Author: Pekka Riikonen <priikone@silcnet.org>
- Copyright (C) 2003 - 2007 Pekka Riikonen
+ Copyright (C) 2003 - 2014 Pekka Riikonen
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
SilcUInt32 dest_data_size,
SilcUInt32 *dest_len)
{
- int i = 0;
+ SilcUInt32 i = 0;
SILC_LOG_DEBUG(("PKCS#1 decoding, bt %d", bt));
}
/* Sanity checks */
+ if (i >= data_len) {
+ SILC_LOG_DEBUG(("Malformed block"));
+ return FALSE;
+ }
+ if (i < SILC_PKCS1_MIN_PADDING) {
+ SILC_LOG_DEBUG(("Malformed block"));
+ return FALSE;
+ }
if (data[i++] != 0x00) {
SILC_LOG_DEBUG(("Malformed block"));
return FALSE;
}
- if (i - 1 < SILC_PKCS1_MIN_PADDING) {
+ if (i >= data_len) {
SILC_LOG_DEBUG(("Malformed block"));
return FALSE;
}
RsaPublicKey *key = public_key;
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
- unsigned char padded[2048 + 1];
+ unsigned char padded[65536 + 1];
SilcUInt32 len = (key->bits + 7) / 8;
if (sizeof(padded) < len)
RsaPrivateKey *key = private_key;
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
- unsigned char *padded, unpadded[2048 + 1];
+ unsigned char *padded, unpadded[65536 + 1];
SilcUInt32 padded_len;
if (dst_size < (key->bits + 7) / 8)
/* MP to data */
padded = silc_mp_mp2bin(&mp_dst, (key->bits + 7) / 8, &padded_len);
+ if (!padded) {
+ silc_mp_uninit(&mp_tmp);
+ silc_mp_uninit(&mp_dst);
+ return FALSE;
+ }
/* Unpad data */
if (!silc_pkcs1_decode(SILC_PKCS1_BT_PUB, padded, padded_len,
SilcHash hash)
{
RsaPrivateKey *key = private_key;
- unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN];
+ unsigned char padded[65536 + 1], hashr[SILC_HASH_MAXLEN];
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
SilcBufferStruct di;
SilcBool ret = FALSE;
SilcMPInt mp_tmp2;
SilcMPInt mp_dst;
- unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN];
+ unsigned char *verify = NULL, unpadded[65536 + 1], hashr[SILC_HASH_MAXLEN];
SilcUInt32 verify_len, len = (key->bits + 7) / 8;
SilcBufferStruct di, ldi;
SilcHash ihash = NULL;
/* MP to data */
verify = silc_mp_mp2bin(&mp_dst, len, &verify_len);
+ if (!verify)
+ goto err;
/* Unpad data */
if (!silc_pkcs1_decode(SILC_PKCS1_BT_PRV1, verify, verify_len,
return ret;
err:
- memset(verify, 0, verify_len);
- silc_free(verify);
+ if (verify) {
+ memset(verify, 0, verify_len);
+ silc_free(verify);
+ }
silc_mp_uninit(&mp_tmp2);
silc_mp_uninit(&mp_dst);
if (ihash)
RsaPrivateKey *key = private_key;
SilcMPInt mp_tmp;
SilcMPInt mp_dst;
- unsigned char padded[2048 + 1], hashr[SILC_HASH_MAXLEN];
+ unsigned char padded[65536 + 1], hashr[SILC_HASH_MAXLEN];
SilcUInt32 len = (key->bits + 7) / 8;
SILC_LOG_DEBUG(("Sign"));
SilcBool ret = FALSE;
SilcMPInt mp_tmp2;
SilcMPInt mp_dst;
- unsigned char *verify, unpadded[2048 + 1], hashr[SILC_HASH_MAXLEN];
+ unsigned char *verify, unpadded[65536 + 1], hashr[SILC_HASH_MAXLEN];
SilcUInt32 verify_len, len = (key->bits + 7) / 8;
SILC_LOG_DEBUG(("Verify signature"));
/* MP to data */
verify = silc_mp_mp2bin(&mp_dst, len, &verify_len);
+ if (!verify) {
+ silc_mp_uninit(&mp_tmp2);
+ silc_mp_uninit(&mp_dst);
+ return FALSE;
+ }
/* Unpad data */
if (!silc_pkcs1_decode(SILC_PKCS1_BT_PRV1, verify, verify_len,