| Message ID | 20231215142251.52393-2-Michael.Glembotzki@iris-sensing.com |
|---|---|
| State | Accepted |
| Delegated to: | Stefano Babic |
| Headers | show |
| Series | Add support for asymmetric decryption | expand |
Patchwork shows [V3][PATCH 01/10] is Under Review, but it is already merged in 7317146dea102c38a27dc7d25b462fc8dc48105b. Michael Glembotzki schrieb am Freitag, 15. Dezember 2023 um 15:23:05 UTC+1: > When parsing an invalid hex string for the aes key or ivt no error is > returned. > > Check if aes key and ivt are valid hex strings. > > Signed-off-by: Michael Glembotzki <Michael.G...@iris-sensing.com> > --- > core/util.c | 25 +++++++++++++++++++++++++ > include/util.h | 1 + > 2 files changed, 26 insertions(+) > > diff --git a/core/util.c b/core/util.c > index cb2cf78..99ed628 100644 > --- a/core/util.c > +++ b/core/util.c > @@ -520,6 +520,23 @@ unsigned char *get_aes_ivt(void) { > return aes_key->ivt; > } > > +bool is_hex_str(const char *ascii) { > + unsigned int i, size; > + > + if (!ascii) > + return false; > + > + size = strlen(ascii); > + if (!size) > + return false; > + > + for (i = 0; i < size; ++i) { > + if (!isxdigit(ascii[i])) > + return false; > + } > + return true; > +} > + > int set_aes_key(const char *key, const char *ivt) > { > int ret; > @@ -534,6 +551,11 @@ int set_aes_key(const char *key, const char *ivt) > return -ENOMEM; > } > > + if (strlen(ivt) != (AES_BLK_SIZE*2) || !is_hex_str(ivt)) { > + ERROR("Invalid ivt"); > + return -EINVAL; > + } > + > ret = ascii_to_bin(aes_key->ivt, sizeof(aes_key->ivt), ivt); > #ifdef CONFIG_PKCS11 > keylen = strlen(key) + 1; > @@ -551,12 +573,15 @@ int set_aes_key(const char *key, const char *ivt) > aes_key->keylen = keylen / 2; > break; > default: > + ERROR("Invalid aes_key length"); > return -EINVAL; > } > + ret |= !is_hex_str(key); > ret |= ascii_to_bin(aes_key->key, aes_key->keylen, key); > #endif > > if (ret) { > + ERROR("Invalid aes_key"); > return -EINVAL; > } > > diff --git a/include/util.h b/include/util.h > index 1020bef..062840f 100644 > --- a/include/util.h > +++ b/include/util.h > @@ -163,6 +163,7 @@ int ascii_to_hash(unsigned char *hash, const char *s); > int ascii_to_bin(unsigned char *dest, size_t dstlen, const char *src); > void hash_to_ascii(const unsigned char *hash, char *s); > int IsValidHash(const unsigned char *hash); > +bool is_hex_str(const char *ascii); > > #ifndef typeof > #define typeof __typeof__ > -- > 2.35.7 > >
Hi Michael, On 18.06.24 22:00, Michael Glembotzki wrote: > Patchwork shows [V3][PATCH 01/10] is Under Review, but it is already > merged in 7317146dea102c38a27dc7d25b462fc8dc48105b. > Right, this is a fixed, I picked up the patch. I set it in patchwork to "Accepted" Regards, Stefano > Michael Glembotzki schrieb am Freitag, 15. Dezember 2023 um 15:23:05 UTC+1: > > When parsing an invalid hex string for the aes key or ivt no error is > returned. > > Check if aes key and ivt are valid hex strings. > > Signed-off-by: Michael Glembotzki <Michael.G...@iris-sensing.com> > --- > core/util.c | 25 +++++++++++++++++++++++++ > include/util.h | 1 + > 2 files changed, 26 insertions(+) > > diff --git a/core/util.c b/core/util.c > index cb2cf78..99ed628 100644 > --- a/core/util.c > +++ b/core/util.c > @@ -520,6 +520,23 @@ unsigned char *get_aes_ivt(void) { > return aes_key->ivt; > } > > +bool is_hex_str(const char *ascii) { > + unsigned int i, size; > + > + if (!ascii) > + return false; > + > + size = strlen(ascii); > + if (!size) > + return false; > + > + for (i = 0; i < size; ++i) { > + if (!isxdigit(ascii[i])) > + return false; > + } > + return true; > +} > + > int