diff options
author | Niels Möller <nisse@lysator.liu.se> | 2021-05-06 21:30:23 +0200 |
---|---|---|
committer | Niels Möller <nisse@lysator.liu.se> | 2021-06-08 21:29:50 +0200 |
commit | fd6d9ba7ca92912762c072fcf74490bc5d63d633 (patch) | |
tree | 567f13b9c947355077c8bf02845f651138b6fc98 /pkcs1-sec-decrypt.c | |
parent | a46a17e9f57c64984d5246aa3475e45f8c562ec7 (diff) | |
download | nettle-fd6d9ba7ca92912762c072fcf74490bc5d63d633.tar.gz |
Add check that message length to _pkcs1_sec_decrypt is valid.
* pkcs1-sec-decrypt.c (_pkcs1_sec_decrypt): Check that message
length is valid, for given key size.
* testsuite/rsa-sec-decrypt-test.c (test_main): Add test cases for
calls to rsa_sec_decrypt specifying a too large message length.
(cherry picked from commit 7616541e6eff73353bf682c62e3a68e4fe696707)
Diffstat (limited to 'pkcs1-sec-decrypt.c')
-rw-r--r-- | pkcs1-sec-decrypt.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/pkcs1-sec-decrypt.c b/pkcs1-sec-decrypt.c index 4f13080e..16833691 100644 --- a/pkcs1-sec-decrypt.c +++ b/pkcs1-sec-decrypt.c @@ -63,7 +63,9 @@ _pkcs1_sec_decrypt (size_t length, uint8_t *message, volatile int ok; size_t i, t; - assert (padded_message_length >= length); + /* Message independent branch */ + if (length + 11 > padded_message_length) + return 0; t = padded_message_length - length - 1; |