Fix OID parsing
Force the OIDs read from input files to be interpreted as big-endian integers. Leaving them as little-endian results in invalid values in params, eventually leading to a crash.
Cette révision appartient à :
Justin Mathews
Parent
fd49bbbfe0
révision
2fd9fa9938
11
ui/keypair.c
11
ui/keypair.c
@ -17,7 +17,8 @@
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
xmss_params params;
|
||||
uint32_t oid;
|
||||
uint32_t oid = 0;
|
||||
int parse_oid_result = 0;
|
||||
|
||||
if (argc != 2) {
|
||||
fprintf(stderr, "Expected parameter string (e.g. 'XMSS-SHA2_10_256')"
|
||||
@ -27,7 +28,11 @@ int main(int argc, char **argv)
|
||||
}
|
||||
|
||||
XMSS_STR_TO_OID(&oid, argv[1]);
|
||||
XMSS_PARSE_OID(¶ms, oid);
|
||||
parse_oid_result = XMSS_PARSE_OID(¶ms, oid);
|
||||
if (parse_oid_result != 0) {
|
||||
fprintf(stderr, "Error parsing oid.\n");
|
||||
return parse_oid_result;
|
||||
}
|
||||
|
||||
unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
|
||||
unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
|
||||
@ -38,4 +43,6 @@ int main(int argc, char **argv)
|
||||
fwrite(sk, 1, XMSS_OID_LEN + params.sk_bytes, stdout);
|
||||
|
||||
fclose(stdout);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
17
ui/open.c
17
ui/open.c
@ -3,6 +3,7 @@
|
||||
|
||||
#include "../params.h"
|
||||
#include "../xmss.h"
|
||||
#include "../utils.h"
|
||||
|
||||
#ifdef XMSSMT
|
||||
#define XMSS_PARSE_OID xmssmt_parse_oid
|
||||
@ -17,7 +18,9 @@ int main(int argc, char **argv) {
|
||||
FILE *sm_file;
|
||||
|
||||
xmss_params params;
|
||||
uint32_t oid;
|
||||
uint32_t oid = 0;
|
||||
uint8_t buffer[XMSS_OID_LEN];
|
||||
int parse_oid_result;
|
||||
|
||||
unsigned long long smlen;
|
||||
int ret;
|
||||
@ -39,6 +42,7 @@ int main(int argc, char **argv) {
|
||||
sm_file = fopen(argv[2], "rb");
|
||||
if (sm_file == NULL) {
|
||||
fprintf(stderr, "Could not open signature + message file.\n");
|
||||
fclose(keypair_file);
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -46,8 +50,15 @@ int main(int argc, char **argv) {
|
||||
fseek(sm_file, 0, SEEK_END);
|
||||
smlen = ftell(sm_file);
|
||||
|
||||
fread(&oid, 1, XMSS_OID_LEN, keypair_file);
|
||||
XMSS_PARSE_OID(¶ms, oid);
|
||||
fread(&buffer, 1, XMSS_OID_LEN, keypair_file);
|
||||
oid = (uint32_t)bytes_to_ull(buffer, XMSS_OID_LEN);
|
||||
parse_oid_result = XMSS_PARSE_OID(¶ms, oid);
|
||||
if (parse_oid_result != 0) {
|
||||
fprintf(stderr, "Error parsing oid.\n");
|
||||
fclose(keypair_file);
|
||||
fclose(sm_file);
|
||||
return parse_oid_result;
|
||||
}
|
||||
|
||||
unsigned char pk[XMSS_OID_LEN + params.pk_bytes];
|
||||
unsigned char *sm = malloc(smlen);
|
||||
|
||||
31
ui/sign.c
31
ui/sign.c
@ -3,6 +3,7 @@
|
||||
|
||||
#include "../params.h"
|
||||
#include "../xmss.h"
|
||||
#include "../utils.h"
|
||||
|
||||
#ifdef XMSSMT
|
||||
#define XMSS_PARSE_OID xmssmt_parse_oid
|
||||
@ -17,8 +18,10 @@ int main(int argc, char **argv) {
|
||||
FILE *m_file;
|
||||
|
||||
xmss_params params;
|
||||
uint32_t oid_pk;
|
||||
uint32_t oid_sk;
|
||||
uint32_t oid_pk = 0;
|
||||
uint32_t oid_sk = 0;
|
||||
uint8_t buffer[XMSS_OID_LEN];
|
||||
int parse_oid_result;
|
||||
|
||||
unsigned long long mlen;
|
||||
|
||||
@ -39,6 +42,7 @@ int main(int argc, char **argv) {
|
||||
m_file = fopen(argv[2], "rb");
|
||||
if (m_file == NULL) {
|
||||
fprintf(stderr, "Could not open message file.\n");
|
||||
fclose(keypair_file);
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -47,14 +51,29 @@ int main(int argc, char **argv) {
|
||||
mlen = ftell(m_file);
|
||||
|
||||
/* Read the OID from the public key, as we need its length to seek past it */
|
||||
fread(&oid_pk, 1, XMSS_OID_LEN, keypair_file);
|
||||
XMSS_PARSE_OID(¶ms, oid_pk);
|
||||
fread(&buffer, 1, XMSS_OID_LEN, keypair_file);
|
||||
/* The XMSS_OID_LEN bytes in buffer are a big-endian uint32. */
|
||||
oid_pk = (uint32_t)bytes_to_ull(buffer, XMSS_OID_LEN);
|
||||
parse_oid_result = XMSS_PARSE_OID(¶ms, oid_pk);
|
||||
if (parse_oid_result != 0) {
|
||||
fprintf(stderr, "Error parsing public key oid.\n");
|
||||
fclose(keypair_file);
|
||||
fclose(m_file);
|
||||
return parse_oid_result;
|
||||
}
|
||||
|
||||
/* fseek past the public key */
|
||||
fseek(keypair_file, params.pk_bytes, SEEK_CUR);
|
||||
/* This is the OID we're actually going to use. Likely the same, but still. */
|
||||
fread(&oid_sk, 1, XMSS_OID_LEN, keypair_file);
|
||||
XMSS_PARSE_OID(¶ms, oid_sk);
|
||||
fread(&buffer, 1, XMSS_OID_LEN, keypair_file);
|
||||
oid_sk = (uint32_t)bytes_to_ull(buffer, XMSS_OID_LEN);
|
||||
parse_oid_result = XMSS_PARSE_OID(¶ms, oid_sk);
|
||||
if (parse_oid_result != 0) {
|
||||
fprintf(stderr, "Error parsing secret key oid.\n");
|
||||
fclose(keypair_file);
|
||||
fclose(m_file);
|
||||
return parse_oid_result;
|
||||
}
|
||||
|
||||
unsigned char sk[XMSS_OID_LEN + params.sk_bytes];
|
||||
unsigned char *m = malloc(mlen);
|
||||
|
||||
Chargement…
Référencer dans un nouveau ticket
Block a user