diff options
| author |  vnugent <public@vaughnnugent.com> | 2024-07-27 00:05:07 -0400 |
|---|---|---|
| committer | vnugent <public@vaughnnugent.com> | 2024-07-27 00:05:07 -0400 |
| commit | 1640f79776c6b291b49a39a6128c05888fc4153e (patch) | |
| tree | be2e2b3dbf3e38f10c914ce5d017129d8b66566b | |
| parent | 07de078a3b5b7b0043d9f81bb5a9e750a3a0c7c1 (diff) | |
fix: Potential overflow in nip44 padding calculation
| -rw-r--r-- | include/noscrypt.h | 2 | ||||
| -rw-r--r-- | include/noscryptutil.h | 2 | ||||
| -rw-r--r-- | src/noscryptutil.c | 27 |
3 files changed, 23 insertions, 8 deletions
diff --git a/include/noscrypt.h b/include/noscrypt.h index b91bc2b..de5d2ac 100644 --- a/include/noscrypt.h +++ b/include/noscrypt.h @@ -85,7 +85,7 @@ extern "C" { * https://github.com/nostr-protocol/nips/blob/master/44.md#decryption */ #define NIP44_MIN_ENC_MESSAGE_SIZE 0x01 -#define NIP44_MAX_ENC_MESSAGE_SIZE 0xffff +#define NIP44_MAX_ENC_MESSAGE_SIZE UINT16_MAX #define NC_ENC_VERSION_NIP04 0x04 #define NC_ENC_VERSION_NIP44 0x2c diff --git a/include/noscryptutil.h b/include/noscryptutil.h index a5e460f..bd60c79 100644 --- a/include/noscryptutil.h +++ b/include/noscryptutil.h @@ -40,6 +40,8 @@ extern "C" { #define E_CIPHER_BAD_NONCE -12 #define E_CIPHER_MAC_INVALID -13 #define E_CIPHER_NO_OUTPUT -14 +#define E_CIPHER_BAD_INPUT -15 +#define E_CIPHER_BAD_INPUT_SIZE -16 #define NC_UTIL_CIPHER_MODE_ENCRYPT 0x00u #define NC_UTIL_CIPHER_MODE_DECRYPT 0x01u diff --git a/src/noscryptutil.c b/src/noscryptutil.c index c47da13..6b4a157 100644 --- a/src/noscryptutil.c +++ b/src/noscryptutil.c @@ -45,6 +45,12 @@ #define NIP44_MIN_PAYLOAD_SIZE (NIP44_VERSION_SIZE + 0x20 + 0x02 + 0x20 + 0x02) /* +* Max payload size is the maximum size of the encrypted message +* 1 byte version + 32 byte nonce + 32 byte mac + maximum ciphertext size +*/ +#define NIP44_MAX_PAYLOAD_SIZE (NIP44_VERSION_SIZE + 0x20 + 0x20 + NIP44_MAX_ENC_MESSAGE_SIZE) + +/* * The minimum ciphertext size is the minimum padded size + the minimum * size of the plaintext length field */ @@ -607,6 +613,11 @@ NC_EXPORT NCResult NC_CC NCUtilGetEncryptionPaddedSize(uint32_t encVersion, uint case NC_ENC_VERSION_NIP44: + /* + * Ensure the plaintext size if a nip44 message does not exceed the maximum size + */ + CHECK_ARG_IS(plaintextSize - 1 <= NIP44_MAX_ENC_MESSAGE_SIZE, 1); + return (NCResult)(_calcNip44PtPadding(plaintextSize)); } } @@ -696,12 +707,12 @@ NC_EXPORT NCResult NC_CC NCUtilCipherInit( { if (inputSize < NIP44_MIN_PAYLOAD_SIZE) { - return E_CIPHER_INVALID_FORMAT; + return E_CIPHER_BAD_INPUT_SIZE; } - if (inputSize > NIP44_MAX_ENC_MESSAGE_SIZE) + if (inputSize > NIP44_MAX_PAYLOAD_SIZE) { - return E_CIPHER_INVALID_FORMAT; + return E_CIPHER_BAD_INPUT_SIZE; } /* Ensure the first byte is a valid version */ @@ -732,13 +743,15 @@ NC_EXPORT NCResult NC_CC NCUtilCipherInit( * data for the given state version */ outputSize = NCUtilGetEncryptionBufferSize(encCtx->encArgs.version, inputSize); - } - if (outputSize <= 0) - { - return outputSize; + if (outputSize < 0) + { + return E_CIPHER_BAD_INPUT_SIZE; + } } + DEBUG_ASSERT(outputSize > 0); + /* * If the buffer was previously allocated, the reuseable flag * must be set to allow the buffer to be re-used for another |