|
 |
ddf7d0 |
# HG changeset patch
|
|
|
ddf7d0 |
# User Martin Thomson <mt@lowentropy.net>
|
|
|
ddf7d0 |
# Date 1560498951 0
|
|
|
ddf7d0 |
# Fri Jun 14 07:55:51 2019 +0000
|
|
|
ddf7d0 |
# Branch NSS_3_44_BRANCH
|
|
|
ddf7d0 |
# Node ID fb9932d6e083322e7b5dfcd3d6e67477e0bb075a
|
|
|
ddf7d0 |
# Parent 876bca2723a1f969422edc93e7504420d8331d3c
|
|
|
ddf7d0 |
Bug 1515342 - More thorough input checking, r=jcj
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
All part of applying better discipline throughout.
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
Differential Revision: https://phabricator.services.mozilla.com/D33736
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
|
|
|
ddf7d0 |
--- a/lib/cryptohi/seckey.c
|
|
|
ddf7d0 |
+++ b/lib/cryptohi/seckey.c
|
|
|
ddf7d0 |
@@ -639,6 +639,11 @@ seckey_ExtractPublicKey(const CERTSubjec
|
|
|
ddf7d0 |
return pubk;
|
|
|
ddf7d0 |
break;
|
|
|
ddf7d0 |
case SEC_OID_ANSIX962_EC_PUBLIC_KEY:
|
|
|
ddf7d0 |
+ /* A basic sanity check on inputs. */
|
|
|
ddf7d0 |
+ if (spki->algorithm.parameters.len == 0 || newOs.len == 0) {
|
|
|
ddf7d0 |
+ PORT_SetError(SEC_ERROR_INPUT_LEN);
|
|
|
ddf7d0 |
+ break;
|
|
|
ddf7d0 |
+ }
|
|
|
ddf7d0 |
pubk->keyType = ecKey;
|
|
|
ddf7d0 |
pubk->u.ec.size = 0;
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
diff --git a/lib/freebl/dh.c b/lib/freebl/dh.c
|
|
|
ddf7d0 |
--- a/lib/freebl/dh.c
|
|
|
ddf7d0 |
+++ b/lib/freebl/dh.c
|
|
|
ddf7d0 |
@@ -210,7 +210,8 @@ DH_Derive(SECItem *publicValue,
|
|
|
ddf7d0 |
unsigned int len = 0;
|
|
|
ddf7d0 |
unsigned int nb;
|
|
|
ddf7d0 |
unsigned char *secret = NULL;
|
|
|
ddf7d0 |
- if (!publicValue || !prime || !privateValue || !derivedSecret) {
|
|
|
ddf7d0 |
+ if (!publicValue || !publicValue->len || !prime || !prime->len ||
|
|
|
ddf7d0 |
+ !privateValue || !privateValue->len || !derivedSecret) {
|
|
|
ddf7d0 |
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
|
|
ddf7d0 |
return SECFailure;
|
|
|
ddf7d0 |
}
|
|
|
ddf7d0 |
diff --git a/lib/freebl/ec.c b/lib/freebl/ec.c
|
|
|
ddf7d0 |
--- a/lib/freebl/ec.c
|
|
|
ddf7d0 |
+++ b/lib/freebl/ec.c
|
|
|
ddf7d0 |
@@ -202,8 +202,8 @@ ec_NewKey(ECParams *ecParams, ECPrivateK
|
|
|
ddf7d0 |
#endif
|
|
|
ddf7d0 |
MP_DIGITS(&k) = 0;
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
- if (!ecParams || !privKey || !privKeyBytes || (privKeyLen < 0) ||
|
|
|
ddf7d0 |
- !ecParams->name) {
|
|
|
ddf7d0 |
+ if (!ecParams || ecParams->name == ECCurve_noName ||
|
|
|
ddf7d0 |
+ !privKey || !privKeyBytes || privKeyLen <= 0) {
|
|
|
ddf7d0 |
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
|
|
ddf7d0 |
return SECFailure;
|
|
|
ddf7d0 |
}
|
|
|
ddf7d0 |
@@ -391,7 +391,7 @@ EC_NewKey(ECParams *ecParams, ECPrivateK
|
|
|
ddf7d0 |
int len;
|
|
|
ddf7d0 |
unsigned char *privKeyBytes = NULL;
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
- if (!ecParams) {
|
|
|
ddf7d0 |
+ if (!ecParams || ecParams->name == ECCurve_noName || !privKey) {
|
|
|
ddf7d0 |
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
|
|
ddf7d0 |
return SECFailure;
|
|
|
ddf7d0 |
}
|
|
|
ddf7d0 |
@@ -430,7 +430,8 @@ EC_ValidatePublicKey(ECParams *ecParams,
