Skip to content
Permalink
Browse files Browse the repository at this point in the history
Added header validation for INTEGER/ENUMERATED
Added additional validations for DSA/ECDSA signature parsing.
  • Loading branch information
dghgit committed Oct 15, 2016
1 parent b0c3ce9 commit 843c2e6
Show file tree
Hide file tree
Showing 7 changed files with 268 additions and 97 deletions.
11 changes: 11 additions & 0 deletions core/src/main/java/org/bouncycastle/asn1/ASN1Enumerated.java
Expand Up @@ -99,6 +99,17 @@ public ASN1Enumerated(
public ASN1Enumerated(
byte[] bytes)
{
if (bytes.length > 1)
{
if (bytes[0] == 0 && (bytes[1] & 0x80) == 0)
{
throw new IllegalArgumentException("malformed enumerated");
}
if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)
{
throw new IllegalArgumentException("malformed enumerated");
}
}
this.bytes = Arrays.clone(bytes);
}

Expand Down
11 changes: 11 additions & 0 deletions core/src/main/java/org/bouncycastle/asn1/ASN1Integer.java
Expand Up @@ -89,6 +89,17 @@ public ASN1Integer(

ASN1Integer(byte[] bytes, boolean clone)
{
if (bytes.length > 1)
{
if (bytes[0] == 0 && (bytes[1] & 0x80) == 0)
{
throw new IllegalArgumentException("malformed integer");
}
if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)
{
throw new IllegalArgumentException("malformed integer");
}
}
this.bytes = (clone) ? Arrays.clone(bytes) : bytes;
}

Expand Down
43 changes: 43 additions & 0 deletions core/src/test/java/org/bouncycastle/asn1/test/MiscTest.java
Expand Up @@ -5,7 +5,9 @@
import java.io.IOException;

import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.BERSequence;
Expand Down Expand Up @@ -67,6 +69,46 @@ public void shouldFailOnExtraData()
}
}

public void derIntegerTest()
throws Exception
{
try
{
new ASN1Integer(new byte[] { 0, 0, 0, 1});
}
catch (IllegalArgumentException e)
{
isTrue("wrong exc", "malformed integer".equals(e.getMessage()));
}

try
{
new ASN1Integer(new byte[] {(byte)0xff, (byte)0x80, 0, 1});
}
catch (IllegalArgumentException e)
{
isTrue("wrong exc", "malformed integer".equals(e.getMessage()));
}

try
{
new ASN1Enumerated(new byte[] { 0, 0, 0, 1});
}
catch (IllegalArgumentException e)
{
isTrue("wrong exc", "malformed enumerated".equals(e.getMessage()));
}

try
{
new ASN1Enumerated(new byte[] {(byte)0xff, (byte)0x80, 0, 1});
}
catch (IllegalArgumentException e)
{
isTrue("wrong exc", "malformed enumerated".equals(e.getMessage()));
}
}

public void performTest()
throws Exception
{
Expand Down Expand Up @@ -115,6 +157,7 @@ public void performTest()
}

shouldFailOnExtraData();
derIntegerTest();
}

public String getName()
Expand Down
Expand Up @@ -29,6 +29,7 @@
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.util.Arrays;

public class DSASigner
extends SignatureSpi
Expand Down Expand Up @@ -180,6 +181,10 @@ private BigInteger[] derDecode(
{
throw new IOException("malformed signature");
}
if (!Arrays.areEqual(encoding, s.getEncoded(ASN1Encoding.DER)))
{
throw new IOException("malformed signature");
}

return new BigInteger[]{
((ASN1Integer)s.getObjectAt(0)).getValue(),
Expand Down
Expand Up @@ -23,14 +23,14 @@
import org.bouncycastle.crypto.digests.SHA384Digest;
import org.bouncycastle.crypto.digests.SHA3Digest;
import org.bouncycastle.crypto.digests.SHA512Digest;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.params.ParametersWithRandom;
import org.bouncycastle.crypto.signers.ECDSASigner;
import org.bouncycastle.crypto.signers.ECNRSigner;
import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
import org.bouncycastle.jcajce.provider.asymmetric.util.DSAEncoder;
import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
import org.bouncycastle.util.Arrays;

public class SignatureSpi
extends DSABase
Expand Down Expand Up @@ -367,6 +367,15 @@ public BigInteger[] decode(
throws IOException
{
ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(encoding);
if (s.size() != 2)
{
throw new IOException("malformed signature");
}
if (!Arrays.areEqual(encoding, s.getEncoded(ASN1Encoding.DER)))
{
throw new IOException("malformed signature");
}

BigInteger[] sig = new BigInteger[2];

sig[0] = ASN1Integer.getInstance(s.getObjectAt(0)).getValue();
Expand Down
Expand Up @@ -143,7 +143,8 @@
+ "9ef41dd424a4e1c8f16967cf3365813fe8786236",
"303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef4"
+ "1dd424a4e1c8f16967cf3365813fe87862360000",
"3040021c57b10411b54ab248af03d8f2456676ebc6d3db5f1081492ac87e9ca8021d00942b117051d7d9d107fc42cac9c5a36a1fd7f0f8916ccca86cec4ed3040100"
"3040021c57b10411b54ab248af03d8f2456676ebc6d3db5f1081492ac87e9ca8021d00942b117051d7d9d107fc42cac9c5a36a1fd7f0f8916ccca86cec4ed3040100",
"303e021c57b10411b54ab248af03d8f2456676ebc6d3db5f1081492ac87e9ca802811d00942b117051d7d9d107fc42cac9c5a36a1fd7f0f8916ccca86cec4ed3"
};

private void testModified()
Expand Down

0 comments on commit 843c2e6

Please sign in to comment.