 

Improved ASN error checking
pull/747/head
toddouska 2017-02-09 13:05:26 -08:00 committed by GitHub
parent 8763a71420 321392998d
commit c022614e07
4 changed files with 410 additions and 333 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

623
wolfcrypt/src/asn.c
View File

File diff suppressed because it is too large Load Diff

14
wolfcrypt/src/pkcs12.c
View File

@ -200,7 +200,7 @@ static int GetSafeContent(WC_PKCS12* pkcs12, const byte* input,
freeSafe(safe, pkcs12->heap);
return ASN_PARSE_E;
}
if ((ret = GetLength(input, &localIdx, &size, maxIdx)) < 0) {
if ((ret = GetLength(input, &localIdx, &size, maxIdx)) <= 0) {
freeSafe(safe, pkcs12->heap);
return ret;
}
@ -218,7 +218,7 @@ static int GetSafeContent(WC_PKCS12* pkcs12, const byte* input,
freeSafe(safe, pkcs12->heap);
return ASN_PARSE_E;
}
if ((ret = GetLength(input, &localIdx, &size, maxIdx)) < 0) {
if ((ret = GetLength(input, &localIdx, &size, maxIdx)) <= 0) {
freeSafe(safe, pkcs12->heap);
return ret;
}
@ -367,7 +367,7 @@ static int GetSignData(WC_PKCS12* pkcs12, const byte* mem, word32* idx,
return ASN_PARSE_E;
}
if ((ret = GetLength(mem, &curIdx, &size, totalSz)) < 0) {
if ((ret = GetLength(mem, &curIdx, &size, totalSz)) <= 0) {
XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
return ret;
}
@ -398,7 +398,7 @@ static int GetSignData(WC_PKCS12* pkcs12, const byte* mem, word32* idx,
return ASN_PARSE_E;
}
if ((ret = GetLength(mem, &curIdx, &size, totalSz)) < 0) {
if ((ret = GetLength(mem, &curIdx, &size, totalSz)) <= 0) {
XFREE(mac->digest, pkcs12->heap, DYNAMIC_TYPE_PKCS);
XFREE(mac, pkcs12->heap, DYNAMIC_TYPE_PKCS);
return ret;
@ -800,7 +800,7 @@ int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
freeCertList(certList, pkcs12->heap);
return ASN_PARSE_E;
}
if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
if ((ret = GetLength(data, &idx, &size, ci->dataSz)) <= 0) {
freeBuffers(*pkey, buf, pkcs12->heap);
freeCertList(certList, pkcs12->heap);
return ret;
@ -851,7 +851,7 @@ int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
freeCertList(certList, pkcs12->heap);
return ASN_PARSE_E;
}
if ((ret = GetLength(data, &idx, &size, ci->dataSz)) < 0) {
if ((ret = GetLength(data, &idx, &size, ci->dataSz)) <= 0) {
freeBuffers(*pkey, buf, pkcs12->heap);
freeCertList(certList, pkcs12->heap);
return ASN_PARSE_E;
@ -987,7 +987,7 @@ int wc_PKCS12_parse(WC_PKCS12* pkcs12, const char* psw,
return ASN_PARSE_E;
}
if ((ret = GetLength(data, &idx, &size, ci->dataSz))
< 0) {
<= 0) {
freeBuffers(*pkey, buf, pkcs12->heap);
freeCertList(certList, pkcs12->heap);
return ret;

