oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

check that e have sane values

Browse Source
This commit is contained in:
Love Hörnquist Åstrand
2013-10-30 22:27:12 -07:00
parent 7d45909537
commit 7d163f234b
1 changed files with 29 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
lib/hcrypto/rsa-ltm.c
View File

@@ -157,13 +157,18 @@ ltm_rsa_public_encrypt(int flen, const unsigned char* from,
size = RSA_size(rsa); size = RSA_size(rsa);
if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) { if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) {
mp_clear_multi(&n, &e, &enc, &dec); mp_clear_multi(&n, &e, &enc, &dec, NULL);
return -2; return -2;
} }
BN2mpz(&n, rsa->n); BN2mpz(&n, rsa->n);
BN2mpz(&e, rsa->e); BN2mpz(&e, rsa->e);
if (mp_cmp_d(&e, 3) == MP_LT) {
mp_clear_multi(&e, &n, &enc, &dec, NULL);
return -2;
}
p = p0 = malloc(size - 1); p = p0 = malloc(size - 1);
if (p0 == NULL) { if (p0 == NULL) {
mp_clear_multi(&e, &n, &enc, &dec, NULL); mp_clear_multi(&e, &n, &enc, &dec, NULL);
@@ -233,13 +238,10 @@ ltm_rsa_public_decrypt(int flen, const unsigned char* from,
BN2mpz(&n, rsa->n); BN2mpz(&n, rsa->n);
BN2mpz(&e, rsa->e); BN2mpz(&e, rsa->e);
#if 0 if (mp_cmp_d(&e, 3) == MP_LT) {
/* Check that the exponent is larger then 3 */
if (mp_int_compare_value(&e, 3) <= 0) {
mp_clear_multi(&e, &n, &s, &us, NULL); mp_clear_multi(&e, &n, &s, &us, NULL);
return -3; return -3;
} }
#endif
mp_read_unsigned_bin(&s, rk_UNCONST(from), flen); mp_read_unsigned_bin(&s, rk_UNCONST(from), flen);
@@ -287,7 +289,7 @@ static int
ltm_rsa_private_encrypt(int flen, const unsigned char* from, ltm_rsa_private_encrypt(int flen, const unsigned char* from,
unsigned char* to, RSA* rsa, int padding) unsigned char* to, RSA* rsa, int padding)
{ {
unsigned char *p, *p0; unsigned char *ptr, *ptr0;
int res; int res;
int size; int size;
mp_int in, out, n, e; mp_int in, out, n, e;
@@ -305,21 +307,26 @@ ltm_rsa_private_encrypt(int flen, const unsigned char* from,
if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen) if (size < RSA_PKCS1_PADDING_SIZE || size - RSA_PKCS1_PADDING_SIZE < flen)
return -2; return -2;
p0 = p = malloc(size); ptr0 = ptr = malloc(size);
*p++ = 0; *ptr++ = 0;
*p++ = 1; *ptr++ = 1;
memset(p, 0xff, size - flen - 3); memset(ptr, 0xff, size - flen - 3);
p += size - flen - 3; ptr += size - flen - 3;
*p++ = 0; *ptr++ = 0;
memcpy(p, from, flen); memcpy(ptr, from, flen);
p += flen; ptr += flen;
assert((p - p0) == size); assert((ptr - ptr0) == size);
BN2mpz(&n, rsa->n); BN2mpz(&n, rsa->n);
BN2mpz(&e, rsa->e); BN2mpz(&e, rsa->e);
mp_read_unsigned_bin(&in, p0, size); if (mp_cmp_d(&e, 3) == MP_LT) {
free(p0); size = -3;
goto out;
}
mp_read_unsigned_bin(&in, ptr0, size);
free(ptr0);
if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) { if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) {
size = -3; size = -3;
@@ -402,6 +409,11 @@ ltm_rsa_private_decrypt(int flen, const unsigned char* from,
BN2mpz(&n, rsa->n); BN2mpz(&n, rsa->n);
BN2mpz(&e, rsa->e); BN2mpz(&e, rsa->e);
if (mp_cmp_d(&e, 3) == MP_LT) {
size = -2;
goto out;
}
mp_read_unsigned_bin(&in, rk_UNCONST(from), flen); mp_read_unsigned_bin(&in, rk_UNCONST(from), flen);
if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) { if(mp_isneg(&in) || mp_cmp(&in, &n) >= 0) {