Merge remote-tracking branch 'upstream-restricted/pr/459' into development-restricted-proposed
This commit is contained in:
commit
24b2d6fb6d
4 changed files with 25 additions and 9 deletions
|
@ -65,6 +65,8 @@ Bugfix
|
|||
could cause a key exchange to fail on valid data.
|
||||
* Don't define mbedtls_aes_decrypt and mbedtls_aes_encrypt under
|
||||
MBEDTLS_DEPRECATED_REMOVED. #1388
|
||||
* Fix a 1-byte heap buffer overflow (read-only) during private key parsing.
|
||||
Found through fuzz testing.
|
||||
|
||||
Changes
|
||||
* Fix tag lengths and value ranges in the documentation of CCM encryption.
|
||||
|
|
|
@ -181,6 +181,10 @@ static int pk_get_ecparams( unsigned char **p, const unsigned char *end,
|
|||
{
|
||||
int ret;
|
||||
|
||||
if ( end - *p < 1 )
|
||||
return( MBEDTLS_ERR_PK_KEY_INVALID_FORMAT +
|
||||
MBEDTLS_ERR_ASN1_OUT_OF_DATA );
|
||||
|
||||
/* Tag may be either OID or SEQUENCE */
|
||||
params->tag = **p;
|
||||
if( params->tag != MBEDTLS_ASN1_OID
|
||||
|
|
|
@ -1053,22 +1053,32 @@ depends_on:MBEDTLS_PEM_PARSE_C:MBEDTLS_ECP_C:MBEDTLS_ECP_DP_SECP256K1_ENABLED:MB
|
|||
pk_parse_keyfile_ec:"data_files/ec_prv.specdom.der":"NULL":0
|
||||
|
||||
Key ASN1 (Incorrect first tag)
|
||||
pk_parse_key_rsa:"":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
pk_parse_key:"":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (RSAPrivateKey, incorrect version tag)
|
||||
pk_parse_key_rsa:"300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
pk_parse_key:"300100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (RSAPrivateKey, version tag missing)
|
||||
pk_parse_key_rsa:"3000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
pk_parse_key:"3000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (RSAPrivateKey, invalid version)
|
||||
pk_parse_key_rsa:"3003020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
pk_parse_key:"3003020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (RSAPrivateKey, correct version, incorrect tag)
|
||||
pk_parse_key_rsa:"300402010000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
pk_parse_key:"300402010000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (RSAPrivateKey, values present, length mismatch)
|
||||
pk_parse_key_rsa:"301c02010002010102010102010102010102010102010102010102010100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
pk_parse_key:"301c02010002010102010102010102010102010102010102010102010100":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (RSAPrivateKey, values present, check_privkey fails)
|
||||
pk_parse_key_rsa:"301b020100020102020101020101020101020101020101020101020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
depends_on:MBEDTLS_RSA_C
|
||||
pk_parse_key:"301b020100020102020101020101020101020101020101020101020101":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
||||
Key ASN1 (ECPrivateKey, empty parameters)
|
||||
depends_on:MBEDTLS_ECP_C
|
||||
pk_parse_key:"30070201010400a000":"":MBEDTLS_ERR_PK_KEY_INVALID_FORMAT
|
||||
|
|
|
@ -113,8 +113,8 @@ exit:
|
|||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_RSA_C */
|
||||
void pk_parse_key_rsa( char *key_data, char *result_str, int result )
|
||||
/* BEGIN_CASE */
|
||||
void pk_parse_key( char *key_data, char *result_str, int result )
|
||||
{
|
||||
mbedtls_pk_context pk;
|
||||
unsigned char buf[2000];
|
||||
|
|
Loading…
Reference in a new issue