Skip to content

Commit 4f4b5ff

Browse files
authored
Merge commit from fork
Base64 decode buffer length checking
2 parents 788be4a + b993d49 commit 4f4b5ff

8 files changed

Lines changed: 328 additions & 9 deletions

File tree

include/crypto_error.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@
5858
#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE 513
5959
#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR 514
6060
#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR 515
61+
#define CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR 516
6162

6263
#define CAM_CONFIG_NOT_SUPPORTED_ERROR 600
6364
#define CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL 601
@@ -165,7 +166,7 @@
165166
#define CAM_ERROR_CODES_MAX 610
166167

167168
#define KMC_ERROR_CODES 500
168-
#define KMC_ERROR_CODES_MAX 515
169+
#define KMC_ERROR_CODES_MAX 516
169170

170171
#define CRYPTO_INTERFACE_ERROR_CODES 400
171172
#define CRYPTO_INTERFACE_ERROR_CODES_MAX 402

src/core/crypto_error.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,7 @@ char *crypto_enum_errlist_crypto_kmc[] = {
155155
(char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE",
156156
(char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR",
157157
(char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR",
158+
(char *)"CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR",
158159
};
159160

160161
char *crypto_enum_errlist_crypto_cam[] = {

src/crypto/kmc/base64.c

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -174,7 +174,7 @@ void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *ou
174174
* @return Error code
175175
**/
176176

177-
int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen)
177+
int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen)
178178
{
179179
int32_t error;
180180
uint32_t value;
@@ -194,6 +194,18 @@ int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t
194194
// Initialize status code
195195
error = NO_ERROR;
196196

197+
// Check expected output buffer size is large enough for decoded input
198+
uint16_t outputLen_expected = 0;
199+
uint8_t padding = 0;
200+
if (inputLen >= 1 && input[inputLen-1] == '=')
201+
padding++;
202+
if (inputLen >= 2 && input[inputLen-2] == '=')
203+
padding++;
204+
outputLen_expected = ((inputLen * 3) / 4) - padding;
205+
206+
if (decoded_buffer_size < outputLen_expected)
207+
return ERROR_INVALID_LENGTH;
208+
197209
// Point to the buffer where to write the decoded data
198210
p = (uint8_t *)output;
199211

src/crypto/kmc/base64.h

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,7 @@ extern "C"
4747
// Base64 encoding related functions
4848
void base64Encode(const void *input, size_t inputLen, char_t *output, size_t *outputLen);
4949

50-
int32_t base64Decode(const char_t *input, size_t inputLen, void *output, size_t *outputLen);
50+
int32_t base64Decode(const char_t *input, size_t inputLen, void *output, uint16_t decoded_buffer_size, size_t *outputLen);
5151

5252
#define ERROR_INVALID_PARAMETER 21
5353
#define ERROR_INVALID_LENGTH 22

src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c

Lines changed: 30 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -479,9 +479,15 @@ static int32_t cryptography_encrypt(uint8_t *data_out, size_t len_data_out, uint
479479

480480
/* JSON Response Handling End */
481481

482-
uint8_t *ciphertext_decoded = malloc((len_data_out)*2 + 1);
482+
uint16_t decoded_buffer_size = (len_data_out)*2 + 1;
483+
uint8_t *ciphertext_decoded = malloc(decoded_buffer_size);
483484
size_t ciphertext_decoded_len = 0;
484-
base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, &ciphertext_decoded_len);
485+
if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len) != 0)
486+
{
487+
free(chunk_write);
488+
free(ciphertext_decoded);
489+
return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR;
490+
}
485491
#ifdef DEBUG
486492
printf("Decoded Cipher Text Length: %ld\n", ciphertext_decoded_len);
487493
printf("Decoded Cipher Text: \n");
@@ -685,9 +691,15 @@ static int32_t cryptography_decrypt(uint8_t *data_out, size_t len_data_out, uint
685691

