_decode_pkcs8_eddsa_key: ensure that the key size read matches the curve sizetmp-oss-fuzz-fix

That is, in the newly introduced ed25519 keys we didn't check whether the input size in the PKCS#8 file matched the curve size. Found using oss-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2689 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-07-20 16:49:11 +0200
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-07-21 10:25:15 +0200
commit: 460ac3cad0a97a54f10e30e3d6ac0b649474536a (patch)
tree: 729507b263e6b4c5d3bec0921534e6bea1216ece
parent: 644ec1593efb6d296c611b28e47d8bbcb5e2ef08 (diff)
download: gnutls-tmp-oss-fuzz-fix.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 4eabf0b5cd..23b27ec8c3 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -1058,6 +1058,10 @@ _decode_pkcs8_eddsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey, const c
 			return gnutls_assert_val(ret);
 		}
 
+		if (tmp.size != ce->size) {
+			gnutls_free(tmp.data);
+			return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER);
+		}
 		gnutls_free(pkey->params.raw_priv.data);
 		pkey->params.algo = GNUTLS_PK_EDDSA_ED25519;
 		pkey->params.raw_priv.data = tmp.data;
@@ -1338,6 +1342,8 @@ gnutls_x509_privkey_import_pkcs8(gnutls_x509_privkey_t key,
 		goto cleanup;
 	}
 
+	/* This part is necessary to get the public key on certain algorithms.
+	 * In the import above we only get the private key. */
 	result =
 	    _gnutls_pk_fixup(key->pk_algorithm, GNUTLS_IMPORT, &key->params);
 	if (result < 0) {
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-07-20 16:49:11 +0200
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-07-21 10:25:15 +0200
commit	460ac3cad0a97a54f10e30e3d6ac0b649474536a (patch)
tree	729507b263e6b4c5d3bec0921534e6bea1216ece
parent	644ec1593efb6d296c611b28e47d8bbcb5e2ef08 (diff)
download	gnutls-tmp-oss-fuzz-fix.tar.gz