diff --git a/phpseclib/Math/BinaryField.php b/phpseclib/Math/BinaryField.php index ed8f71ed..22a983b2 100644 --- a/phpseclib/Math/BinaryField.php +++ b/phpseclib/Math/BinaryField.php @@ -50,6 +50,15 @@ class BinaryField extends FiniteField public function __construct(...$indices) { $m = array_shift($indices); + if ($m > 571) { + /* sect571r1 and sect571k1 are the largest binary curves that https://www.secg.org/sec2-v2.pdf defines + altho theoretically there may be legit reasons to use binary finite fields with larger degrees + imposing a limit on the maximum size is both reasonable and precedented. in particular, + http://tools.ietf.org/html/rfc4253#section-6.1 (The Secure Shell (SSH) Transport Layer Protocol) says + "implementations SHOULD check that the packet length is reasonable in order for the implementation to + avoid denial of service and/or buffer overflow attacks" */ + throw new \OutOfBoundsException('Degrees larger than 571 are not supported'); + } $val = str_repeat('0', $m) . '1'; foreach ($indices as $index) { $val[$index] = '1'; diff --git a/tests/Unit/Crypt/EC/KeyTest.php b/tests/Unit/Crypt/EC/KeyTest.php index 8241d2d0..8ec2eabd 100644 --- a/tests/Unit/Crypt/EC/KeyTest.php +++ b/tests/Unit/Crypt/EC/KeyTest.php @@ -706,4 +706,20 @@ cN6W+k8UvGf+Y/lDWNbFitQocabsDUvSN0edHH3UKP5QPTz4cOlyIPMrXQ== $this->assertTrue($key->verify('hello world!', $signature)); } + + public function testExcessivelyLargeBinaryField() + { + $this->expectException('\OutOfBoundsException'); + + $key = '-----BEGIN PUBLIC KEY----- +MIIBDDCB0wYHKoZIzj0CATCBxwIBATAgBgcqhkjOPQECMBUCBH////8GCSqGSM49 +AQIDAgICAMEwTQQZABeFj+t6mJdRaeFx93tAh94JisipEd97AQQZAP37Sb/mw6if +rK2qeh5bvHzBwuXYMUeIFAMVABA/rsdNaW5naHVhUXV3f8Wxke8wBDMEAfSBvF8P ++Ep0rWzfb970v2F5YlNy2MDF4QAl45nykDcSzPPqnjoa0X+wsyAbavfOGwUCGQEA +AAAAAAAAAAAAAADH80p3j0Q6zJIOukkCAQIDNAAEAE2mUTAwdPK952h3G8ZinK8B +z9DYTLdGkQDqox3AtEs9nn6kE1O/vHE4bqMegjj4gbA= +-----END PUBLIC KEY-----'; + $key = EC::loadFormat('PKCS8', $key); + $this->assertInstanceOf(PublicKey::class, $key); + } }