make sure PKCS#5 iteration count is a "positive integer"

sjaeckel · sjaeckel · commit 11978c16d7c7 · 2020-12-21T13:53:36.000+01:00
This fixes #552
diff --git a/src/misc/pkcs5/pkcs_5_1.c b/src/misc/pkcs5/pkcs_5_1.c
@@ -50,6 +50,10 @@ static int s_pkcs_5_alg1_common(const unsigned char *password,
    LTC_ARGCHK(out      != NULL);
    LTC_ARGCHK(outlen   != NULL);
 
+   if (iteration_count <= 0) {
+      return CRYPT_INVALID_ARG;
+   }
+
    /* test hash IDX */
    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
       return err;
diff --git a/src/misc/pkcs5/pkcs_5_2.c b/src/misc/pkcs5/pkcs_5_2.c
@@ -36,6 +36,10 @@ int pkcs_5_alg2(const unsigned char *password, unsigned long password_len,
    LTC_ARGCHK(out      != NULL);
    LTC_ARGCHK(outlen   != NULL);
 
+   if (iteration_count <= 0) {
+      return CRYPT_INVALID_ARG;
+   }
+
    /* test hash IDX */
    if ((err = hash_is_valid(hash_idx)) != CRYPT_OK) {
       return err;
