diff options
Diffstat (limited to 'extra/yassl/taocrypt')
| -rw-r--r-- | extra/yassl/taocrypt/src/asn.cpp | 8 | ||||
| -rw-r--r-- | extra/yassl/taocrypt/src/integer.cpp | 10 |
2 files changed, 13 insertions, 5 deletions
diff --git a/extra/yassl/taocrypt/src/asn.cpp b/extra/yassl/taocrypt/src/asn.cpp index 544e9518da8..d521088d74a 100644 --- a/extra/yassl/taocrypt/src/asn.cpp +++ b/extra/yassl/taocrypt/src/asn.cpp @@ -672,7 +672,7 @@ word32 CertDecoder::GetSignature() } sigLength_ = GetLength(source_); - if (sigLength_ == 0 || source_.IsLeft(sigLength_) == false) { + if (sigLength_ <= 1 || source_.IsLeft(sigLength_) == false) { source_.SetError(CONTENT_E); return 0; } @@ -1001,11 +1001,17 @@ bool CertDecoder::ConfirmSignature(Source& pub) RSA_PublicKey pubKey(pub); RSAES_Encryptor enc(pubKey); + if (pubKey.FixedCiphertextLength() != sigLength_) { + source_.SetError(SIG_LEN_E); + return false; + } + return enc.SSL_Verify(build.get_buffer(), build.size(), signature_); } else { // DSA // extract r and s from sequence byte seqDecoded[DSA_SIG_SZ]; + memset(seqDecoded, 0, sizeof(seqDecoded)); DecodeDSA_Signature(seqDecoded, signature_, sigLength_); DSA_PublicKey pubKey(pub); diff --git a/extra/yassl/taocrypt/src/integer.cpp b/extra/yassl/taocrypt/src/integer.cpp index b5262e543a4..d8510066d04 100644 --- a/extra/yassl/taocrypt/src/integer.cpp +++ b/extra/yassl/taocrypt/src/integer.cpp @@ -2605,18 +2605,20 @@ void Integer::Decode(Source& source) void Integer::Decode(const byte* input, unsigned int inputLen, Signedness s) { unsigned int idx(0); - byte b = input[idx++]; + byte b = 0; + if (inputLen>0) + b = input[idx]; // peek sign_ = ((s==SIGNED) && (b & 0x80)) ? NEGATIVE : POSITIVE; while (inputLen>0 && (sign_==POSITIVE ? b==0 : b==0xff)) { - inputLen--; - b = input[idx++]; + idx++; // skip + if (--inputLen>0) + b = input[idx]; // peek } reg_.CleanNew(RoundupSize(BytesToWords(inputLen))); - --idx; for (unsigned int i=inputLen; i > 0; i--) { b = input[idx++]; |