|
|
|
ddf7d0 |
mp_err err = MP_OKAY;
|
|
|
ddf7d0 |
int len;
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
- if (!ecParams || !publicValue || !ecParams->name) {
|
|
|
ddf7d0 |
+ if (!ecParams || ecParams->name == ECCurve_noName ||
|
|
|
ddf7d0 |
+ !publicValue || !publicValue->len) {
|
|
|
ddf7d0 |
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
|
|
ddf7d0 |
return SECFailure;
|
|
|
ddf7d0 |
}
|
|
|
ddf7d0 |
@@ -536,8 +537,9 @@ ECDH_Derive(SECItem *publicValue,
|
|
|
ddf7d0 |
int i;
|
|
|
ddf7d0 |
#endif
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
- if (!publicValue || !ecParams || !privateValue || !derivedSecret ||
|
|
|
ddf7d0 |
- !ecParams->name) {
|
|
|
ddf7d0 |
+ if (!publicValue || !publicValue->len ||
|
|
|
ddf7d0 |
+ !ecParams || ecParams->name == ECCurve_noName ||
|
|
|
ddf7d0 |
+ !privateValue || !privateValue->len || !derivedSecret) {
|
|
|
ddf7d0 |
PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
|
|
ddf7d0 |
return SECFailure;
|
|
|
ddf7d0 |
}
|
|
|
ddf7d0 |
diff --git a/lib/util/quickder.c b/lib/util/quickder.c
|
|
|
ddf7d0 |
--- a/lib/util/quickder.c
|
|
|
ddf7d0 |
+++ b/lib/util/quickder.c
|
|
|
ddf7d0 |
@@ -757,6 +757,13 @@ DecodeItem(void* dest,
|
|
|
ddf7d0 |
}
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
case SEC_ASN1_BIT_STRING: {
|
|
|
ddf7d0 |
+ /* Can't be 8 or more spare bits, or any spare bits
|
|
|
ddf7d0 |
+ * if there are no octets. */
|
|
|
ddf7d0 |
+ if (temp.data[0] >= 8 || (temp.data[0] > 0 && temp.len == 1)) {
|
|
|
ddf7d0 |
+ PORT_SetError(SEC_ERROR_BAD_DER);
|
|
|
ddf7d0 |
+ rv = SECFailure;
|
|
|
ddf7d0 |
+ break;
|
|
|
ddf7d0 |
+ }
|
|
|
ddf7d0 |
/* change the length in the SECItem to be the number
|
|
|
ddf7d0 |
of bits */
|
|
|
ddf7d0 |
temp.len = (temp.len - 1) * 8 - (temp.data[0] & 0x7);
|
|
|
ddf7d0 |
# HG changeset patch
|
|
|
ddf7d0 |
# User Kevin Jacobs <kjacobs@mozilla.com>
|
|
|
ddf7d0 |
# Date 1561145635 0
|
|
|
ddf7d0 |
# Fri Jun 21 19:33:55 2019 +0000
|
|
|
ddf7d0 |
# Branch NSS_3_44_BRANCH
|
|
|
ddf7d0 |
# Node ID 416a8f7cf8986103b4d74694aac1198edbb08b3e
|
|
|
ddf7d0 |
# Parent fb9932d6e083322e7b5dfcd3d6e67477e0bb075a
|
|
|
ddf7d0 |
Bug 1515342 - Ignore spki decode failures on negative (expect_fail) tests. r=jcj
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
Differential Revision: https://phabricator.services.mozilla.com/D35565
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
diff --git a/gtests/pk11_gtest/pk11_curve25519_unittest.cc b/gtests/pk11_gtest/pk11_curve25519_unittest.cc
|
|
|
ddf7d0 |
--- a/gtests/pk11_gtest/pk11_curve25519_unittest.cc
|
|
|
ddf7d0 |
+++ b/gtests/pk11_gtest/pk11_curve25519_unittest.cc
|
|
|
ddf7d0 |
@@ -40,6 +40,9 @@ class Pkcs11Curve25519Test
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
ScopedCERTSubjectPublicKeyInfo certSpki(
|
|
|
ddf7d0 |
SECKEY_DecodeDERSubjectPublicKeyInfo(&spkiItem));
|
|
|
ddf7d0 |
+ if (!expect_success && !certSpki) {
|
|
|
ddf7d0 |
+ return;
|
|
|
ddf7d0 |
+ }
|
|
|
ddf7d0 |
ASSERT_TRUE(certSpki);
|
|
|
ddf7d0 |
|
|
|
ddf7d0 |
ScopedSECKEYPublicKey pubKey(SECKEY_ExtractPublicKey(certSpki.get()));
|