686692
/* JSON Response Handling End */
687693

688-
uint8_t *cleartext_decoded = malloc((len_data_out)*2 + 1);
694+
uint16_t decoded_buffer_size = (len_data_out)*2 + 1;
695+
uint8_t *cleartext_decoded = malloc(decoded_buffer_size);
689696
size_t cleartext_decoded_len = 0;
690-
base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, &cleartext_decoded_len);
697+
if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, &cleartext_decoded_len) != 0)
698+
{
699+
free(chunk_write);
700+
free(cleartext_decoded);
701+
return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR;
702+
}
691703
#ifdef DEBUG
692704
printf("Decoded Cipher Text Length: %ld\n", cleartext_decoded_len);
693705
printf("Decoded Cipher Text: \n");
@@ -1528,9 +1540,15 @@ static int32_t cryptography_aead_encrypt(uint8_t *data_out, size_t len_data_out,
15281540

15291541
/* JSON Response Handling End */
15301542

1543+
uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1;
15311544
uint8_t *ciphertext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1);
15321545
size_t ciphertext_decoded_len = 0;
1533-
base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, &ciphertext_decoded_len);
1546+
if (base64Decode(ciphertext_base64, strlen(ciphertext_base64), ciphertext_decoded, decoded_buffer_size, &ciphertext_decoded_len) != 0)
1547+
{
1548+
free(chunk_write);
1549+
free(ciphertext_base64);
1550+
return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR;
1551+
}
15341552
#ifdef DEBUG
15351553
printf("Mac size: %d\n", mac_size);
15361554
printf("Decoded Cipher Text Length: %ld\n", ciphertext_decoded_len);
@@ -1836,9 +1854,15 @@ static int32_t cryptography_aead_decrypt(uint8_t *data_out, size_t len_data_out,
18361854

18371855
/* JSON Response Handling End */
18381856

1857+
uint16_t decoded_buffer_size = (len_data_out + mac_size + aad_len) * 2 + 1;
18391858
uint8_t *cleartext_decoded = malloc((len_data_out + mac_size + aad_len) * 2 + 1);
18401859
size_t cleartext_decoded_len = 0;
1841-
base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, &cleartext_decoded_len);
1860+
if (base64Decode(cleartext_base64, strlen(cleartext_base64), cleartext_decoded, decoded_buffer_size, &cleartext_decoded_len) != 0)
1861+
{
1862+
free(chunk_write);
1863+
free(cleartext_base64);
1864+
return CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR;
1865+
}
18421866
#ifdef DEBUG
18431867
printf("Decoded Cipher Text Length: %ld\n", cleartext_decoded_len);
18441868
printf("Decoded Cipher Text: \n");

test/CMakeLists.txt

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -106,6 +106,10 @@ if((KMC_MDB_DB OR KMC_MDB_RH))
106106
add_test(NAME UT_MARIADB
107107
COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb
108108
WORKING_DIRECTORY ${PROJECT_TEST_DIR})
109+
110+
add_test(NAME UT_B64
111+
COMMAND ${PROJECT_BINARY_DIR}/bin/ut_b64
112+
WORKING_DIRECTORY ${PROJECT_TEST_DIR})
109113

110114
add_test(NAME UT_KMC_CRYPTO
111115
COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto

test/include/ut_b64.h

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration.
2+
All Foreign Rights are Reserved to the U.S. Government.
3+
4+
This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory,
5+
including, but not limited to, any warranty that the software will conform to specifications, any implied warranties
6+
of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the
7+
documentation will conform to the program, or any warranty that the software will be error free.
8+
9+
In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or
10+
consequential damages, arising out of, resulting from, or in any way connected with the software or its
11+
documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained
12+
from, or arose out of the results of, or use of, the software, documentation or services provided hereunder.
13+
14+
ITC Team
15+
NASA IV&V
16+
jstar-development-team@mail.nasa.gov
17+
*/
18+
19+
#ifndef CRYPTOLIB_UT_B64_H
20+
#define CRYPTOLIB_UT_B64_H
21+
22+
#ifdef __cplusplus
23+
extern "C"
24+
{
25+
#endif
26+
27+
#include "crypto.h"
28+
#include <stdio.h>
29+
30+
#ifdef __cplusplus
31+
} /* Close scope of 'extern "C"' declaration which encloses file. */
32+
#endif
33+
34+
#endif // CRYPTOLIB_UT_B64_H

0 commit comments

Comments
 (0)