diff options
author | kaie%kuix.de <devnull@localhost> | 2006-09-06 03:43:01 +0000 |
---|---|---|
committer | kaie%kuix.de <devnull@localhost> | 2006-09-06 03:43:01 +0000 |
commit | 13c508826246135de264956eaeccb4b3e7f2a68e (patch) | |
tree | 95c949280280181e8e61d11256a6039b20684ee9 | |
parent | e037b14c56ca15921becded36580230f6a3b6ecb (diff) | |
download | nss-hg-13c508826246135de264956eaeccb4b3e7f2a68e.tar.gz |
Fix Bug 351079
Patch by Nelson, r=rrelyea, r=wtchang, a=mtschrep
-rw-r--r-- | security/nss/lib/cryptohi/secvfy.c | 9 | ||||
-rw-r--r-- | security/nss/lib/softoken/pkcs11c.c | 5 |
2 files changed, 13 insertions, 1 deletions
diff --git a/security/nss/lib/cryptohi/secvfy.c b/security/nss/lib/cryptohi/secvfy.c index 3d2394627..7310dfbbe 100644 --- a/security/nss/lib/cryptohi/secvfy.c +++ b/security/nss/lib/cryptohi/secvfy.c @@ -85,7 +85,14 @@ DecryptSigBlock(SECOidTag *tagp, unsigned char *digest, unsigned int len, ** ID and the signature block */ tag = SECOID_GetAlgorithmTag(&di->digestAlgorithm); - /* XXX Check that tag is an appropriate algorithm? */ + /* Check that tag is an appropriate algorithm */ + if (tag == SEC_OID_UNKNOWN) { + goto sigloser; + } + /* make sure the "parameters" are not too bogus. */ + if (di->digestAlgorithm.parameters.len > 2) { + goto sigloser; + } if (di->digest.len > len) { PORT_SetError(SEC_ERROR_OUTPUT_LEN); goto loser; diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index 11068de17..c66c9ddf3 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -2157,12 +2157,17 @@ RSA_HashCheckSign(SECOidTag hashOid, NSSLOWKEYPublicKey *key, if (SECOID_GetAlgorithmTag(&di->digestAlgorithm) != hashOid) { goto loser; } + /* make sure the "parameters" are not too bogus. */ + if (di->digestAlgorithm.parameters.len > 2) { + goto loser; + } /* Now check the signature */ if (PORT_Memcmp(digest, di->digest.data, di->digest.len) == 0) { goto done; } loser: + PORT_SetError(SEC_ERROR_BAD_SIGNATURE); rv = SECFailure; done: |