Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

PKCS #1: Enforce minimum padding for decryption in internal TLS

Follow the PKCS #1 v1.5, 8.1 constraint of at least eight octets long PS
for the case where the internal TLS implementation decrypts PKCS #1
formatted data. Similar limit was already in place for signature
validation, but not for this decryption routine.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Jouni Malinen 11 years ago
parent
e6d83cc7ba
commit
6c5be116dd
1 changed files with 5 additions and 0 deletions
Split View Show Diff Stats
  1. 5 0
      src/tls/pkcs1.c

+ 5 - 0
src/tls/pkcs1.c
View File 

@@ -113,6 +113,11 @@ int pkcs1_v15_private_key_decrypt(struct crypto_rsa_key *key,
 
 		pos++;
 
 	if (pos == end)
 
 		return -1;
 
+	if (pos - out - 2 < 8) {
 
+		/* PKCS #1 v1.5, 8.1: At least eight octets long PS */
 
+		wpa_printf(MSG_INFO, "LibTomCrypt: Too short padding");
 
+		return -1;
 
+	}
 
 	pos++;
 
 
 	*outlen -= pos - out;