From 1c99a138f42205d8da98d96bed5a55c8a6205d97 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 2 Jan 2017 11:51:10 +0100
Subject: pkcs7 decrypt: require a valid IV size on all ciphers

That is, do not accept the IV size present in the structure as valid
without checking.

Relates #156
---
 lib/x509/pkcs7-crypt.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
index 968775657e..e62500c84d 100644
--- a/lib/x509/pkcs7-crypt.c
+++ b/lib/x509/pkcs7-crypt.c
@@ -1091,10 +1091,19 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 	ce = cipher_to_entry(enc_params->cipher);
 	block_size = _gnutls_cipher_get_block_size(ce);
 
-	if (ce->type == CIPHER_BLOCK && (enc.size % block_size != 0)) {
-		gnutls_assert();
-		ret = GNUTLS_E_DECRYPTION_FAILED;
-		goto error;
+	if (ce->type == CIPHER_BLOCK) {
+		if (enc.size % block_size != 0 || (unsigned)enc_params->iv_size != block_size) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
+	} else {
+		unsigned iv_size = _gnutls_cipher_get_iv_size(ce);
+		if (iv_size > (unsigned)enc_params->iv_size) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
 	}
 
 	/* do the decryption.
-- 
cgit v1.2.1