30
wolfcrypt/src/pkcs7.c
View File

@ -86,7 +86,7 @@ static int wc_SetContentType(int pkcs7TypeOID, byte* output)
typeSz = sizeof(signedData);
typeName = signedData;
break;
case ENVELOPED_DATA:
typeSz = sizeof(envelopedData);
typeName = envelopedData;
@ -853,7 +853,7 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))
return ASN_PARSE_E;
if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0)
if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) <= 0)
return ASN_PARSE_E;
if (pkiMsg[idx++] != ASN_OCTET_STRING)
@ -2735,14 +2735,18 @@ static int wc_PKCS7_KariGetUserKeyingMaterial(WC_PKCS7_KARI* kari,
return 0;
}
kari->ukm = (byte*)XMALLOC(length, kari->heap, DYNAMIC_TYPE_PKCS7);
if (kari->ukm == NULL)
return MEMORY_E;
kari->ukm = NULL;
if (length > 0) {
kari->ukm = (byte*)XMALLOC(length, kari->heap, DYNAMIC_TYPE_PKCS7);
if (kari->ukm == NULL)
return MEMORY_E;
XMEMCPY(kari->ukm, pkiMsg + (*idx), length);
kari->ukmOwner = 1;
}
XMEMCPY(kari->ukm, pkiMsg + (*idx), length);
(*idx) += length;
kari->ukmSz = length;
kari->ukmOwner = 1;
return 0;
}
@ -3129,7 +3133,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
/* walk through RecipientInfo set, find correct recipient */
if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
#ifdef WOLFSSL_SMALL_STACK
decryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL,
DYNAMIC_TYPE_PKCS7);
@ -3163,7 +3167,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
#endif
return ASN_PARSE_E;
}
if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(decryptedKey, NULL, DYNAMIC_TYPE_PKCS7);
@ -3201,14 +3205,14 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
#endif
return ASN_PARSE_E;
}
if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(decryptedKey, NULL, DYNAMIC_TYPE_PKCS7);
#endif
return ASN_PARSE_E;
}
if (length != expBlockSz) {
WOLFSSL_MSG("Incorrect IV length, must be of content alg block size");
#ifdef WOLFSSL_SMALL_STACK
@ -3228,7 +3232,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
return ASN_PARSE_E;
}
if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0) {
if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(decryptedKey, NULL, DYNAMIC_TYPE_PKCS7);
#endif
@ -3682,7 +3686,7 @@ int wc_PKCS7_DecodeEncryptedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz,
if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0))
return ASN_PARSE_E;
if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0)
if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) <= 0)
return ASN_PARSE_E;
encryptedContent = (byte*)XMALLOC(encryptedContentSz, pkcs7->heap,