set_aes_key(const char *key, const char *ivt) > { > int ret; > @@ -534,6 +551,11 @@ int set_aes_key(const char *key, const char *ivt) > return -ENOMEM; > } > > + if (strlen(ivt) != (AES_BLK_SIZE*2) || !is_hex_str(ivt)) { > + ERROR("Invalid ivt"); > + return -EINVAL; > + } > + > ret = ascii_to_bin(aes_key->ivt, sizeof(aes_key->ivt), ivt); > #ifdef CONFIG_PKCS11 > keylen = strlen(key) + 1; > @@ -551,12 +573,15 @@ int set_aes_key(const char *key, const char *ivt) > aes_key->keylen = keylen / 2; > break; > default: > + ERROR("Invalid aes_key length"); > return -EINVAL; > } > + ret |= !is_hex_str(key); > ret |= ascii_to_bin(aes_key->key, aes_key->keylen, key); > #endif > > if (ret) { > + ERROR("Invalid aes_key"); > return -EINVAL; > } > > diff --git a/include/util.h b/include/util.h > index 1020bef..062840f 100644 > --- a/include/util.h > +++ b/include/util.h > @@ -163,6 +163,7 @@ int ascii_to_hash(unsigned char *hash, const > char *s); > int ascii_to_bin(unsigned char *dest, size_t dstlen, const char *src); > void hash_to_ascii(const unsigned char *hash, char *s); > int IsValidHash(const unsigned char *hash); > +bool is_hex_str(const char *ascii); > > #ifndef typeof > #define typeof __typeof__ > -- > 2.35.7 > > -- > You received this message because you are subscribed to the Google > Groups "swupdate" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to swupdate+unsubscribe@googlegroups.com > <mailto:swupdate+unsubscribe@googlegroups.com>. > To view this discussion on the web visit > https://groups.google.com/d/msgid/swupdate/c470c048-5dd9-4141-9cfd-f4a486e20c85n%40googlegroups.com <https://groups.google.com/d/msgid/swupdate/c470c048-5dd9-4141-9cfd-f4a486e20c85n%40googlegroups.com?utm_medium=email&utm_source=footer>.
diff --git a/core/util.c b/core/util.c index cb2cf78..99ed628 100644 --- a/core/util.c +++ b/core/util.c @@ -520,6 +520,23 @@ unsigned char *get_aes_ivt(void) { return aes_key->ivt; } +bool is_hex_str(const char *ascii) { + unsigned int i, size; + + if (!ascii) + return false; + + size = strlen(ascii); + if (!size) + return false; + + for (i = 0; i < size; ++i) { + if (!isxdigit(ascii[i])) + return false; + } + return true; +} + int set_aes_key(const char *key, const char *ivt) { int ret; @@ -534,6 +551,11 @@ int set_aes_key(const char *key, const char *ivt) return -ENOMEM; } + if (strlen(ivt) != (AES_BLK_SIZE*2) || !is_hex_str(ivt)) { + ERROR("Invalid ivt"); + return -EINVAL; + } + ret = ascii_to_bin(aes_key->ivt, sizeof(aes_key->ivt), ivt); #ifdef CONFIG_PKCS11 keylen = strlen(key) + 1; @@ -551,12 +573,15 @@ int set_aes_key(const char *key, const char *ivt) aes_key->keylen = keylen / 2; break; default: + ERROR("Invalid aes_key length"); return -EINVAL; } + ret |= !is_hex_str(key); ret |= ascii_to_bin(aes_key->key, aes_key->keylen, key); #endif if (ret) { + ERROR("Invalid aes_key"); return -EINVAL; } diff --git a/include/util.h b/include/util.h index 1020bef..062840f 100644 --- a/include/util.h +++ b/include/util.h @@ -163,6 +163,7 @@ int ascii_to_hash(unsigned char *hash, const char *s); int ascii_to_bin(unsigned char *dest, size_t dstlen, const char *src); void hash_to_ascii(const unsigned char *hash, char *s); int IsValidHash(const unsigned char *hash); +bool is_hex_str(const char *ascii); #ifndef typeof #define typeof __typeof__
When parsing an invalid hex string for the aes key or ivt no error is returned. Check if aes key and ivt are valid hex strings. Signed-off-by: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com> --- core/util.c | 25 +++++++++++++++++++++++++ include/util.h | 1 + 2 files changed, 26 insertions(+)