TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / fe724fe618946772c3a7906de945d46dc9354c83^! / . / include / mbedtls / pkcs12.h
commitfe724fe618946772c3a7906de945d46dc9354c83[log] [tgz]
authorPaul Elliott <paul.elliott@arm.com>Thu Nov 11 19:00:38 2021 +0000
committerPaul Elliott <paul.elliott@arm.com>Fri Dec 10 17:48:12 2021 +0000
treedee7171eba923006eb9743b7dc7d80d9ffa130bc
parent18a59b7d4ca5d896ffe27af8a9ad8c87f7d11ab9 [diff] [blame]
Fix for pkcs12 with NULL or zero length password

Previously passing a NULL or zero length password into either
mbedtls_pkcs12_pbe() or mbedtls_pkcs12_derive() could cause an infinate
loop, and it was also possible to pass a NULL password, with a non-zero
length, which would cause memory corruption.
I have fixed these errors, and improved the documentation to reflect the
changes and further explain what is expected of the inputs.

Signed-off-by: Paul Elliott <paul.elliott@arm.com>

diff --git a/include/mbedtls/pkcs12.h b/include/mbedtls/pkcs12.h
index ba9180b..fbf2378 100644
--- a/include/mbedtls/pkcs12.h
+++ b/include/mbedtls/pkcs12.h

@@ -79,11 +79,13 @@
  * \brief            PKCS12 Password Based function (encryption / decryption)
  *                   for cipher-based and mbedtls_md-based PBE's
  *
- * \param pbe_params an ASN1 buffer containing the pkcs-12PbeParams structure
- * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or MBEDTLS_PKCS12_PBE_DECRYPT
+ * \param pbe_params an ASN1 buffer containing the pkcs-12 PbeParams structure
+ * \param mode       either MBEDTLS_PKCS12_PBE_ENCRYPT or
+ *                   MBEDTLS_PKCS12_PBE_DECRYPT
  * \param cipher_type the cipher used
- * \param md_type     the mbedtls_md used
- * \param pwd        the password used (may be NULL if no password is used)
+ * \param md_type    the mbedtls_md used
+ * \param pwd        Latin1-encoded password used (may be NULL if no password is
+ *                   used, but not if pwdlen is non-zero)
  * \param pwdlen     length of the password (may be 0)
  * \param input      the input data
  * \param len        data length
@@ -108,14 +110,16 @@
  *                   integrity key.
  *
  * \param data       buffer to store the derived data in
- * \param datalen    length to fill
- * \param pwd        password to use (may be NULL if no password is used)
+ * \param datalen    length of buffer to fill
+ * \param pwd        Null terminated BMPString password to use (may be NULL if
+ *                   no password is used, but not if pwdlen is non-zero)
  * \param pwdlen     length of the password (may be 0)
  * \param salt       salt buffer to use
  * \param saltlen    length of the salt
- * \param mbedtls_md         mbedtls_md type to use during the derivation
- * \param id         id that describes the purpose (can be MBEDTLS_PKCS12_DERIVE_KEY,
- *                   MBEDTLS_PKCS12_DERIVE_IV or MBEDTLS_PKCS12_DERIVE_MAC_KEY)
+ * \param mbedtls_md mbedtls_md type to use during the derivation
+ * \param id         id that describes the purpose (can be
+ *                   MBEDTLS_PKCS12_DERIVE_KEY, MBEDTLS_PKCS12_DERIVE_IV or
+ *                   MBEDTLS_PKCS12_DERIVE_MAC_KEY)
  * \param iterations number of iterations
  *
  * \return          0 if successful, or a MD, BIGNUM type error.