diff options
| author | Jouni Malinen <jouni@qca.qualcomm.com> | 2014-05-19 23:26:43 +0300 |
|---|---|---|
| committer | Steve Kondik <shade@chemlab.org> | 2014-06-12 14:08:48 -0700 |
| commit | 7b4ceed0292e1faa84549e5630be193573d1561b (patch) | |
| tree | df8bf02fdf600bb8cc09087a7775e7e7f59c5398 | |
| parent | dd104a23adc4adb17716bed1023b9d7734aa5fbc (diff) | |
| download | android_external_wpa_supplicant_8-7b4ceed0292e1faa84549e5630be193573d1561b.tar.gz android_external_wpa_supplicant_8-7b4ceed0292e1faa84549e5630be193573d1561b.tar.bz2 android_external_wpa_supplicant_8-7b4ceed0292e1faa84549e5630be193573d1561b.zip | |
PKCS #1: Enforce minimum padding for decryption in internal TLSnext
Follow the PKCS #1 v1.5, 8.1 constraint of at least eight octets long PS
for the case where the internal TLS implementation decrypts PKCS #1
formatted data. Similar limit was already in place for signature
validation, but not for this decryption routine.
CRs-Fixed: 654804
Change-Id: I54f6d90ca931c55a8fa52f836bca891cae2250f2
Git-commit: 6c5be116dd6997f68e524247751cff53c74519d7
Git-repo : git://w1.fi/srv/git/hostap.git
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
| -rw-r--r-- | src/tls/pkcs1.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/tls/pkcs1.c b/src/tls/pkcs1.c index af58a429..ea3e6171 100644 --- a/src/tls/pkcs1.c +++ b/src/tls/pkcs1.c @@ -113,6 +113,11 @@ int pkcs1_v15_private_key_decrypt(struct crypto_rsa_key *key, pos++; if (pos == end) return -1; + if (pos - out - 2 < 8) { + /* PKCS #1 v1.5, 8.1: At least eight octets long PS */ + wpa_printf(MSG_INFO, "LibTomCrypt: Too short padding"); + return -1; + } pos++; *outlen -= pos - out; |