Bug 554354: SSL client doesn't validate ECDH params from server, r=rrelyea

author: nelson%bolyard.com <devnull@localhost> 2010-04-03 19:06:23 +0000
committer: nelson%bolyard.com <devnull@localhost> 2010-04-03 19:06:23 +0000
commit: 091d33db0d6856f77dd33d2cb6272a8efb4da670 (patch)
tree: 03fb1adbfda155645452e725d635301240349375 /security/nss
parent: 2c2d10fc237dcb0f151e8e4fef63eb8c8b68566b (diff)
download: nss-hg-091d33db0d6856f77dd33d2cb6272a8efb4da670.tar.gz
2 files changed, 25 insertions, 2 deletions
diff --git a/security/nss/lib/cryptohi/seckey.c b/security/nss/lib/cryptohi/seckey.c
index 7a58b212d..cc9962cc2 100644
--- a/security/nss/lib/cryptohi/seckey.c
+++ b/security/nss/lib/cryptohi/seckey.c
@@ -227,7 +227,17 @@ SECKEYPrivateKey *
 SECKEY_CreateDHPrivateKey(SECKEYDHParams *param, SECKEYPublicKey **pubk, void *cx)
 {
     SECKEYPrivateKey *privk;
-    PK11SlotInfo *slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx);
+    PK11SlotInfo *slot;
+
+    if (!param || !param->base.data || !param->prime.data ||
+        param->prime.len < 512/8 || param->base.len == 0 || 
+        param->base.len > param->prime.len + 1 || 
+	(param->base.len == 1 && param->base.data[0] == 0)) {
+	PORT_SetError(SEC_ERROR_INVALID_ARGS);
+	return NULL;
+    }
+
+    slot = PK11_GetBestSlot(CKM_DH_PKCS_KEY_PAIR_GEN,cx);
     if (!slot) {
 	return NULL;
     }
@@ -1466,16 +1476,20 @@ SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk)
 
     /* interpret modulus length as key strength... in
      * fortezza that's the public key length */
-
+    if (!pubk)
+    	goto loser;
     switch (pubk->keyType) {
     case rsaKey:
+	if (!pubk->u.rsa.modulus.data) break;
     	b0 = pubk->u.rsa.modulus.data[0];
     	return b0 ? pubk->u.rsa.modulus.len : pubk->u.rsa.modulus.len - 1;
     case dsaKey:
+	if (!pubk->u.dsa.publicValue.data) break;
     	b0 = pubk->u.dsa.publicValue.data[0];
     	return b0 ? pubk->u.dsa.publicValue.len :
 	    pubk->u.dsa.publicValue.len - 1;
     case dhKey:
+	if (!pubk->u.dh.publicValue.data) break;
     	b0 = pubk->u.dh.publicValue.data[0];
     	return b0 ? pubk->u.dh.publicValue.len :
 	    pubk->u.dh.publicValue.len - 1;
@@ -1488,6 +1502,7 @@ SECKEY_PublicKeyStrength(const SECKEYPublicKey *pubk)
     default:
 	break;
     }
+loser:
     PORT_SetError(SEC_ERROR_INVALID_KEY);
     return 0;
 }
diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c
index 362e1e598..b38255fae 100644
--- a/security/nss/lib/ssl/ssl3con.c
+++ b/security/nss/lib/ssl/ssl3con.c
@@ -5301,14 +5301,22 @@ ssl3_HandleServerKeyExchange(sslSocket *ss, SSL3Opaque *b, PRUint32 length)
     	if (rv != SECSuccess) {
 	    goto loser;		/* malformed. */
 	}
+	if (dh_p.len < 512/8)
+	    goto alert_loser;
     	rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length);
     	if (rv != SECSuccess) {
 	    goto loser;		/* malformed. */
 	}
+	if (dh_g.len == 0 || dh_g.len > dh_p.len + 1 ||
+	   (dh_g.len == 1 && dh_g.data[0] == 0))
+	    goto alert_loser;
     	rv = ssl3_ConsumeHandshakeVariable(ss, &dh_Ys, 2, &b, &length);
     	if (rv != SECSuccess) {
 	    goto loser;		/* malformed. */
 	}
+	if (dh_Ys.len == 0 || dh_Ys.len > dh_p.len + 1 ||
+	   (dh_Ys.len == 1 && dh_Ys.data[0] == 0))
+	    goto alert_loser;
     	rv = ssl3_ConsumeHandshakeVariable(ss, &signature, 2, &b, &length);
     	if (rv != SECSuccess) {
 	    goto loser;		/* malformed. */
author	nelson%bolyard.com <devnull@localhost>	2010-04-03 19:06:23 +0000
committer	nelson%bolyard.com <devnull@localhost>	2010-04-03 19:06:23 +0000
commit	091d33db0d6856f77dd33d2cb6272a8efb4da670 (patch)
tree	03fb1adbfda155645452e725d635301240349375 /security/nss
parent	2c2d10fc237dcb0f151e8e4fef63eb8c8b68566b (diff)
download	nss-hg-091d33db0d6856f77dd33d2cb6272a8efb4da670.tar.gz