aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2017-04-07 18:15:44 -0400
committerRob Austein <sra@hactrn.net>2017-04-07 18:15:44 -0400
commitd0df322ae659b4a1f80ac57e9b20fa7464f0fb84 (patch)
tree7dd90fc9f1b8ca0d1322ad53efdb93b20ce068f9
parenta031d726ccdd358cec63a7892b3ce1e88b201313 (diff)
Tighten up hal_rpc_pkey_import() a bit more.
Enforce minimum PKCS #1.5 padding length when decrypting KEK. Use public interface to hal_pkey_load() rather than calling the internal function directly, so we go through all the normal error checks.
-rw-r--r--rpc_pkey.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/rpc_pkey.c b/rpc_pkey.c
index 71d1627..cb83b98 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -1234,7 +1234,8 @@ static hal_error_t pkey_local_import(const hal_client_handle_t client,
d = memchr(der + 2, 0x00, data_len - 2);
- if (der[0] == 0x00 && der[1] == 0x02 && d != NULL && der + data_len == d + 1 + KEK_LENGTH)
+ if (der[0] == 0x00 && der[1] == 0x02 && d != NULL && d - der > 10 &&
+ der + data_len == d + 1 + KEK_LENGTH)
memcpy(kek, d + 1, sizeof(kek));
if ((err = hal_asn1_decode_pkcs8_encryptedprivatekeyinfo(&oid, &oid_len, &data, &data_len,
@@ -1252,7 +1253,7 @@ static hal_error_t pkey_local_import(const hal_client_handle_t client,
if ((err = hal_aes_keyunwrap(NULL, kek, sizeof(kek), data, data_len, der, &der_len)) != HAL_OK)
goto fail;
- err = pkey_local_load(client, session, pkey, name, der, der_len, flags);
+ err = hal_rpc_pkey_load(client, session, pkey, name, der, der_len, flags);
fail:
memset(rsabuf, 0, sizeof(rsabuf));