libsec: check if modulus is too small for message in pkcs1padbuf()

1 files changed, 8 insertions, 0 deletions

diff --git a/sys/src/libsec/port/x509.c b/sys/src/libsec/port/x509.c
index 8c2f28a83..4e151915a 100644
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -2143,6 +2143,10 @@ pkcs1padbuf(uchar *buf, int len, mpint *modulus)
 	mpint *mp;
 
 	pm1 = n - 1 - len;
+	if(pm1 <= 2){
+		werrstr("pkcs1padbuf: modulus too small");
+		return nil;
+	}
 	p = (uchar*)emalloc(n);
 	p[0] = 0;
 	p[1] = 1;
@@ -2827,6 +2831,8 @@ X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen)
 		goto errret;
 	pkcs1 = pkcs1pad(sigbytes, pk->n);
 	freebytes(sigbytes);
+	if(pkcs1 == nil)
+		goto errret;
 
 	rsadecrypt(priv, pkcs1, pkcs1);
 	buflen = mptobe(pkcs1, nil, 0, &buf);
@@ -2894,6 +2900,8 @@ X509rsareq(RSApriv *priv, char *subj, int *certlen)
 		goto errret;
 	pkcs1 = pkcs1pad(sigbytes, pk->n);
 	freebytes(sigbytes);
+	if(pkcs1 == nil)
+		goto errret;
 
 	rsadecrypt(priv, pkcs1, pkcs1);
 	buflen = mptobe(pkcs1, nil, 0, &buf);