[PATCH v2 1/6] bcrypt: Validate key size when importing RSA key.
Santino Mazza
mazzasantino1206 at gmail.com
Sun Mar 6 09:22:56 CST 2022
Signed-off-by: Santino Mazza <mazzasantino1206 at gmail.com>
---
dlls/bcrypt/bcrypt_main.c | 1 +
dlls/bcrypt/tests/bcrypt.c | 3 ---
2 files changed, 1 insertion(+), 3 deletions(-)
diff --git a/dlls/bcrypt/bcrypt_main.c b/dlls/bcrypt/bcrypt_main.c
index 0fb78ce39a5..7353cae26eb 100644
--- a/dlls/bcrypt/bcrypt_main.c
+++ b/dlls/bcrypt/bcrypt_main.c
@@ -1413,6 +1413,7 @@ static NTSTATUS key_import_pair( struct algorithm *alg, const WCHAR *type, BCRYP
return STATUS_NOT_SUPPORTED;
size = sizeof(*rsa_blob) + rsa_blob->cbPublicExp + rsa_blob->cbModulus;
+ if(size != input_len) return NTE_BAD_DATA;
return key_asymmetric_create( (struct key **)ret_key, alg, rsa_blob->BitLength, (BYTE *)rsa_blob, size );
}
else if (!wcscmp( type, BCRYPT_RSAPRIVATE_BLOB ) || !wcscmp( type, BCRYPT_RSAFULLPRIVATE_BLOB ))
diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c
index 5fb29a0e0ff..95addc1ab16 100644
--- a/dlls/bcrypt/tests/bcrypt.c
+++ b/dlls/bcrypt/tests/bcrypt.c
@@ -2122,11 +2122,8 @@ static void test_RSA(void)
ret = BCryptDestroyKey(key);
ok(!ret, "got %#lx\n", ret);
- todo_wine
- {
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, rsaPublicBlobWithInvalidPublicExpSize, sizeof(rsaPublicBlobWithInvalidPublicExpSize), 0);
ok(ret == NTE_BAD_DATA, "got %#lx\n", ret);
- }
ret = BCryptImportKeyPair(alg, NULL, BCRYPT_RSAPUBLIC_BLOB, &key, buf, size, 0);
ok(ret == STATUS_SUCCESS, "got %#lx\n", ret);
--
2.32.0
More information about the wine-devel
mailing list