From 4b2b878ddd08a6a56ed35b489d161da3cbc16b1f Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Mon, 14 Nov 2016 14:47:13 +0100 Subject: PKCS#5,7 decryption: enforce limits in the support parameter sizes This allows to detect invalid parameters early rather than later. Relates #148 --- lib/x509/pkcs7-crypt.c | 38 ++++++++++++++++++++++++++++---------- lib/x509/privkey_pkcs8_pbes1.c | 5 +++++ lib/x509/x509_int.h | 4 ++-- 3 files changed, 35 insertions(+), 12 deletions(-) diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c index 4eecc29146..2d2e170bfd 100644 --- a/lib/x509/pkcs7-crypt.c +++ b/lib/x509/pkcs7-crypt.c @@ -647,6 +647,11 @@ read_pbkdf2_params(ASN1_TYPE pasn, } _gnutls_hard_log("salt.specified.size: %d\n", params->salt_size); + if (params->salt_size < 0) { + result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + /* read the iteration count */ result = @@ -656,6 +661,12 @@ read_pbkdf2_params(ASN1_TYPE pasn, gnutls_assert(); goto error; } + + if (params->iter_count >= INT_MAX || params->iter_count == 0) { + result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + _gnutls_hard_log("iterationCount: %d\n", params->iter_count); /* read the keylength, if it is set. @@ -665,6 +676,12 @@ read_pbkdf2_params(ASN1_TYPE pasn, if (result < 0) { params->key_size = 0; } + + if (params->key_size > MAX_CIPHER_KEY_SIZE) { + result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + _gnutls_hard_log("keyLength: %d\n", params->key_size); len = sizeof(oid); @@ -705,28 +722,29 @@ static int read_pkcs12_kdf_params(ASN1_TYPE pasn, struct pbkdf2_params *params) asn1_read_value(pasn, "salt", params->salt, ¶ms->salt_size); if (result != ASN1_SUCCESS) { gnutls_assert(); - result = _gnutls_asn2err(result); - goto error; + return _gnutls_asn2err(result); } + + if (params->salt_size < 0) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + _gnutls_hard_log("salt.size: %d\n", params->salt_size); /* read the iteration count */ result = _gnutls_x509_read_uint(pasn, "iterations", ¶ms->iter_count); - if (result < 0) { - gnutls_assert(); - goto error; - } + if (result < 0) + return gnutls_assert_val(result); + + if (params->iter_count >= INT_MAX || params->iter_count == 0) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + _gnutls_hard_log("iterationCount: %d\n", params->iter_count); params->key_size = 0; return 0; - - error: - return result; - } /* Writes the PBE parameters for PKCS-12 schemas. diff --git a/lib/x509/privkey_pkcs8_pbes1.c b/lib/x509/privkey_pkcs8_pbes1.c index d621851365..933363d37c 100644 --- a/lib/x509/privkey_pkcs8_pbes1.c +++ b/lib/x509/privkey_pkcs8_pbes1.c @@ -74,6 +74,11 @@ int _gnutls_read_pbkdf1_params(const uint8_t * data, int data_size, goto error; } + if (kdf_params->iter_count >= INT_MAX || kdf_params->iter_count == 0) { + ret = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + len = sizeof(kdf_params->salt); result = asn1_read_value(pasn, "salt", diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h index 4fe0e3dc2a..198a69d500 100644 --- a/lib/x509/x509_int.h +++ b/lib/x509/x509_int.h @@ -116,8 +116,8 @@ typedef struct gnutls_pkcs7_int { struct pbkdf2_params { uint8_t salt[32]; int salt_size; - unsigned int iter_count; - unsigned int key_size; + unsigned iter_count; + unsigned key_size; gnutls_mac_algorithm_t mac; }; -- cgit v1.2.1