git.libre-soc.org Git - buildroot.git/blob

   1 From e6d83cc7babb978ba53ae8686159b41ab0f448cc Mon Sep 17 00:00:00 2001
   2 From: Jouni Malinen <jouni@qca.qualcomm.com>
   3 Date: Mon, 19 May 2014 23:26:19 +0300
   4 Subject: [PATCH] PKCS #1: Allow only BT=01 for signature in internal TLS
   5
   6 Based on PKCS #1, v1.5, 10.1.3, the block type shall be 01 for a
   7 signature. This avoids a potential attack vector for internal TLS/X.509
   8 implementation.
   9
  10 Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
  11 ---
  12  src/tls/pkcs1.c | 29 ++++++++++-------------------
  13  1 file changed, 10 insertions(+), 19 deletions(-)
  14
  15 diff --git a/src/tls/pkcs1.c b/src/tls/pkcs1.c
  16 index b6fde5ee868a..af58a42987c6 100644
  17 --- a/src/tls/pkcs1.c
  18 +++ b/src/tls/pkcs1.c
  19 @@ -142,35 +142,26 @@ int pkcs1_decrypt_public_key(struct crypto_rsa_key *key,
  20          * BT = 00 or 01
  21          * PS = k-3-||D|| times (00 if BT=00) or (FF if BT=01)
  22          * k = length of modulus in octets
  23 +        *
  24 +        * Based on 10.1.3, "The block type shall be 01" for a signature.
  25          */
  26
  27         if (len < 3 + 8 + 16 /* min hash len */ ||
  28 -           plain[0] != 0x00 || (plain[1] != 0x00 && plain[1] != 0x01)) {
  29 +           plain[0] != 0x00 || plain[1] != 0x01) {
  30                 wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature EB "
  31                            "structure");
  32                 return -1;
  33         }
  34
  35         pos = plain + 3;
  36 -       if (plain[1] == 0x00) {
  37 -               /* BT = 00 */
  38 -               if (plain[2] != 0x00) {
  39 -                       wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature "
  40 -                                  "PS (BT=00)");
  41 -                       return -1;
  42 -               }
  43 -               while (pos + 1 < plain + len && *pos == 0x00 && pos[1] == 0x00)
  44 -                       pos++;
  45 -       } else {
  46 -               /* BT = 01 */
  47 -               if (plain[2] != 0xff) {
  48 -                       wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature "
  49 -                                  "PS (BT=01)");
  50 -                       return -1;
  51 -               }
  52 -               while (pos < plain + len && *pos == 0xff)
  53 -                       pos++;
  54 +       /* BT = 01 */
  55 +       if (plain[2] != 0xff) {
  56 +               wpa_printf(MSG_INFO, "LibTomCrypt: Invalid signature "
  57 +                          "PS (BT=01)");
  58 +               return -1;
  59         }
  60 +       while (pos < plain + len && *pos == 0xff)
  61 +               pos++;
  62
  63         if (pos - plain - 2 < 8) {
  64                 /* PKCS #1 v1.5, 8.1: At least eight octets long PS */
  65 --
  66 2.0.0.rc2
  67