Improve the validity tests on the AlgorithmID when verifying a PKCS#1 v1.5NSS_3_11_20060905_TAG

RSA signature.  Bug 351079. r=rrelyea,wtchang.

2 files changed, 13 insertions, 1 deletions

diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c
index 3d2394627..7310dfbbe 100644
--- a/security/nss/lib/cryptohi/secvfy.c
+++ b/security/nss/lib/cryptohi/secvfy.c
@@ -85,7 +85,14 @@ DecryptSigBlock(SECOidTag *tagp, unsigned char *digest, unsigned int len,
     ** ID and the signature block
     */
     tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm);
-    /* XXX Check that tag is an appropriate algorithm? */
+    /* Check that tag is an appropriate algorithm */
+    if (tag == SEC_OID_UNKNOWN) {
+	goto sigloser;
+    }
+    /* make sure the "parameters" are not too bogus. */
+    if (di->digestAlgorithm.parameters.len > 2) {
+	goto sigloser;
+    }
     if (di->digest.len > len) {
 	PORT_SetError(SEC_ERROR_OUTPUT_LEN);
 	goto loser;
diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c
index 007aabf80..dc1dc67f4 100644
--- a/security/nss/lib/softoken/pkcs11c.c
+++ b/security/nss/lib/softoken/pkcs11c.c
@@ -2157,12 +2157,17 @@ RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key,
     if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != hashOid) {
 	goto loser;
     }
+    /* make sure the "parameters" are not too bogus. */
+    if (di->digestAlgorithm.parameters.len > 2) {
+	goto loser;
+    }
     /* Now check the signature */
     if (PORT_Memcmp(digest, di->digest.data, di->digest.len) == 0) {
 	goto done;
     }
 
   loser:
+    PORT_SetError(SEC_ERROR_BAD_SIGNATURE);
     rv = SECFailure;
 
   done: