mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-11 04:15:43 +00:00
Bugzilla Bug 330114: corrected the checks for the PKCS #1 v1.5 padding
string and the length of the data (hash). r=nelsonb,relyea.
This commit is contained in:
parent
70733b42ec
commit
b95ecf558f
@ -37,7 +37,7 @@
|
||||
* the terms of any one of the MPL, the GPL or the LGPL.
|
||||
*
|
||||
* ***** END LICENSE BLOCK ***** */
|
||||
/* $Id: rsawrapr.c,v 1.8 2005/04/04 09:27:42 julien.pierre.bugs%sun.com Exp $ */
|
||||
/* $Id: rsawrapr.c,v 1.9 2006/04/13 22:12:17 wtchang%redhat.com Exp $ */
|
||||
|
||||
#include "blapi.h"
|
||||
#include "softoken.h"
|
||||
@ -489,7 +489,13 @@ RSA_CheckSign(NSSLOWKEYPublicKey *key,
|
||||
modulus_len = nsslowkey_PublicModulusLen(key);
|
||||
if (sign_len != modulus_len)
|
||||
goto failure;
|
||||
if (hash_len > modulus_len - 8)
|
||||
/*
|
||||
* 0x00 || BT || Pad || 0x00 || ActualData
|
||||
*
|
||||
* The "3" below is the first octet + the second octet + the 0x00
|
||||
* octet that always comes just before the ActualData.
|
||||
*/
|
||||
if (hash_len > modulus_len - (3 + RSA_BLOCK_MIN_PAD_LEN))
|
||||
goto failure;
|
||||
PORT_Assert(key->keyType == NSSLOWKEYRSAKey);
|
||||
if (key->keyType != NSSLOWKEYRSAKey)
|
||||
@ -509,11 +515,11 @@ RSA_CheckSign(NSSLOWKEYPublicKey *key,
|
||||
if (buffer[0] != 0 || buffer[1] != 1)
|
||||
goto loser;
|
||||
for (i = 2; i < modulus_len - hash_len - 1; i++) {
|
||||
if (buffer[i] == 0)
|
||||
break;
|
||||
if (buffer[i] != 0xff)
|
||||
goto loser;
|
||||
}
|
||||
if (buffer[i] != 0)
|
||||
goto loser;
|
||||
|
||||
/*
|
||||
* make sure we get the same results
|
||||
|
Loading…
Reference in New Issue
Block a user