Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/rsa: rsa.SignPSS panics when salt length is -2 or less #54803

Closed
haydentherapper opened this issue Aug 31, 2022 · 3 comments
Closed

crypto/rsa: rsa.SignPSS panics when salt length is -2 or less #54803

haydentherapper opened this issue Aug 31, 2022 · 3 comments
Assignees
@rolandshoemaker
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone
Go1.20

Comments

@haydentherapper
Copy link

What version of Go are you using (go version)?

$ go version

Go 1.19

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env

What did you do?

When calling rsa.SignPSS, you can provide a salt length in PSSOptions. When providing a negative salt length of -2 or less, a panic occurs when constructing the array. Note that -1 does not panic since it is handled in the case statement.

Proof: https://go.dev/play/p/uSgZHLJvoJJ
Line: https://go.dev/src/crypto/rsa/pss.go#L302

What did you expect to see?

A negative salt length handled gracefully, returning an error.

What did you see instead?

panic: runtime error: makeslice: len out of range

goroutine 1 [running]:
crypto/rsa.SignPSS({0x4ddb80, 0xc000060020}, 0xc000062180, 0x0?, {0xc0002ee000, 0x20, 0x20}, 0x40bd5d?)
	/usr/local/go-faketime/src/crypto/rsa/pss.go:302 +0x165
main.main()
	/tmp/sandbox3866896442/prog.go:17 +0x105
@gopherbot
Copy link

Change https://go.dev/cl/427374 mentions this issue: crypto/rsa: properly handle invalid PSS salt lengths

@heschi heschi added the NeedsFix The path to resolution is known, but the work has not been done. label Sep 1, 2022
@heschi heschi added this to the Backlog milestone Sep 1, 2022
@heschi
Copy link
Contributor

heschi commented Sep 1, 2022

cc @golang/security

@rolandshoemaker rolandshoemaker self-assigned this Sep 1, 2022
@gopherbot
Copy link

Change https://go.dev/cl/426659 mentions this issue: crypto/rsa,crypto/internal/boring: fix PSS salt handling

@dmitshur dmitshur modified the milestones: Backlog, Go1.20 Sep 28, 2022
@rolandshoemaker rolandshoemaker mentioned this issue Feb 1, 2023
Closed
@golang golang locked and limited conversation to collaborators Sep 28, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@rolandshoemaker rolandshoemaker

Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Milestone
Go1.20
Development

No branches or pull requests
5 participants
@dmitshur @rolandshoemaker @haydentherapper @gopherbot @heschi