diff --git a/src/pk/asn1/der/sequence/der_decode_sequence_ex.c b/src/pk/asn1/der/sequence/der_decode_sequence_ex.c index 2b8bff0..27d6614 100644 --- a/src/pk/asn1/der/sequence/der_decode_sequence_ex.c +++ b/src/pk/asn1/der/sequence/der_decode_sequence_ex.c @@ -50,9 +50,12 @@ int der_decode_sequence_ex(const unsigned char *in, unsigned long inlen, } ++x; + /* check if the msb is set, which signals that the + * 7 lsb bits represent the number of bytes of the length + */ if (in[x] < 128) { blksize = in[x++]; - } else if (in[x] & 0x80) { + } else { if (in[x] < 0x81 || in[x] > 0x83) { return CRYPT_INVALID_PACKET; } diff --git a/src/pk/dh/dh_sys.c b/src/pk/dh/dh_sys.c index a687546..e464686 100644 --- a/src/pk/dh/dh_sys.c +++ b/src/pk/dh/dh_sys.c @@ -343,7 +343,7 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen, if (prng_descriptor[wprng].read(buf, sets[key->idx].size, prng) != (unsigned long)(sets[key->idx].size)) { err = CRYPT_ERROR_READPRNG; - goto LBL_ERR; + goto LBL_ERR_1; } /* init bignums */ @@ -352,23 +352,23 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen, } /* load k and m */ - if ((err = mp_read_unsigned_bin(m, (unsigned char *)in, inlen)) != CRYPT_OK) { goto error; } - if ((err = mp_read_unsigned_bin(k, buf, sets[key->idx].size)) != CRYPT_OK) { goto error; } + if ((err = mp_read_unsigned_bin(m, (unsigned char *)in, inlen)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_unsigned_bin(k, buf, sets[key->idx].size)) != CRYPT_OK) { goto LBL_ERR; } /* load g, p and p1 */ - if ((err = mp_read_radix(g, sets[key->idx].base, 64)) != CRYPT_OK) { goto error; } - if ((err = mp_read_radix(p, sets[key->idx].prime, 64)) != CRYPT_OK) { goto error; } - if ((err = mp_sub_d(p, 1, p1)) != CRYPT_OK) { goto error; } - if ((err = mp_div_2(p1, p1)) != CRYPT_OK) { goto error; } /* p1 = (p-1)/2 */ + if ((err = mp_read_radix(g, sets[key->idx].base, 64)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_read_radix(p, sets[key->idx].prime, 64)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_sub_d(p, 1, p1)) != CRYPT_OK) { goto LBL_ERR; } + if ((err = mp_div_2(p1, p1)) != CRYPT_OK) { goto LBL_ERR; } /* p1 = (p-1)/2 */ /* now get a = g^k mod p */ - if ((err = mp_exptmod(g, k, p, a)) != CRYPT_OK) { goto error; } + if ((err = mp_exptmod(g, k, p, a)) != CRYPT_OK) { goto LBL_ERR; } /* now find M = xa + kb mod p1 or just b = (M - xa)/k mod p1 */ - if ((err = mp_invmod(k, p1, k)) != CRYPT_OK) { goto error; } /* k = 1/k mod p1 */ - if ((err = mp_mulmod(a, key->x, p1, tmp)) != CRYPT_OK) { goto error; } /* tmp = xa */ - if ((err = mp_submod(m, tmp, p1, tmp)) != CRYPT_OK) { goto error; } /* tmp = M - xa */ - if ((err = mp_mulmod(k, tmp, p1, b)) != CRYPT_OK) { goto error; } /* b = (M - xa)/k */ + if ((err = mp_invmod(k, p1, k)) != CRYPT_OK) { goto LBL_ERR; } /* k = 1/k mod p1 */ + if ((err = mp_mulmod(a, key->x, p1, tmp)) != CRYPT_OK) { goto LBL_ERR; } /* tmp = xa */ + if ((err = mp_submod(m, tmp, p1, tmp)) != CRYPT_OK) { goto LBL_ERR; } /* tmp = M - xa */ + if ((err = mp_mulmod(k, tmp, p1, b)) != CRYPT_OK) { goto LBL_ERR; } /* b = (M - xa)/k */ /* check for overflow */ if ((unsigned long)(PACKET_SIZE + 4 + 4 + mp_unsigned_bin_size(a) + mp_unsigned_bin_size(b)) > *outlen) { @@ -382,12 +382,12 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen, /* now store them both (a,b) */ x = (unsigned long)mp_unsigned_bin_size(a); STORE32L(x, out+y); y += 4; - if ((err = mp_to_unsigned_bin(a, out+y)) != CRYPT_OK) { goto error; } + if ((err = mp_to_unsigned_bin(a, out+y)) != CRYPT_OK) { goto LBL_ERR; } y += x; x = (unsigned long)mp_unsigned_bin_size(b); STORE32L(x, out+y); y += 4; - if ((err = mp_to_unsigned_bin(b, out+y)) != CRYPT_OK) { goto error; } + if ((err = mp_to_unsigned_bin(b, out+y)) != CRYPT_OK) { goto LBL_ERR; } y += x; /* check if size too big */ @@ -401,10 +401,9 @@ int dh_sign_hash(const unsigned char *in, unsigned long inlen, *outlen = y; err = CRYPT_OK; - goto LBL_ERR; -error: LBL_ERR: mp_clear_multi(tmp, p1, g, p, m, k, b, a, NULL); +LBL_ERR_1: XFREE(buf);