diff options
author | nelson%bolyard.com <devnull@localhost> | 2010-04-03 19:06:23 +0000 |
---|---|---|
committer | nelson%bolyard.com <devnull@localhost> | 2010-04-03 19:06:23 +0000 |
commit | 091d33db0d6856f77dd33d2cb6272a8efb4da670 (patch) | |
tree | 03fb1adbfda155645452e725d635301240349375 /security/nss | |
parent | 2c2d10fc237dcb0f151e8e4fef63eb8c8b68566b (diff) | |
download | nss-hg-091d33db0d6856f77dd33d2cb6272a8efb4da670.tar.gz |
Bug 554354: SSL client doesn't validate ECDH params from server, r=rrelyea
Diffstat (limited to 'security/nss')
-rw-r--r-- | security/nss/lib/cryptohi/seckey.c | 19 | ||||
-rw-r--r-- | security/nss/lib/ssl/ssl3con.c | 8 |
2 files changed, 25 insertions, 2 deletions
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c index 7a58b212d..cc9962cc2 100644 --- a/security/nss/lib/cryptohi/seckey.c +++ b/security/nss/lib/cryptohi/seckey.c @@ -227,7 +227,17 @@ SECKEYPrivateKey * SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx) { SECKEYPrivateKey *privk; - PK11SlotInfo *slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx); + PK11SlotInfo *slot; + + if (!param || !param->base.data || !param->prime.data || + param->prime.len < 512/8 || param->base.len == 0 || + param->base.len > param->prime.len + 1 || + (param->base.len == 1 && param->base.data[0] == 0)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return NULL; + } + + slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx); if (!slot) { return NULL; } @@ -1466,16 +1476,20 @@ SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk) /* interpret modulus length as key strength... in * fortezza that's the public key length */ - + if (!pubk) + goto loser; switch (pubk->keyType) { case rsaKey: + if (!pubk->u.rsa.modulus.data) break; b0 = pubk->u.rsa.modulus.data[0]; return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1; case dsaKey: + if (!pubk->u.dsa.publicValue.data) break; b0 = pubk->u.dsa.publicValue.data[0]; return b0 ? pubk->u.dsa.publicValue.len : pubk->u.dsa.publicValue.len - 1; case dhKey: + if (!pubk->u.dh.publicValue.data) break; b0 = pubk->u.dh.publicValue.data[0]; return b0 ? pubk->u.dh.publicValue.len : pubk->u.dh.publicValue.len - 1; @@ -1488,6 +1502,7 @@ SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk) default: break; } +loser: PORT_SetError(SEC_ERROR_INVALID_KEY); return 0; } diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 362e1e598..b38255fae 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -5301,14 +5301,22 @@ ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length) if (rv != SECSuccess) { goto loser; /* malformed. */ } + if (dh_p.len < 512/8) + goto alert_loser; rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length); if (rv != SECSuccess) { goto loser; /* malformed. */ } + if (dh_g.len == 0 || dh_g.len > dh_p.len + 1 || + (dh_g.len == 1 && dh_g.data[0] == 0)) + goto alert_loser; rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length); if (rv != SECSuccess) { goto loser; /* malformed. */ } + if (dh_Ys.len == 0 || dh_Ys.len > dh_p.len + 1 || + (dh_Ys.len == 1 && dh_Ys.data[0] == 0)) + goto alert_loser; rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length); if (rv != SECSuccess) { goto loser; /* malformed. */ |