Skip to content

Commit

Permalink
Bug 1646520 - Stricter leading-zero checks for ASN.1 INTEGER values. …
Browse files Browse the repository at this point in the history 
…r=jcj

This patch adjusts QuickDER to strictly enforce INTEGER encoding with respect to leading zeros:
- If the MSB of the first (value) octet is set, a single zero byte MAY be present to make the value positive. This singular pad byte is removed.
- Otherwise, the first octet must not be zero.

Differential Revision: https://phabricator.services.mozilla.com/D80221

--HG--
extra : moz-landing-system : lando
  • Loading branch information
Kevin Jacobs committed Jun 22, 2020
1 parent 9c71e25 commit 700d520
Showing 1 changed file with 7 additions and 4 deletions.
11 changes: 7 additions & 4 deletions lib/util/quickder.c
View file
Expand Up @@ -742,15 +742,18 @@ DecodeItem(void* dest,
switch (tagnum) {
/* special cases of primitive types */
case SEC_ASN1_INTEGER: {
/* remove leading zeroes if the caller requested
siUnsignedInteger
This is to allow RSA key operations to work */
SECItem* destItem = (SECItem*)((char*)dest +
templateEntry->offset);
if (destItem && (siUnsignedInteger == destItem->type)) {
while (temp.len > 1 && temp.data[0] == 0) { /* leading 0 */
/* A leading 0 is only allowed when a value
* would otherwise be interpreted as negative. */
if (temp.len > 1 && temp.data[0] == 0) {
temp.data++;
temp.len--;
if (!(temp.data[0] & 0x80)) {
PORT_SetError(SEC_ERROR_BAD_DER);
rv = SECFailure;
}
}
}
break;
Expand Down

0 comments on commit 700d520

Please sign in to comment.