diff options
author | David Hook <dgh@bouncycastle.org> | 2017-05-16 00:36:34 +1000 |
---|---|---|
committer | David Hook <dgh@bouncycastle.org> | 2017-05-16 00:36:34 +1000 |
commit | fefed20bec7e07456cd50a710cc11fff18cf46c1 (patch) | |
tree | 4faca389cacee73d5e34d593ac1fd9795c9431de /crypto/src | |
parent | Fix a bunch of RFC references in comments (diff) | |
download | BouncyCastle.NET-ed25519-fefed20bec7e07456cd50a710cc11fff18cf46c1.tar.xz |
Added validation of integer/enumerated encoding.
Diffstat (limited to 'crypto/src')
-rw-r--r-- | crypto/src/asn1/DerEnumerated.cs | 13 | ||||
-rw-r--r-- | crypto/src/asn1/DerInteger.cs | 13 |
2 files changed, 24 insertions, 2 deletions
diff --git a/crypto/src/asn1/DerEnumerated.cs b/crypto/src/asn1/DerEnumerated.cs index 476b7fa9a..db27065bb 100644 --- a/crypto/src/asn1/DerEnumerated.cs +++ b/crypto/src/asn1/DerEnumerated.cs @@ -64,7 +64,18 @@ namespace Org.BouncyCastle.Asn1 public DerEnumerated( byte[] bytes) { - this.bytes = bytes; + if (bytes.Length > 1) + { + if (bytes[0] == 0 && (bytes[1] & 0x80) == 0) + { + throw new ArgumentException("malformed enumerated"); + } + if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0) + { + throw new ArgumentException("malformed enumerated"); + } + } + this.bytes = Arrays.Clone(bytes); } public BigInteger Value diff --git a/crypto/src/asn1/DerInteger.cs b/crypto/src/asn1/DerInteger.cs index 3610de588..5b240d281 100644 --- a/crypto/src/asn1/DerInteger.cs +++ b/crypto/src/asn1/DerInteger.cs @@ -70,7 +70,18 @@ namespace Org.BouncyCastle.Asn1 public DerInteger( byte[] bytes) { - this.bytes = bytes; + if (bytes.Length > 1) + { + if (bytes[0] == 0 && (bytes[1] & 0x80) == 0) + { + throw new ArgumentException("malformed integer"); + } + if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0) + { + throw new ArgumentException("malformed integer"); + } + } + this.bytes = Arrays.Clone(bytes); } public BigInteger Value |