diff options
| author | Ben Noordhuis <info@bnoordhuis.nl> | 2020-04-10 13:42:22 +0300 |
|---|---|---|
| committer | Anna Henningsen <anna@addaleax.net> | 2020-04-28 20:22:06 +0300 |
| commit | 38146e717fed2fabe3aacb6540d839475e0ce1c6 (patch) | |
| tree | 593c221c43d1f8567a61417146390d8e3b220fc5 /src/node_crypto.cc | |
| parent | 0694401da3b647b6089e5dd96e58f25530fd3b10 (diff) | |
crypto: check DiffieHellman p and g params
It's possible to pass in the prime and generator params as buffers
but that mode of input wasn't as rigorously checked as numeric input.
PR-URL: https://github.com/nodejs/node/pull/32739
Fixes: https://github.com/nodejs/node/issues/32738
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Zeyu Yang <himself65@outlook.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'src/node_crypto.cc')
| -rw-r--r-- | src/node_crypto.cc | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 348d407f0eb..34b19407c93 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -5136,6 +5136,14 @@ bool DiffieHellman::Init(int primeLength, int g) { bool DiffieHellman::Init(const char* p, int p_len, int g) { dh_.reset(DH_new()); + if (p_len <= 0) { + BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL); + return false; + } + if (g <= 1) { + DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); + return false; + } BIGNUM* bn_p = BN_bin2bn(reinterpret_cast<const unsigned char*>(p), p_len, nullptr); BIGNUM* bn_g = BN_new(); @@ -5151,10 +5159,23 @@ bool DiffieHellman::Init(const char* p, int p_len, int g) { bool DiffieHellman::Init(const char* p, int p_len, const char* g, int g_len) { dh_.reset(DH_new()); - BIGNUM* bn_p = - BN_bin2bn(reinterpret_cast<const unsigned char*>(p), p_len, nullptr); + if (p_len <= 0) { + BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL); + return false; + } + if (g_len <= 0) { + DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); + return false; + } BIGNUM* bn_g = BN_bin2bn(reinterpret_cast<const unsigned char*>(g), g_len, nullptr); + if (BN_is_zero(bn_g) || BN_is_one(bn_g)) { + BN_free(bn_g); + DHerr(DH_F_DH_BUILTIN_GENPARAMS, DH_R_BAD_GENERATOR); + return false; + } + BIGNUM* bn_p = + BN_bin2bn(reinterpret_cast<const unsigned char*>(p), p_len, nullptr); if (!DH_set0_pqg(dh_.get(), bn_p, nullptr, bn_g)) { BN_free(bn_p); BN_free(bn_g); |