Merge pull request #1992 from stephentoub/aes_overflow

Fix overflowing key size in AesImplementation

Author: stephentoub

src/System.Security.Cryptography.Encryption.Aes/src/Internal/Cryptography/AesImplementation.cs

@@ -41,11 +41,17 @@ private ICryptoTransform CreateTransform(byte[] rgbKey, byte[] rgbIV, bool encry
         {
             if (rgbKey == null)
                 throw new ArgumentNullException("key");
-            int keySize = rgbKey.Length * BitsPerByte;
-            if (!keySize.IsLegalSize(this.LegalKeySizes))
-                throw new ArgumentException(SR.Format(SR.Cryptography_InvalidKeySize, "key"));
-            if (rgbIV != null && rgbIV.Length * BitsPerByte != BlockSize)
-                throw new ArgumentException(SR.Format(SR.Cryptography_InvalidIVSize, "iv"));
+
+            long keySize = rgbKey.Length * (long)BitsPerByte;
+            if (keySize > int.MaxValue || !((int)keySize).IsLegalSize(this.LegalKeySizes))
+                throw new ArgumentException(SR.Cryptography_InvalidKeySize, "key");
+
+            if (rgbIV != null)
+            {
+                long ivSize = rgbIV.Length * (long)BitsPerByte;
+                if (ivSize != BlockSize)
+                    throw new ArgumentException(SR.Cryptography_InvalidIVSize, "iv");
+            }
 
             if (encrypting)
                 return CreateEncryptor(Mode, Padding, rgbKey, rgbIV, BlockSize / BitsPerByte);

src/System.Security.Cryptography.Encryption.Aes/tests/AesContractTests.cs

@@ -57,6 +57,59 @@ public static void LegalKeySizes()
             }
         }
 
+        [Theory]
+        [InlineData(64)]        // too small
+        [InlineData(129)]       // in valid range but not valid increment
+        [InlineData(384)]       // too large
+        [InlineData(536870928)] // number of bits overflows and wraps around to a valid size
+        public static void InvalidKeySizes(int invalidKeySize)
+        {
+            using (Aes aes = Aes.Create())
+            {
+                // Test KeySize property
+                Assert.Throws<CryptographicException>(() => aes.KeySize = invalidKeySize);
+
+                // Test passing a key to CreateEncryptor and CreateDecryptor
+                aes.GenerateIV();
+                byte[] iv = aes.IV;
+                byte[] key;
+                try
+                {
+                    key = new byte[invalidKeySize];
+                }
+                catch (OutOfMemoryException) // in case there isn't enough memory at test-time to allocate the large array
+                {
+                    return;
+                }
+                Assert.Throws<ArgumentException>("key", () => aes.CreateEncryptor(key, iv));
+                Assert.Throws<ArgumentException>("key", () => aes.CreateDecryptor(key, iv));
+            }
+        }
+
+        [Theory]
+        [InlineData(64)]        // smaller than default BlockSize
+        [InlineData(129)]       // larger than default BlockSize
+        [InlineData(536870928)] // number of bits overflows and wraps around to default BlockSize
+        public static void InvalidIVSizes(int invalidIvSize)
+        {
+            using (Aes aes = Aes.Create())
+            {
+                aes.GenerateKey();
+                byte[] key = aes.Key;
+                byte[] iv;
+                try
+                {
+                    iv = new byte[invalidIvSize];
+                }
+                catch (OutOfMemoryException) // in case there isn't enough memory at test-time to allocate the large array
+                {
+                    return;
+                }
+                Assert.Throws<ArgumentException>("iv", () => aes.CreateEncryptor(key, iv));
+                Assert.Throws<ArgumentException>("iv", () => aes.CreateDecryptor(key, iv));
+            }
+        }
+
         [Fact]
         public static void VerifyKeyGeneration_Default()
         {