Check for trailing data in TRUST_TOKEN_CLIENT_finish_issuance.
Change-Id: I2dec3ca3651c81e25370dfd7d10bd27c1803cc38
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/40847
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
diff --git a/crypto/trust_token/trust_token.c b/crypto/trust_token/trust_token.c
index 9826f42..08040f5 100644
--- a/crypto/trust_token/trust_token.c
+++ b/crypto/trust_token/trust_token.c
@@ -276,6 +276,11 @@
}
}
+ if (CBS_len(&in) != 0) {
+ OPENSSL_PUT_ERROR(TRUST_TOKEN, TRUST_TOKEN_R_DECODE_FAILURE);
+ goto err;
+ }
+
sk_PMBTOKEN_PRETOKEN_pop_free(ctx->pretokens, PMBTOKEN_PRETOKEN_free);
ctx->pretokens = NULL;
diff --git a/crypto/trust_token/trust_token_test.cc b/crypto/trust_token/trust_token_test.cc
index 5ab3995..ce832db 100644
--- a/crypto/trust_token/trust_token_test.cc
+++ b/crypto/trust_token/trust_token_test.cc
@@ -182,6 +182,30 @@
ASSERT_FALSE(tokens);
}
+TEST_F(TrustTokenProtocolTest, ExtraDataIssuanceResponse) {
+ ASSERT_NO_FATAL_FAILURE(SetupContexts());
+
+ uint8_t *request = NULL, *response = NULL;
+ size_t request_len, response_len;
+ ASSERT_TRUE(TRUST_TOKEN_CLIENT_begin_issuance(client.get(), &request,
+ &request_len, 10));
+ bssl::UniquePtr<uint8_t> free_request(request);
+ uint8_t tokens_issued;
+ ASSERT_TRUE(TRUST_TOKEN_ISSUER_issue(issuer.get(), &response, &response_len,
+ &tokens_issued, request, request_len,
+ /*public_metadata=*/KeyID(0),
+ /*private_metadata=*/0,
+ /*max_issuance=*/10));
+ bssl::UniquePtr<uint8_t> free_response(response);
+ std::vector<uint8_t> response2(response, response + response_len);
+ response2.push_back(0);
+ size_t key_index;
+ bssl::UniquePtr<STACK_OF(TRUST_TOKEN)> tokens(
+ TRUST_TOKEN_CLIENT_finish_issuance(client.get(), &key_index,
+ response2.data(), response2.size()));
+ ASSERT_FALSE(tokens);
+}
+
TEST_F(TrustTokenProtocolTest, TruncatedRedemptionRequest) {
ASSERT_NO_FATAL_FAILURE(SetupContexts());
