sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-11-22 00:01:45 -05:00
Code Issues Projects Releases Wiki Activity

use save chunk advancing, check signature length

Browse Source
This commit is contained in:
Martin Willi 2009-06-15 13:37:52 +02:00
parent ebde1a7ddd
commit e7227f0ba0
1 changed files with 5 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/libstrongswan/plugins/gmp/gmp_rsa_public_key.c
View File

@ -140,11 +140,10 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
/* remove any preceding 0-bytes from signature */
while (signature.len && *(signature.ptr) == 0x00)
{
signature.len -= 1;
signature.ptr++;
signature = chunk_skip(signature, 1);
}
if (signature.len > this->k)
if (signature.len == 0 || signature.len > this->k)
{
return INVALID_ARG;
}
@ -163,8 +162,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
{
goto end;
}
em.ptr += 2;
em.len -= 2;
em = chunk_skip(em, 2);
/* find magic 0x00 */
while (em.len > 0)
@ -172,8 +170,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
if (*em.ptr == 0x00)
{
/* found magic byte, stop */
em.ptr++;
em.len--;
em = chunk_skip(em, 1);
break;
}
else if (*em.ptr != 0xFF)
@ -181,8 +178,7 @@ static bool verify_emsa_pkcs1_signature(private_gmp_rsa_public_key_t *this,
/* bad padding, decryption failed ?!*/
goto end;
}
em.ptr++;
em.len--;
em = chunk_skip(em, 1);
}
if (em.len == 0)