TeaSpeak/tomcrypt
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initialize 'flags' etc. to invalid values before trying to decode

Browse Source
This commit is contained in:
Steffen Jaeckel 2017-09-24 13:11:35 +02:00
parent 8935cd9a8a
commit 13cb43ad4c
6 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/pk/dh/dh_import.c
View File

@ -32,6 +32,8 @@ int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key)
return err; return err;
} }
version = 666;
flags[0] = 0xff;
/* find out what type of key it is */ /* find out what type of key it is */
err = der_decode_sequence_multi(in, inlen, err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_SHORT_INTEGER, 1UL, &version, LTC_ASN1_SHORT_INTEGER, 1UL, &version,
@ -58,7 +60,7 @@ int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key)
goto error; goto error;
} }
} }
else { else if (flags[0] == 0) {
key->type = PK_PUBLIC; key->type = PK_PUBLIC;
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_SHORT_INTEGER, 1UL, &version, LTC_ASN1_SHORT_INTEGER, 1UL, &version,
@ -70,6 +72,10 @@ int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key)
goto error; goto error;
} }
} }
else {
err = CRYPT_INVALID_PACKET;
goto error;
}
} }
else { else {
err = CRYPT_INVALID_PACKET; err = CRYPT_INVALID_PACKET;

3
src/pk/dsa/dsa_decrypt_key.c
View File

@ -30,7 +30,8 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen,
{ {
unsigned char *skey, *expt; unsigned char *skey, *expt;
void *g_pub; void *g_pub;
unsigned long x, y, hashOID[32]; unsigned long x, y;
unsigned long hashOID[32] = { 0 };
int hash, err; int hash, err;
ltc_asn1_list decode[3]; ltc_asn1_list decode[3];

9
src/pk/dsa/dsa_import.c
View File

@ -38,13 +38,14 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
return CRYPT_MEM; return CRYPT_MEM;
} }
flags[0] = 0xff;
/* try to match the old libtomcrypt format */ /* try to match the old libtomcrypt format */
err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_EOL, 0UL, NULL); LTC_ASN1_EOL, 0UL, NULL);
if (err == CRYPT_OK || err == CRYPT_PK_INVALID_SIZE) { if (err == CRYPT_OK || err == CRYPT_PK_INVALID_SIZE) {
/* private key */ /* private key */
if (flags[0]) { if (flags[0] == 1) {
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_INTEGER, 1UL, key->g, LTC_ASN1_INTEGER, 1UL, key->g,
@ -59,7 +60,7 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
goto LBL_OK; goto LBL_OK;
} }
/* public key */ /* public key */
else { else if (flags[0] == 0) {
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_INTEGER, 1UL, key->g, LTC_ASN1_INTEGER, 1UL, key->g,
@ -72,6 +73,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
key->type = PK_PUBLIC; key->type = PK_PUBLIC;
goto LBL_OK; goto LBL_OK;
} }
else {
err = CRYPT_INVALID_PACKET;
goto LBL_ERR;
}
} }
/* get key type */ /* get key type */
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,

3
src/pk/ecc/ecc_decrypt_key.c
View File

@ -35,7 +35,8 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
ecc_key *key) ecc_key *key)
{ {
unsigned char *ecc_shared, *skey, *pub_expt; unsigned char *ecc_shared, *skey, *pub_expt;
unsigned long x, y, hashOID[32]; unsigned long x, y;
unsigned long hashOID[32] = { 0 };
int hash, err; int hash, err;
ecc_key pubkey; ecc_key pubkey;
ltc_asn1_list decode[3]; ltc_asn1_list decode[3];

7
src/pk/ecc/ecc_import.c
View File

@ -104,6 +104,7 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co
return CRYPT_MEM; return CRYPT_MEM;
} }
flags[0] = 0xff;
/* find out what type of key it is */ /* find out what type of key it is */
err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags, err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_EOL, 0UL, NULL); LTC_ASN1_EOL, 0UL, NULL);
@ -124,7 +125,7 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto done; goto done;
} }
} else { } else if (flags[0] == 0) {
/* public key */ /* public key */
key->type = PK_PUBLIC; key->type = PK_PUBLIC;
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,
@ -136,6 +137,10 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co
goto done; goto done;
} }
} }
else {
err = CRYPT_INVALID_PACKET;
goto done;
}
if (dp == NULL) { if (dp == NULL) {
/* find the idx */ /* find the idx */

1
src/pk/rsa/rsa_import.c
View File

@ -65,6 +65,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
goto LBL_FREE; goto LBL_FREE;
} }
mp_set_int(key->N, 666);
/* not SSL public key, try to match against PKCS #1 standards */ /* not SSL public key, try to match against PKCS #1 standards */
err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N, err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_EOL, 0UL, NULL); LTC_ASN1_EOL, 0UL, NULL);