Commit ccc0d122 authored by Denis Kasak's avatar Denis Kasak
Browse files

olm_pk_decrypt: Ensure inputs are of correct length.

parent 2f35e0bc
Pipeline #5083 passed with stages
in 2 minutes and 20 seconds
...@@ -73,11 +73,13 @@ size_t olm_pk_encryption_set_recipient_key ( ...@@ -73,11 +73,13 @@ size_t olm_pk_encryption_set_recipient_key (
OlmErrorCode::OLM_INPUT_BUFFER_TOO_SMALL; OlmErrorCode::OLM_INPUT_BUFFER_TOO_SMALL;
return std::size_t(-1); return std::size_t(-1);
} }
olm::decode_base64( olm::decode_base64(
(const uint8_t*)key, (const uint8_t*)key,
olm_pk_key_length(), olm_pk_key_length(),
(uint8_t *)encryption->recipient_key.public_key (uint8_t *)encryption->recipient_key.public_key
); );
return 0; return 0;
} }
...@@ -363,17 +365,38 @@ size_t olm_pk_decrypt( ...@@ -363,17 +365,38 @@ size_t olm_pk_decrypt(
return std::size_t(-1); return std::size_t(-1);
} }
size_t raw_ciphertext_length = olm::decode_base64_length(ciphertext_length);
if (ephemeral_key_length != olm::encode_base64_length(CURVE25519_KEY_LENGTH)
|| mac_length != olm::encode_base64_length(MAC_LENGTH)
|| raw_ciphertext_length == std::size_t(-1)) {
decryption->last_error = OlmErrorCode::OLM_INVALID_BASE64;
return std::size_t(-1);
}
struct _olm_curve25519_public_key ephemeral; struct _olm_curve25519_public_key ephemeral;
olm::decode_base64( olm::decode_base64(
(const uint8_t*)ephemeral_key, ephemeral_key_length, (const uint8_t*)ephemeral_key,
olm::encode_base64_length(CURVE25519_KEY_LENGTH),
(uint8_t *)ephemeral.public_key (uint8_t *)ephemeral.public_key
); );
olm::SharedKey secret; olm::SharedKey secret;
_olm_crypto_curve25519_shared_secret(&decryption->key_pair, &ephemeral, secret); _olm_crypto_curve25519_shared_secret(&decryption->key_pair, &ephemeral, secret);
uint8_t raw_mac[MAC_LENGTH]; uint8_t raw_mac[MAC_LENGTH];
olm::decode_base64((const uint8_t*)mac, olm::encode_base64_length(MAC_LENGTH), raw_mac); olm::decode_base64(
size_t raw_ciphertext_length = olm::decode_base64_length(ciphertext_length); (const uint8_t *)mac,
olm::decode_base64((const uint8_t *)ciphertext, ciphertext_length, (uint8_t *)ciphertext); olm::encode_base64_length(MAC_LENGTH),
raw_mac
);
olm::decode_base64(
(const uint8_t *)ciphertext,
ciphertext_length,
(uint8_t *)ciphertext
);
size_t result = _olm_cipher_aes_sha_256_ops.decrypt( size_t result = _olm_cipher_aes_sha_256_ops.decrypt(
olm_pk_cipher, olm_pk_cipher,
secret, sizeof(secret), secret, sizeof(secret),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment