yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-01-10 22:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

RSA encryption: accept input=NULL if ilen=0

Browse source 
In mbedtls_rsa_rsaes_oaep_encrypt and
mbedtls_rsa_rsaes_pkcs1_v15_encrypt, if the input length is 0 (which
is unusual and mostly useless, but permitted) then it is fine for the
input pointer to be NULL. Don't return an error in this case.

When `input` is NULL, `memcpy( p, input, ilen )` has undefined behavior
even if `ilen` is zero. So skip the `memcpy` call in this case.
Likewise, in `mbedtls_rsa_rsaes_oaep_decrypt`, skip the `memcpy` call if
`*olen` is zero.
This commit is contained in:
Gilles Peskine 2018-07-06 15:47:54 +02:00 committed by Andrzej Kurek
parent fb236739da
commit 004f87b98d
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
library/rsa.c
View file

@ -1171,6 +1171,7 @@ int mbedtls_rsa_rsaes_oaep_encrypt( mbedtls_rsa_context *ctx,
p += hlen;
p += olen - 2 * hlen - 2 - ilen;
*p++ = 1;
if( ilen != 0 )
memcpy( p, input, ilen );
mbedtls_md_init( &md_ctx );
@ -1263,6 +1264,7 @@ int mbedtls_rsa_rsaes_pkcs1_v15_encrypt( mbedtls_rsa_context *ctx,
}
*p++ = 0;
if( ilen != 0 )
memcpy( p, input, ilen );
return( ( mode == MBEDTLS_RSA_PUBLIC )
@ -1441,6 +1443,7 @@ int mbedtls_rsa_rsaes_oaep_decrypt( mbedtls_rsa_context *ctx,
}
*olen = ilen - (p - buf);
if( *olen != 0 )
memcpy( output, p, *olen );
ret = 0;