diff options
author | nelson%bolyard.com <devnull@localhost> | 2006-09-05 09:52:05 +0000 |
---|---|---|
committer | nelson%bolyard.com <devnull@localhost> | 2006-09-05 09:52:05 +0000 |
commit | 7eab3b6b940dbb36e37af402346de254c0d64e98 (patch) | |
tree | 4a094d4b7647d67f15f5dde37b34f0ec4db52ac8 | |
parent | 6317405f27158b29631fc4b4162bfd21dd9400ee (diff) | |
download | nss-hg-7eab3b6b940dbb36e37af402346de254c0d64e98.tar.gz |
Improve the validity tests on the AlgorithmID when verifying a PKCS#1 v1.5NSS_3_11_20060905_TAG
RSA signature. Bug 351079. r=rrelyea,wtchang.
-rw-r--r-- | security/nss/lib/cryptohi/secvfy.c | 9 | ||||
-rw-r--r-- | security/nss/lib/softoken/pkcs11c.c | 5 |
2 files changed, 13 insertions, 1 deletions
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c index 3d2394627..7310dfbbe 100644 --- a/security/nss/lib/cryptohi/secvfy.c +++ b/security/nss/lib/cryptohi/secvfy.c @@ -85,7 +85,14 @@ DecryptSigBlock(SECOidTag *tagp, unsigned char *digest, unsigned int len, ** ID and the signature block */ tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm); - /* XXX Check that tag is an appropriate algorithm? */ + /* Check that tag is an appropriate algorithm */ + if (tag == SEC_OID_UNKNOWN) { + goto sigloser; + } + /* make sure the "parameters" are not too bogus. */ + if (di->digestAlgorithm.parameters.len > 2) { + goto sigloser; + } if (di->digest.len > len) { PORT_SetError(SEC_ERROR_OUTPUT_LEN); goto loser; diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index 007aabf80..dc1dc67f4 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -2157,12 +2157,17 @@ RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key, if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != hashOid) { goto loser; } + /* make sure the "parameters" are not too bogus. */ + if (di->digestAlgorithm.parameters.len > 2) { + goto loser; + } /* Now check the signature */ if (PORT_Memcmp(digest, di->digest.data, di->digest.len) == 0) { goto done; } loser: + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); rv = SECFailure; done: |