Verify decoded length of GOST public keys

This format is fixed length, so verify that. Caught by OSS-Fuzz where UbSan noticed that if the decoded array was empty we would use &bits[0] of an empty vector. OSS-Fuzz 35123
author: Jack Lloyd <[email protected]> 2021-06-10 09:19:19 -0400
committer: Jack Lloyd <[email protected]> 2021-06-10 09:19:19 -0400
commit: 90b1e832546f2a47d17a1c4272a0a1d05e602f57 (patch)
tree: 4d6e2266e710e0616c7308076825680fb223cf92 /src/lib
parent: d6b80cad42cab43e458e65baed23b53034156db6 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/src/lib/pubkey/gost_3410/gost_3410.cpp b/src/lib/pubkey/gost_3410/gost_3410.cpp
index cfa03fe46..8ae2dea90 100644
--- a/src/lib/pubkey/gost_3410/gost_3410.cpp
+++ b/src/lib/pubkey/gost_3410/gost_3410.cpp
@@ -80,6 +80,9 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
    secure_vector<uint8_t> bits;
    BER_Decoder(key_bits).decode(bits, ASN1_Type::OctetString);
 
+   if(bits.size() != 2*(p_bits/8))
+      throw Decoding_Error("GOST-34.10-2020 invalid encoding of public key");
+
    const size_t part_size = bits.size() / 2;
 
    // Keys are stored in little endian format (WTF)
author	Jack Lloyd <[email protected]>	2021-06-10 09:19:19 -0400
committer	Jack Lloyd <[email protected]>	2021-06-10 09:19:19 -0400
commit	90b1e832546f2a47d17a1c4272a0a1d05e602f57 (patch)
tree	4d6e2266e710e0616c7308076825680fb223cf92 /src/lib
parent	d6b80cad42cab43e458e65baed23b53034156db6 (diff)