aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorJouni Malinen <jouni@qca.qualcomm.com>2014-05-19 20:26:43 (GMT)
committerJouni Malinen <j@w1.fi>2014-05-19 20:27:30 (GMT)
commit6c5be116dd6997f68e524247751cff53c74519d7 (patch)
treee5df630557b134323090eabcda9af89b91f5087e /src/tls
parente6d83cc7babb978ba53ae8686159b41ab0f448cc (diff)
downloadhostap-6c5be116dd6997f68e524247751cff53c74519d7.zip
hostap-6c5be116dd6997f68e524247751cff53c74519d7.tar.gz
hostap-6c5be116dd6997f68e524247751cff53c74519d7.tar.bz2
PKCS #1: Enforce minimum padding for decryption in internal TLS
Follow the PKCS #1 v1.5, 8.1 constraint of at least eight octets long PS for the case where the internal TLS implementation decrypts PKCS #1 formatted data. Similar limit was already in place for signature validation, but not for this decryption routine. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/pkcs1.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/tls/pkcs1.c b/src/tls/pkcs1.c
index af58a42..ea3e617 100644
--- a/src/tls/pkcs1.c
+++ b/src/tls/pkcs1.c
@@ -113,6 +113,11 @@ int pkcs1_v15_private_key_decrypt(struct crypto_rsa_key *key,
pos++;
if (pos == end)
return -1;
+ if (pos - out - 2 < 8) {
+ /* PKCS #1 v1.5, 8.1: At least eight octets long PS */
+ wpa_printf(MSG_INFO, "LibTomCrypt: Too short padding");
+ return -1;
+ }
pos++;
*outlen -= pos - out;