diff options
Diffstat (limited to 'src/ltc/pk/asn1')
8 files changed, 29 insertions, 21 deletions
diff --git a/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c b/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c index 2e21b4aa..586fb316 100644 --- a/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c +++ b/src/ltc/pk/asn1/der/custom_type/der_encode_custom_type.c @@ -36,7 +36,7 @@ int der_encode_custom_type(const ltc_asn1_list *root, /* get size of output that will be required */ y = 0; z = 0; - if ((err = der_length_custom_type(root, &y, &z)) != CRYPT_OK) return CRYPT_INVALID_ARG; + if (der_length_custom_type(root, &y, &z) != CRYPT_OK) return CRYPT_INVALID_ARG; /* too big ? */ if (*outlen < y) { @@ -46,7 +46,7 @@ int der_encode_custom_type(const ltc_asn1_list *root, } /* get length of the identifier, so we know the offset where to start writing */ - if ((err = der_length_asn1_identifier(root, &id_len)) != CRYPT_OK) return CRYPT_INVALID_ARG; + if (der_length_asn1_identifier(root, &id_len) != CRYPT_OK) return CRYPT_INVALID_ARG; x = id_len; diff --git a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c index 8807e910..776c2ed7 100644 --- a/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c +++ b/src/ltc/pk/asn1/der/sequence/der_decode_sequence_multi.c @@ -34,15 +34,16 @@ static int s_der_decode_sequence_va(const unsigned char *in, unsigned long inlen x = 0; for (;;) { type = (ltc_asn1_type)va_arg(a1, int); - size = va_arg(a1, unsigned long); - data = va_arg(a1, void*); - LTC_UNUSED_PARAM(size); - LTC_UNUSED_PARAM(data); if (type == LTC_ASN1_EOL) { break; } + size = va_arg(a1, unsigned long); + data = va_arg(a1, void*); + LTC_UNUSED_PARAM(size); + LTC_UNUSED_PARAM(data); + switch (type) { case LTC_ASN1_BOOLEAN: case LTC_ASN1_INTEGER: diff --git a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c index d5c81bbd..2ea33a6d 100644 --- a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c +++ b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_ex.c @@ -33,7 +33,7 @@ int der_encode_sequence_ex(const ltc_asn1_list *list, unsigned long inlen, /* get size of output that will be required */ y = 0; z = 0; - if ((err = der_length_sequence_ex(list, inlen, &y, &z)) != CRYPT_OK) return CRYPT_INVALID_ARG; + if (der_length_sequence_ex(list, inlen, &y, &z) != CRYPT_OK) return CRYPT_INVALID_ARG; /* too big ? */ if (*outlen < y) { diff --git a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c index c0dc09b4..615488d7 100644 --- a/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c +++ b/src/ltc/pk/asn1/der/sequence/der_encode_sequence_multi.c @@ -35,15 +35,16 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) x = 0; for (;;) { type = (ltc_asn1_type)va_arg(args, int); - size = va_arg(args, unsigned long); - data = va_arg(args, void*); - LTC_UNUSED_PARAM(size); - LTC_UNUSED_PARAM(data); if (type == LTC_ASN1_EOL) { break; } + size = va_arg(args, unsigned long); + data = va_arg(args, void*); + LTC_UNUSED_PARAM(size); + LTC_UNUSED_PARAM(data); + switch (type) { case LTC_ASN1_BOOLEAN: case LTC_ASN1_INTEGER: @@ -89,13 +90,14 @@ int der_encode_sequence_multi(unsigned char *out, unsigned long *outlen, ...) x = 0; for (;;) { type = (ltc_asn1_type)va_arg(args, int); - size = va_arg(args, unsigned long); - data = va_arg(args, void*); if (type == LTC_ASN1_EOL) { break; } + size = va_arg(args, unsigned long); + data = va_arg(args, void*); + switch (type) { case LTC_ASN1_BOOLEAN: case LTC_ASN1_INTEGER: diff --git a/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c b/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c index e596e072..e00702d1 100644 --- a/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c +++ b/src/ltc/pk/asn1/der/short_integer/der_decode_short_integer.c @@ -42,6 +42,10 @@ int der_decode_short_integer(const unsigned char *in, unsigned long inlen, unsig return CRYPT_INVALID_PACKET; } + if (len > sizeof(unsigned long)) { + return CRYPT_OVERFLOW; + } + /* read number */ y = 0; while (len--) { diff --git a/src/ltc/pk/asn1/oid/pk_get_oid.c b/src/ltc/pk/asn1/oid/pk_get_oid.c index 618cc801..b3e1ee26 100644 --- a/src/ltc/pk/asn1/oid/pk_get_oid.c +++ b/src/ltc/pk/asn1/oid/pk_get_oid.c @@ -10,12 +10,12 @@ typedef struct { } oid_table_entry; static const oid_table_entry pka_oids[] = { - { PKA_RSA, "1.2.840.113549.1.1.1" }, - { PKA_DSA, "1.2.840.10040.4.1" }, - { PKA_EC, "1.2.840.10045.2.1" }, - { PKA_EC_PRIMEF, "1.2.840.10045.1.1" }, - { PKA_X25519, "1.3.101.110" }, - { PKA_ED25519, "1.3.101.112" }, + { LTC_OID_RSA, "1.2.840.113549.1.1.1" }, + { LTC_OID_DSA, "1.2.840.10040.4.1" }, + { LTC_OID_EC, "1.2.840.10045.2.1" }, + { LTC_OID_EC_PRIMEF, "1.2.840.10045.1.1" }, + { LTC_OID_X25519, "1.3.101.110" }, + { LTC_OID_ED25519, "1.3.101.112" }, }; /* diff --git a/src/ltc/pk/asn1/oid/pk_oid_str.c b/src/ltc/pk/asn1/oid/pk_oid_str.c index aa889631..bc21a6f5 100644 --- a/src/ltc/pk/asn1/oid/pk_oid_str.c +++ b/src/ltc/pk/asn1/oid/pk_oid_str.c @@ -49,7 +49,7 @@ int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, char tmp[256] = { 0 }; LTC_ARGCHK(oid != NULL); - LTC_ARGCHK(OID != NULL); + LTC_ARGCHK(oidlen < INT_MAX); LTC_ARGCHK(outlen != NULL); for (i = oidlen - 1, k = 0; i >= 0; i--) { @@ -74,6 +74,7 @@ int pk_oid_num_to_str(const unsigned long *oid, unsigned long oidlen, char *OID, *outlen = k + 1; return CRYPT_BUFFER_OVERFLOW; } + LTC_ARGCHK(OID != NULL); for (j = 0; j < k; j++) OID[j] = tmp[k - j - 1]; OID[k] = '\0'; *outlen = k; /* the length without terminating NUL byte */ diff --git a/src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c b/src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c index 23822262..feff868f 100644 --- a/src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c +++ b/src/ltc/pk/asn1/x509/x509_decode_public_key_from_certificate.c @@ -81,7 +81,7 @@ int x509_decode_public_key_from_certificate(const unsigned char *in, unsigned lo if ((l->type == LTC_ASN1_SEQUENCE) && (l->data != NULL) && LOOKS_LIKE_SPKI(l->child)) { - if (algorithm == PKA_EC) { + if (algorithm == LTC_OID_EC) { err = callback(l->data, l->size, ctx); } else { err = x509_decode_subject_public_key_info(l->data, l->size, |