From 2fd9fa9938140b6927155d2ebb195f5a572ccb0a Mon Sep 17 00:00:00 2001
From: Justin Mathews <Justin.Mathews@isara.com>
Date: Thu, 15 Feb 2018 17:45:19 -0500
Subject: [PATCH] Fix OID parsing

Force the OIDs read from input files to be interpreted as big-endian integers.
Leaving them as little-endian results in invalid values in params, eventually
leading to a crash.
---
 ui/keypair.c | 11 +++++++++--
 ui/open.c    | 17 ++++++++++++++---
 ui/sign.c    | 31 +++++++++++++++++++++++++------
 3 files changed, 48 insertions(+), 11 deletions(-)

diff --git a/ui/keypair.c b/ui/keypair.c
index c4c6d4b..612c448 100644
--- a/ui/keypair.c
+++ b/ui/keypair.c
@@ -17,7 +17,8 @@
 int main(int argc, char **argv)
 {
     xmss_params params;
-    uint32_t oid;
+    uint32_t oid = 0;
+    int parse_oid_result = 0;
 
     if (argc != 2) {
         fprintf(stderr, "Expected parameter string (e.g. 'XMSS-SHA2_10_256')"
@@ -27,7 +28,11 @@ int main(int argc, char **argv)
     }
 
     XMSS_STR_TO_OID(&oid, argv[1]);
-    XMSS_PARSE_OID(&params, oid);
+    parse_oid_result = XMSS_PARSE_OID(&params, oid);
+    if (parse_oid_result != 0) {
+        fprintf(stderr, "Error parsing oid.\n");
+        return parse_oid_result;
+    }
 
     unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
     unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
@@ -38,4 +43,6 @@ int main(int argc, char **argv)
     fwrite(sk, 1, XMSS_OID_LEN + params.sk_bytes, stdout);
 
     fclose(stdout);
+
+    return 0;
 }
diff --git a/ui/open.c b/ui/open.c
index 4fa10bf..a0b0b94 100644
--- a/ui/open.c
+++ b/ui/open.c
@@ -3,6 +3,7 @@
 
 #include "../params.h"
 #include "../xmss.h"
+#include "../utils.h"
 
 #ifdef XMSSMT
     #define XMSS_PARSE_OID xmssmt_parse_oid
@@ -17,7 +18,9 @@ int main(int argc, char **argv) {
     FILE *sm_file;
 
     xmss_params params;
-    uint32_t oid;
+    uint32_t oid = 0;
+    uint8_t buffer[XMSS_OID_LEN];
+    int parse_oid_result;
 
     unsigned long long smlen;
     int ret;
@@ -39,6 +42,7 @@ int main(int argc, char **argv) {
     sm_file = fopen(argv[2], "rb");
     if (sm_file == NULL) {
         fprintf(stderr, "Could not open signature + message file.\n");
+        fclose(keypair_file);
         return -1;
     }
 
@@ -46,8 +50,15 @@ int main(int argc, char **argv) {
     fseek(sm_file, 0, SEEK_END);
     smlen = ftell(sm_file);
 
-    fread(&oid, 1, XMSS_OID_LEN, keypair_file);
-    XMSS_PARSE_OID(&params, oid);
+    fread(&buffer, 1, XMSS_OID_LEN, keypair_file);
+    oid = (uint32_t)bytes_to_ull(buffer, XMSS_OID_LEN);
+    parse_oid_result = XMSS_PARSE_OID(&params, oid);
+    if (parse_oid_result != 0) {
+        fprintf(stderr, "Error parsing oid.\n");
+        fclose(keypair_file);
+        fclose(sm_file);
+        return parse_oid_result;
+    }
 
     unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
     unsigned char *sm = malloc(smlen);
diff --git a/ui/sign.c b/ui/sign.c
index ef793ce..d82ea6b 100644
--- a/ui/sign.c
+++ b/ui/sign.c
@@ -3,6 +3,7 @@
 
 #include "../params.h"
 #include "../xmss.h"
+#include "../utils.h"
 
 #ifdef XMSSMT
     #define XMSS_PARSE_OID xmssmt_parse_oid
@@ -17,8 +18,10 @@ int main(int argc, char **argv) {
     FILE *m_file;
 
     xmss_params params;
-    uint32_t oid_pk;
-    uint32_t oid_sk;
+    uint32_t oid_pk = 0;
+    uint32_t oid_sk = 0;
+    uint8_t buffer[XMSS_OID_LEN];
+    int parse_oid_result;
 
     unsigned long long mlen;
 
@@ -39,6 +42,7 @@ int main(int argc, char **argv) {
     m_file = fopen(argv[2], "rb");
     if (m_file == NULL) {
         fprintf(stderr, "Could not open message file.\n");
+        fclose(keypair_file);
         return -1;
     }
 
@@ -47,14 +51,29 @@ int main(int argc, char **argv) {
     mlen = ftell(m_file);
 
     /* Read the OID from the public key, as we need its length to seek past it */
-    fread(&oid_pk, 1, XMSS_OID_LEN, keypair_file);
-    XMSS_PARSE_OID(&params, oid_pk);
+    fread(&buffer, 1, XMSS_OID_LEN, keypair_file);
+    /* The XMSS_OID_LEN bytes in buffer are a big-endian uint32. */
+    oid_pk = (uint32_t)bytes_to_ull(buffer, XMSS_OID_LEN);
+    parse_oid_result = XMSS_PARSE_OID(&params, oid_pk);
+    if (parse_oid_result != 0) {
+        fprintf(stderr, "Error parsing public key oid.\n");
+        fclose(keypair_file);
+        fclose(m_file);
+        return parse_oid_result;
+    }
 
     /* fseek past the public key */
     fseek(keypair_file, params.pk_bytes, SEEK_CUR);
     /* This is the OID we're actually going to use. Likely the same, but still. */
-    fread(&oid_sk, 1, XMSS_OID_LEN, keypair_file);
-    XMSS_PARSE_OID(&params, oid_sk);
+    fread(&buffer, 1, XMSS_OID_LEN, keypair_file);
+    oid_sk = (uint32_t)bytes_to_ull(buffer, XMSS_OID_LEN);
+    parse_oid_result = XMSS_PARSE_OID(&params, oid_sk);
+    if (parse_oid_result != 0) {
+        fprintf(stderr, "Error parsing secret key oid.\n");
+        fclose(keypair_file);
+        fclose(m_file);
+        return parse_oid_result;
+    }
 
     unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
     unsigned char *m = malloc(mlen);