diff options
| author | Peter Dettman <peter.dettman@bouncycastle.org> | 2020-02-20 01:08:52 +0700 |
|---|---|---|
| committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2020-02-20 01:08:52 +0700 |
| commit | f9a7d8dde7b260d19a042729d20dd1c6d68a6276 (patch) | |
| tree | 3ff1d7eaef82e79e9ac03889b7d732af3331ef46 | |
| parent | Fix typo (diff) | |
| download | BouncyCastle.NET-ed25519-f9a7d8dde7b260d19a042729d20dd1c6d68a6276.tar.xz | |
Stricter header validation for PEM files
| -rw-r--r-- | crypto/src/util/io/pem/PemReader.cs | 11 | ||||
| -rw-r--r-- | crypto/test/src/util/io/pem/test/AllTests.cs | 8 |
2 files changed, 15 insertions, 4 deletions
diff --git a/crypto/src/util/io/pem/PemReader.cs b/crypto/src/util/io/pem/PemReader.cs index bf712b6de..61e132fa7 100644 --- a/crypto/src/util/io/pem/PemReader.cs +++ b/crypto/src/util/io/pem/PemReader.cs @@ -39,11 +39,14 @@ namespace Org.BouncyCastle.Utilities.IO.Pem { line = line.Substring(BeginString.Length); int index = line.IndexOf('-'); - string type = line.Substring(0, index); - if (index > 0) - return LoadObject(type); - } + if (index > 0 && Platform.EndsWith(line, "-----") && (line.Length - index) == 5) + { + string type = line.Substring(0, index); + + return LoadObject(type); + } + } return null; } diff --git a/crypto/test/src/util/io/pem/test/AllTests.cs b/crypto/test/src/util/io/pem/test/AllTests.cs index 921c40cb8..c0ca667f5 100644 --- a/crypto/test/src/util/io/pem/test/AllTests.cs +++ b/crypto/test/src/util/io/pem/test/AllTests.cs @@ -63,6 +63,14 @@ namespace Org.BouncyCastle.Utilities.IO.Pem.Tests lengthTest("RSA PRIVATE KEY", headers, new byte[103]); } + [Test] + public void TestMalformed() + { + PemReader rd = new PemReader(new StringReader("-----BEGIN \n")); + + Assert.IsNull(rd.ReadPemObject()); + } + private void lengthTest(string type, IList headers, byte[] data) { StringWriter sw = new StringWriter(); |