[Cryptech-Commits] [sw/libhal] branch pkcs8 updated: Tighten up hal_rpc_pkey_import() a bit more.

[git at cryptech.is]

This is an automated email from the git hooks/post-receive script.

sra at hactrn.net pushed a commit to branch pkcs8
in repository sw/libhal.

The following commit(s) were added to refs/heads/pkcs8 by this push:
     new d0df322  Tighten up hal_rpc_pkey_import() a bit more.
d0df322 is described below

commit d0df322ae659b4a1f80ac57e9b20fa7464f0fb84
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Fri Apr 7 18:15:44 2017 -0400

    Tighten up hal_rpc_pkey_import() a bit more.
    
    Enforce minimum PKCS #1.5 padding length when decrypting KEK.
    
    Use public interface to hal_pkey_load() rather than calling the
    internal function directly, so we go through all the normal error
    checks.
---
 rpc_pkey.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/rpc_pkey.c b/rpc_pkey.c
index 71d1627..cb83b98 100644
--- a/rpc_pkey.c
+++ b/rpc_pkey.c
@@ -1234,7 +1234,8 @@ static hal_error_t pkey_local_import(const hal_client_handle_t client,
 
   d = memchr(der + 2, 0x00, data_len - 2);
 
-  if (der[0] == 0x00 && der[1] == 0x02 && d != NULL && der + data_len == d + 1 + KEK_LENGTH)
+  if (der[0] == 0x00 && der[1] == 0x02 && d != NULL && d - der > 10 &&
+      der + data_len == d + 1 + KEK_LENGTH)
     memcpy(kek, d + 1, sizeof(kek));
 
   if ((err = hal_asn1_decode_pkcs8_encryptedprivatekeyinfo(&oid, &oid_len, &data, &data_len,
@@ -1252,7 +1253,7 @@ static hal_error_t pkey_local_import(const hal_client_handle_t client,
   if ((err = hal_aes_keyunwrap(NULL, kek, sizeof(kek), data, data_len, der, &der_len)) != HAL_OK)
     goto fail;
 
-  err = pkey_local_load(client, session, pkey, name, der, der_len, flags);
+  err = hal_rpc_pkey_load(client, session, pkey, name, der, der_len, flags);
 
  fail:
   memset(rsabuf, 0, sizeof(rsabuf));

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.