PKCS#5,7 decryption: enforce limits in the support parameter sizes

This allows to detect invalid parameters early rather than later.
Relates #148

2 files changed, 30 insertions, 12 deletions

diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 4b645b4856..5834afb938 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -1371,6 +1371,11 @@ read_pbkdf2_params(ASN1_TYPE pbes2_asn,
 	}
 	_gnutls_hard_log("salt.specified.size: %d\n", params->salt_size);
 
+	if (params->salt_size < 0) {
+		result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
 	/* read the iteration count 
 	 */
 	result =
@@ -1380,6 +1385,12 @@ read_pbkdf2_params(ASN1_TYPE pbes2_asn,
 		gnutls_assert();
 		goto error;
 	}
+
+	if (params->iter_count >= INT_MAX || params->iter_count == 0) {
+		result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
 	_gnutls_hard_log("iterationCount: %d\n", params->iter_count);
 
 	/* read the keylength, if it is set.
@@ -1390,6 +1401,12 @@ read_pbkdf2_params(ASN1_TYPE pbes2_asn,
 	if (result < 0) {
 		params->key_size = 0;
 	}
+
+	if (params->key_size > MAX_CIPHER_KEY_SIZE) {
+		result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		goto error;
+	}
+
 	_gnutls_hard_log("keyLength: %d\n", params->key_size);
 
 	len = sizeof(oid);
@@ -1434,9 +1451,12 @@ read_pkcs12_kdf_params(ASN1_TYPE pbes2_asn, struct pbkdf2_params *params)
 			    &params->salt_size);
 	if (result != ASN1_SUCCESS) {
 		gnutls_assert();
-		result = _gnutls_asn2err(result);
-		goto error;
+		return _gnutls_asn2err(result);
 	}
+
+	if (params->salt_size < 0)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
 	_gnutls_hard_log("salt.size: %d\n", params->salt_size);
 
 	/* read the iteration count 
@@ -1444,19 +1464,17 @@ read_pkcs12_kdf_params(ASN1_TYPE pbes2_asn, struct pbkdf2_params *params)
 	result =
 	    _gnutls_x509_read_uint(pbes2_asn, "iterations",
 				   &params->iter_count);
-	if (result != ASN1_SUCCESS) {
-		gnutls_assert();
-		goto error;
-	}
+	if (result < 0)
+		return gnutls_assert_val(result);
+
 	_gnutls_hard_log("iterationCount: %d\n", params->iter_count);
 
+	if (params->iter_count >= INT_MAX || params->iter_count == 0)
+		return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+
 	params->key_size = 0;
 
 	return 0;
-
-      error:
-	return result;
-
 }
 
 /* Writes the PBE parameters for PKCS-12 schemas.
diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h
index 89c394cddf..803f3919ef 100644
--- a/lib/x509/x509_int.h
+++ b/lib/x509/x509_int.h
@@ -88,8 +88,8 @@ typedef struct gnutls_pkcs7_int {
 struct pbkdf2_params {
 	uint8_t salt[32];
 	int salt_size;
-	unsigned int iter_count;
-	unsigned int key_size;
+	unsigned iter_count;
+	unsigned key_size;
 	gnutls_mac_algorithm_t mac;
 };