Skip to content

Commit f05e47b

Browse files
JacobBarthelmehJacobBarthelmeh
committed
length of characters and extra sanity check on input
1 parent 66f419b commit f05e47b

1 file changed

Lines changed: 24 additions & 11 deletions

File tree

wolfcrypt/src/pkcs7.c

Lines changed: 24 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -2611,7 +2611,8 @@ static int wc_PKCS7_EncodeContentStream(PKCS7* pkcs7, ESD* esd, void* aes,
26112611
case WC_CIPHER_NONE:
26122612
XMEMCPY(encContentOut, contentData, idx);
26132613
if (esd && esd->contentDigestSet != 1) {
2614-
ret = wc_HashUpdate(&esd->hash, esd->hashType, contentData, idx);
2614+
ret = wc_HashUpdate(&esd->hash, esd->hashType, contentData,
2615+
idx);
26152616
}
26162617
break;
26172618

@@ -2645,7 +2646,8 @@ static int wc_PKCS7_EncodeContentStream(PKCS7* pkcs7, ESD* esd, void* aes,
26452646
encContentOut, idx);
26462647

26472648
if (cipherType == WC_CIPHER_NONE && esd && esd->contentDigestSet != 1) {
2648-
ret = wc_HashFinal(&esd->hash, esd->hashType, esd->contentDigest + 2);
2649+
ret = wc_HashFinal(&esd->hash, esd->hashType,
2650+
esd->contentDigest + 2);
26492651
wc_HashFree(&esd->hash, esd->hashType);
26502652
}
26512653

@@ -2661,9 +2663,11 @@ static int wc_PKCS7_EncodeContentStream(PKCS7* pkcs7, ESD* esd, void* aes,
26612663
if (esd && esd->contentDigestSet != 1) {
26622664
ret = wc_HashInit(&esd->hash, esd->hashType);
26632665
if (ret == 0)
2664-
ret = wc_HashUpdate(&esd->hash, esd->hashType, in, inSz);
2666+
ret = wc_HashUpdate(&esd->hash, esd->hashType, in,
2667+
inSz);
26652668
if (ret == 0)
2666-
ret = wc_HashFinal(&esd->hash, esd->hashType, esd->contentDigest + 2);
2669+
ret = wc_HashFinal(&esd->hash, esd->hashType,
2670+
esd->contentDigest + 2);
26672671
wc_HashFree(&esd->hash, esd->hashType);
26682672
}
26692673
break;
@@ -7547,6 +7551,14 @@ int wc_PKCS7_WriteOut(PKCS7* pkcs7, byte* output, const byte* input,
75477551
{
75487552
int ret = 0;
75497553

7554+
if (inputSz == 0)
7555+
return 0;
7556+
7557+
if (input == NULL) {
7558+
WOLFSSL_MSG("Internal error, trying to write out NULL buffer");
7559+
return -1;
7560+
}
7561+
75507562
#ifdef ASN_BER_TO_DER
75517563
if (pkcs7->streamOutCb) {
75527564
ret = pkcs7->streamOutCb(pkcs7, input, inputSz, pkcs7->streamCtx);
@@ -8328,15 +8340,16 @@ static int wc_PKCS7_PwriKek_KeyWrap(PKCS7* pkcs7, const byte* kek, word32 kekSz,
83288340

83298341
if (ret == 0) {
83308342
/* encrypt, normal */
8331-
ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, kekSz, (byte*)iv,
8332-
ivSz, NULL, 0, NULL, 0, out, outLen, out);
8343+
ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, kekSz,
8344+
(byte*)iv, ivSz, NULL, 0, NULL, 0, out,
8345+
outLen, out);
83338346
}
83348347

83358348
if (ret == 0) {
83368349
/* encrypt again, using last ciphertext block as IV */
83378350
lastBlock = out + (((outLen / blockSz) - 1) * blockSz);
8338-
ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, kekSz, lastBlock,
8339-
blockSz, NULL, 0, NULL, 0, out,
8351+
ret = wc_PKCS7_EncryptContent(pkcs7, algID, (byte*)kek, kekSz,
8352+
lastBlock, blockSz, NULL, 0, NULL, 0, out,
83408353
outLen, out);
83418354
}
83428355

@@ -13284,9 +13297,9 @@ int wc_PKCS7_EncodeEncryptedData(PKCS7* pkcs7, byte* output, word32 outputSz)
1328413297
return ret;
1328513298
}
1328613299

13287-
ret = wc_PKCS7_EncryptContent(pkcs7, pkcs7->encryptOID, pkcs7->encryptionKey,
13288-
pkcs7->encryptionKeySz, tmpIv, blockSz, NULL, 0, NULL, 0,
13289-
plain, encryptedOutSz, encryptedContent);
13300+
ret = wc_PKCS7_EncryptContent(pkcs7, pkcs7->encryptOID,
13301+
pkcs7->encryptionKey, pkcs7->encryptionKeySz, tmpIv, blockSz, NULL,
13302+
0, NULL, 0, plain, encryptedOutSz, encryptedContent);
1329013303
if (ret != 0) {
1329113304
XFREE(encryptedContent, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
1329213305
XFREE(plain, pkcs7->heap, DYNAMIC_TYPE_PKCS7);

0 commit comments

Comments
 (0)