From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 19 Jan 2017 08:28:08 +0000 (+0100)
Subject: _decode_pkcs8_dsa_key: ensure that the P value is non-zero
X-Git-Tag: gnutls_3_6_0~1056
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d2d11cdcea17becbff00a34334136279d3cfe4fb;p=thirdparty%2Fgnutls.git

_decode_pkcs8_dsa_key: ensure that the P value is non-zero

When decoding a DSA private key, and constructing the public key
ensure that P is non-zero, and thus can be used as modulus.

Issue found using oss-fuzz:
  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=393

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 4e1e2686e2..cc52be94a8 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -1011,6 +1011,12 @@ _decode_pkcs8_dsa_key(ASN1_TYPE pkcs8_asn, gnutls_x509_privkey_t pkey)
 		goto error;
 	}
 
+	if (_gnutls_mpi_cmp_ui(pkey->params.params[0], 0) == 0) {
+		gnutls_assert();
+		ret = GNUTLS_E_ILLEGAL_PARAMETER;
+		goto error;
+	}
+
 	/* the public key can be generated as g^x mod p */
 	ret = _gnutls_mpi_init(&pkey->params.params[3]);
 	if (ret < 0) {