fix RSA - wycheproof "wrong length"

This commit is contained in:
Steffen Jaeckel 2017-08-29 17:21:22 +02:00 committed by Steffen Jaeckel
parent fe9af6cfbd
commit 43e6860925
7 changed files with 22 additions and 15 deletions

View File

@ -310,7 +310,12 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen,
goto LBL_ERR; goto LBL_ERR;
} }
} }
err = CRYPT_OK;
if (inlen == 0) {
err = CRYPT_OK;
} else {
err = CRYPT_PK_INVALID_SIZE;
}
LBL_ERR: LBL_ERR:
return err; return err;

View File

@ -37,7 +37,7 @@ int dh_import(const unsigned char *in, unsigned long inlen, dh_key *key)
LTC_ASN1_SHORT_INTEGER, 1UL, &version, LTC_ASN1_SHORT_INTEGER, 1UL, &version,
LTC_ASN1_BIT_STRING, 1UL, &flags, LTC_ASN1_BIT_STRING, 1UL, &flags,
LTC_ASN1_EOL, 0UL, NULL); LTC_ASN1_EOL, 0UL, NULL);
if (err != CRYPT_OK) { if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) {
goto error; goto error;
} }

View File

@ -46,8 +46,8 @@ int dsa_decrypt_key(const unsigned char *in, unsigned long inlen,
/* decode to find out hash */ /* decode to find out hash */
LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0]));
err = der_decode_sequence(in, inlen, decode, 1);
if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) {
return err; return err;
} }

View File

@ -39,9 +39,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
} }
/* try to match the old libtomcrypt format */ /* try to match the old libtomcrypt format */
if ((err = der_decode_sequence_multi(in, inlen, err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_EOL, 0UL, NULL);
LTC_ASN1_EOL, 0UL, NULL)) == CRYPT_OK) {
if (err == CRYPT_OK || err == CRYPT_PK_INVALID_SIZE) {
/* private key */ /* private key */
if (flags[0]) { if (flags[0]) {
if ((err = der_decode_sequence_multi(in, inlen, if ((err = der_decode_sequence_multi(in, inlen,

View File

@ -52,8 +52,8 @@ int ecc_decrypt_key(const unsigned char *in, unsigned long inlen,
/* decode to find out hash */ /* decode to find out hash */
LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0])); LTC_SET_ASN1(decode, 0, LTC_ASN1_OBJECT_IDENTIFIER, hashOID, sizeof(hashOID)/sizeof(hashOID[0]));
err = der_decode_sequence(in, inlen, decode, 1);
if ((err = der_decode_sequence(in, inlen, decode, 1)) != CRYPT_OK) { if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) {
return err; return err;
} }

View File

@ -105,9 +105,9 @@ int ecc_import_ex(const unsigned char *in, unsigned long inlen, ecc_key *key, co
} }
/* find out what type of key it is */ /* find out what type of key it is */
if ((err = der_decode_sequence_multi(in, inlen, err = der_decode_sequence_multi(in, inlen, LTC_ASN1_BIT_STRING, 1UL, flags,
LTC_ASN1_BIT_STRING, 1UL, flags, LTC_ASN1_EOL, 0UL, NULL);
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) { if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) {
goto done; goto done;
} }

View File

@ -66,9 +66,10 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
} }
/* not SSL public key, try to match against PKCS #1 standards */ /* not SSL public key, try to match against PKCS #1 standards */
if ((err = der_decode_sequence_multi(in, inlen, err = der_decode_sequence_multi(in, inlen, LTC_ASN1_INTEGER, 1UL, key->N,
LTC_ASN1_INTEGER, 1UL, key->N, LTC_ASN1_EOL, 0UL, NULL);
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
if (err != CRYPT_OK && err != CRYPT_PK_INVALID_SIZE) {
goto LBL_ERR; goto LBL_ERR;
} }