From 45c6b993945f01076e386cb59988b1836a329999 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Tue, 7 May 2024 22:44:37 +0700 Subject: Patch #1 for 2.3 - TLS: fix timing side-channel for RSA key exchange - fix method Write(ReadOnlySpan) in LimitedBuffer - ASN.1: Limit OID contents to 4096 bytes - EdDSA: fix verification infinite loop - EC: restrict m value in F2m curves --- crypto/src/asn1/Asn1InputStream.cs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'crypto/src/asn1/Asn1InputStream.cs') diff --git a/crypto/src/asn1/Asn1InputStream.cs b/crypto/src/asn1/Asn1InputStream.cs index 96b0a1c66..3b5eaaa95 100644 --- a/crypto/src/asn1/Asn1InputStream.cs +++ b/crypto/src/asn1/Asn1InputStream.cs @@ -377,7 +377,9 @@ namespace Org.BouncyCastle.Asn1 switch (tagNo) { case Asn1Tags.BmpString: + { return CreateDerBmpString(defIn); + } case Asn1Tags.Boolean: { GetBuffer(defIn, tmpBuffers, out var contents); @@ -390,9 +392,16 @@ namespace Org.BouncyCastle.Asn1 } case Asn1Tags.ObjectIdentifier: { + DerObjectIdentifier.CheckContentsLength(defIn.Remaining); bool usedBuffer = GetBuffer(defIn, tmpBuffers, out var contents); return DerObjectIdentifier.CreatePrimitive(contents, clone: usedBuffer); } + case Asn1Tags.RelativeOid: + { + Asn1RelativeOid.CheckContentsLength(defIn.Remaining); + bool usedBuffer = GetBuffer(defIn, tmpBuffers, out var contents); + return Asn1RelativeOid.CreatePrimitive(contents, clone: usedBuffer); + } } byte[] bytes = defIn.ToArray(); @@ -421,8 +430,6 @@ namespace Org.BouncyCastle.Asn1 return Asn1OctetString.CreatePrimitive(bytes); case Asn1Tags.PrintableString: return DerPrintableString.CreatePrimitive(bytes); - case Asn1Tags.RelativeOid: - return Asn1RelativeOid.CreatePrimitive(bytes, false); case Asn1Tags.T61String: return DerT61String.CreatePrimitive(bytes); case Asn1Tags.UniversalString: -- cgit 1.5.1