From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 2 Jan 2017 10:51:10 +0000 (+0100)
Subject: pkcs7 decrypt: require a valid IV size on all ciphers
X-Git-Tag: gnutls_3_6_0~1126
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c99a138f42205d8da98d96bed5a55c8a6205d97;p=thirdparty%2Fgnutls.git

pkcs7 decrypt: require a valid IV size on all ciphers

That is, do not accept the IV size present in the structure as valid
without checking.

Relates #156
---

diff --git a/lib/x509/pkcs7-crypt.c b/lib/x509/pkcs7-crypt.c
index 968775657e..e62500c84d 100644
--- a/lib/x509/pkcs7-crypt.c
+++ b/lib/x509/pkcs7-crypt.c
@@ -1091,10 +1091,19 @@ _gnutls_pkcs_raw_decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn,
 	ce = cipher_to_entry(enc_params->cipher);
 	block_size = _gnutls_cipher_get_block_size(ce);
 
-	if (ce->type == CIPHER_BLOCK && (enc.size % block_size != 0)) {
-		gnutls_assert();
-		ret = GNUTLS_E_DECRYPTION_FAILED;
-		goto error;
+	if (ce->type == CIPHER_BLOCK) {
+		if (enc.size % block_size != 0 || (unsigned)enc_params->iv_size != block_size) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
+	} else {
+		unsigned iv_size = _gnutls_cipher_get_iv_size(ce);
+		if (iv_size > (unsigned)enc_params->iv_size) {
+			gnutls_assert();
+			ret = GNUTLS_E_DECRYPTION_FAILED;
+			goto error;
+		}
 	}
 
 	/* do the decryption.