diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-12-28 13:52:06 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-12-28 13:55:40 +0200 |
| commit | 7730c6cba3e4d5e1d2c4acf3f433125910635a6e (patch) | |
| tree | 4e2c6aa3058f086b23af294fc3f7125a97e082fc | |
| parent | 0da54acd6ddbe7ca9cdccfc5c05be7453e09d8f9 (diff) | |
| download | gnutls-7730c6cba3e4d5e1d2c4acf3f433125910635a6e.tar.gz | |
made PKCS#1 1.5 encoding and decoding stricter. Reported by Kikuchi Masashi.
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | lib/nettle/pk.c | 10 |
2 files changed, 11 insertions, 2 deletions
@@ -15,6 +15,9 @@ policy qualifiers. ** libgnutls: Ignore heartbeat messages when received out-of-order, instead of issuing an error. +** libgnutls: Stricter RSA PKCS #1 1.5 encoding and decoding. Reported +by Kikuchi Masashi. + ** libgnutls-guile: Fixed parallel compilation issue. ** gnutls-cli: It will try to connect to all possible returned addresses diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c index 30129bb14f..850d32a69b 100644 --- a/lib/nettle/pk.c +++ b/lib/nettle/pk.c @@ -221,7 +221,7 @@ _wrap_nettle_pk_encrypt (gnutls_pk_algorithm_t algo, goto cleanup; } - ret = _gnutls_mpi_dprint_size (p, ciphertext, plaintext->size); + ret = _gnutls_mpi_dprint_size (p, ciphertext, pub.size); if (ret < 0) { gnutls_assert (); @@ -267,6 +267,9 @@ _wrap_nettle_pk_decrypt (gnutls_pk_algorithm_t algo, _rsa_params_to_privkey (pk_params, &priv); _rsa_params_to_pubkey (pk_params, &pub); + if (ciphertext->size != pub.size) + return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED); + if (_gnutls_mpi_scan_nz (&c, ciphertext->data, ciphertext->size) != 0) { ret = gnutls_assert_val(GNUTLS_E_MPI_SCAN_FAILED); @@ -429,7 +432,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo, goto rsa_fail; } - ret = _gnutls_mpi_dprint (s, signature); + ret = _gnutls_mpi_dprint_size (s, signature, pub.size); rsa_fail: mpz_clear(s); @@ -545,6 +548,9 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo, _rsa_params_to_pubkey (pk_params, &pub); + if (signature->size != pub.size) + return gnutls_assert_val(GNUTLS_E_DECRYPTION_FAILED); + ret = _gnutls_mpi_scan_nz (&tmp[0], signature->data, signature->size); if (ret < 0) { |