mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve checks for invalid saltlen in DER writer.

Browse Source 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18615)
This commit is contained in:
Daniel Fiala 2022-06-22 20:49:51 +02:00 committed by Tomas Mraz
parent 59196250cb
commit 08f876d0de
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
providers/common/der/der_rsa_key.c
View File

@ -305,7 +305,7 @@ int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag,
saltlen = ossl_rsa_pss_params_30_saltlen(pss); saltlen = ossl_rsa_pss_params_30_saltlen(pss);
trailerfield = ossl_rsa_pss_params_30_trailerfield(pss); trailerfield = ossl_rsa_pss_params_30_trailerfield(pss);
if (saltlen < 0) { if (saltlen < 0 || (unsigned int)saltlen > UINT32_MAX) {
ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_SALT_LENGTH); ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_SALT_LENGTH);
return 0; return 0;
} }
@ -347,8 +347,8 @@ int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag,
return ossl_DER_w_begin_sequence(pkt, tag) return ossl_DER_w_begin_sequence(pkt, tag)
&& (trailerfield == default_trailerfield && (trailerfield == default_trailerfield
|| ossl_DER_w_uint32(pkt, 3, trailerfield)) || ossl_DER_w_uint32(pkt, 3, (uint32_t)trailerfield))
&& (saltlen == default_saltlen || ossl_DER_w_uint32(pkt, 2, saltlen)) && (saltlen == default_saltlen || ossl_DER_w_uint32(pkt, 2, (uint32_t)saltlen))
&& DER_w_MaskGenAlgorithm(pkt, 1, pss) && DER_w_MaskGenAlgorithm(pkt, 1, pss)
&& (hashalg_nid == default_hashalg_nid && (hashalg_nid == default_hashalg_nid
|| ossl_DER_w_precompiled(pkt, 0, hashalg, hashalg_sz)) || ossl_DER_w_precompiled(pkt, 0, hashalg, hashalg_sz))