PKCS#5,7 decryption: fail early on invalid block sizes

1 files changed, 13 insertions, 3 deletions

diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 5834afb938..46eee35269 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -1616,6 +1616,8 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 	int key_size;
 	unsigned int pass_len = 0;
 	const struct pbes2_schema_st *p;
+	unsigned block_size;
+	const cipher_entry_st *ce;
 
 	if (password)
 		pass_len = strlen(password);
@@ -1687,6 +1689,15 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 		goto error;
 	}
 
+	ce = cipher_to_entry(enc_params->cipher);
+	block_size = _gnutls_cipher_get_block_size(ce);
+
+	if (ce->block && (data_size % block_size != 0)) {
+		gnutls_assert();
+		result = GNUTLS_E_ILLEGAL_PARAMETER;
+		goto error;
+	}
+
 	/* do the decryption.
 	 */
 	dkey.data = key;
@@ -1695,8 +1706,7 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 	d_iv.data = (uint8_t *) enc_params->iv;
 	d_iv.size = enc_params->iv_size;
 	result =
-	    _gnutls_cipher_init(&ch, cipher_to_entry(enc_params->cipher),
-				&dkey, &d_iv, 0);
+	    _gnutls_cipher_init(&ch, ce, &dkey, &d_iv, 0);
 
 	gnutls_free(key);
 	key = NULL;
@@ -1716,7 +1726,7 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 
 	decrypted_data->data = data;
 
-	if (gnutls_cipher_get_block_size(enc_params->cipher) != 1)
+	if (block_size != 1)
 		decrypted_data->size = data_size - data[data_size - 1];
 	else
 		decrypted_data->size = data_size;