lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-07-29 11:41:15 +03:00
Code Activity

Added more negative test cases for pkcs1_rsassa_pss_sign

Browse Source 
- removed the check on saltlen > 0 and added tests
  positive test cases for this.
- added negative test cases when even saltlen == 0
  is not enough. This allowed to uncover an underflow bu
  in the slen check (when olen-slen-2 is negative)
- fixed the saltlen check to avoid underflow
- added more test cases where saltlen is the maximum
  possible value and one above the maximum possible value
  (different hash, different key size)

Signed-off-by: Cédric Meuter <cedric.meuter@gmail.com>
This commit is contained in:
Cédric Meuter
2021-01-10 12:57:19 +01:00
committed by Cédric Meuter
parent 61adfd6ac0
commit 46bad3375f
2 changed files with 81 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
library/rsa.c
View File

@ -1812,8 +1812,6 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
hashlen == 0 ) ||
hash != NULL );
RSA_VALIDATE_RET( sig != NULL );
RSA_VALIDATE_RET( saltlen == MBEDTLS_RSA_SALT_LEN_ANY ||
saltlen > 0 );
if( mode == MBEDTLS_RSA_PRIVATE && ctx->padding != MBEDTLS_RSA_PKCS_V21 )
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
@ -1856,7 +1854,7 @@ static int rsa_rsassa_pss_sign( mbedtls_rsa_context *ctx,
else
slen = olen - hlen - 2;
}
else if ( (saltlen < 0) || ((size_t) saltlen > olen - hlen - 2) )
else if ( (saltlen < 0) || (saltlen + hlen + 2 > olen) )
{
return( MBEDTLS_ERR_RSA_BAD_INPUT_DATA );
}