76
wolfcrypt/user-crypto/src/rsa.c
View File

@ -792,39 +792,39 @@ static int GetLength(const byte* input, word32* inOutIdx, int* len,
word32 maxIdx)
{
int length = 0;
word32 i = *inOutIdx;
word32 idx = *inOutIdx;
byte b;
*len = 0; /* default length */
if ( (i+1) > maxIdx) { /* for first read */
if ((idx + 1) > maxIdx) { /* for first read */
USER_DEBUG(("GetLength bad index on input\n"));
return USER_CRYPTO_ERROR;
}
b = input[i++];
b = input[idx++];
if (b >= 0x80) {
word32 bytes = b & 0x7F;
if ( (i+bytes) > maxIdx) { /* for reading bytes */
if ((idx + bytes) > maxIdx) { /* for reading bytes */
USER_DEBUG(("GetLength bad long length\n"));
return USER_CRYPTO_ERROR;
}
while (bytes--) {
b = input[i++];
b = input[idx++];
length = (length << 8) | b;
}
}
else
length = b;
if ( (i+length) > maxIdx) { /* for user of length */
if ((idx + length) > maxIdx) { /* for user of length */
USER_DEBUG(("GetLength value exceeds buffer length\n"));
return USER_CRYPTO_ERROR;
}
*inOutIdx = i;
*inOutIdx = idx;
if (length > 0)
*len = length;
@ -836,21 +836,28 @@ static int GetInt(IppsBigNumState** mpi, const byte* input, word32* inOutIdx,
word32 maxIdx)
{
IppStatus ret;
word32 i = *inOutIdx;
byte b = input[i++];
word32 idx = *inOutIdx;
byte b;
int length;
int ctxSz;
if ((idx + 1) > maxIdx)
return USER_CRYPTO_ERROR;
b = input[idx++];
if (b != 0x02)
return USER_CRYPTO_ERROR;
if (GetLength(input, &i, &length, maxIdx) < 0)
if (GetLength(input, &idx, &length, maxIdx) < 0)
return USER_CRYPTO_ERROR;
if ( (b = input[i++]) == 0x00)
length--;
else
i--;
if (length > 0) {
/* remove leading zero */
if ( (b = input[idx++]) == 0x00)
length--;
else
idx--;
}
ret = ippsBigNumGetSize(length, &ctxSz);
if (ret != ippStsNoErr)
@ -864,11 +871,11 @@ static int GetInt(IppsBigNumState** mpi, const byte* input, word32* inOutIdx,
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
ret = ippsSetOctString_BN((Ipp8u*)input + i, length, *mpi);
ret = ippsSetOctString_BN((Ipp8u*)input + idx, length, *mpi);
if (ret != ippStsNoErr)
return USER_CRYPTO_ERROR;
*inOutIdx = i + length;
*inOutIdx = idx + length;
return 0;
}
@ -879,6 +886,9 @@ static int GetSequence(const byte* input, word32* inOutIdx, int* len,
int length = -1;
word32 idx = *inOutIdx;
if ((idx + 1) > maxIdx)
return USER_CRYPTO_ERROR;
if (input[idx++] != (0x10 | 0x20) ||
GetLength(input, &idx, &length, maxIdx) < 0)
return USER_CRYPTO_ERROR;
@ -891,10 +901,13 @@ static int GetSequence(const byte* input, word32* inOutIdx, int* len,
static int GetMyVersion(const byte* input, word32* inOutIdx,
int* version)
int* version, word32 maxIdx)
{
word32 idx = *inOutIdx;
if ((idx + 3) > maxIdx)
return USER_CRYPTO_ERROR;
if (input[idx++] != 0x02)
return USER_CRYPTO_ERROR;
@ -921,7 +934,7 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return USER_CRYPTO_ERROR;
if (GetMyVersion(input, inOutIdx, &version) < 0)
if (GetMyVersion(input, inOutIdx, &version, inSz) < 0)
return USER_CRYPTO_ERROR;
key->type = RSA_PRIVATE;
@ -1046,9 +1059,12 @@ int wc_RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
word32 inSz)
{
int length;
int length;
int ctxSz;
IppStatus ret;
#if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
byte b;
#endif
USER_DEBUG(("Entering wc_RsaPublicKeyDecode\n"));
@ -1058,8 +1074,10 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
key->type = RSA_PUBLIC;
#if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA)
{
byte b = input[*inOutIdx];
if ((*inOutIdx + 1) > inSz)
return USER_CRYPTO_ERROR;
b = input[*inOutIdx];
if (b != ASN_INTEGER) {
/* not from decoded cert, will have algo id, skip past */
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
@ -1082,16 +1100,17 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
if (b != 0)
return USER_CRYPTO_ERROR;
}
else
/* go back, didn't have it */
else {
/* go back, didn't have it */
(*inOutIdx)--;
}
/* should have bit tag length and seq next */
b = input[(*inOutIdx)++];
if (b != ASN_BIT_STRING)
return USER_CRYPTO_ERROR;
if (GetLength(input, inOutIdx, &length, inSz) < 0)
if (GetLength(input, inOutIdx, &length, inSz) <= 0)
return USER_CRYPTO_ERROR;
/* could have 0 */
@ -1101,12 +1120,13 @@ int wc_RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key,
if (GetSequence(input, inOutIdx, &length, inSz) < 0)
return USER_CRYPTO_ERROR;
} /* end if */
} /* openssl var block */
#endif /* OPENSSL_EXTRA */
}
#endif /* OPENSSL_EXTRA || RSA_DECODE_EXTRA */
if (GetInt(&key->n, input, inOutIdx, inSz) < 0 ||
GetInt(&key->e, input, inOutIdx, inSz) < 0 ) return USER_CRYPTO_ERROR;
GetInt(&key->e, input, inOutIdx, inSz) < 0) {
return USER_CRYPTO_ERROR;
}
/* get sizes set for IPP BN states */
ret = ippsGetSize_BN(key->n, &key->nSz);