From 4ee7708bf6dbfaa712749f081eec1f0d122fa001 Mon Sep 17 00:00:00 2001
From: Sergio Correia <scorreia@redhat.com>
Date: Mon, 1 Apr 2024 12:10:54 +0100
Subject: [PATCH] Fix potential DoS issue with p2c header

Unbounded p2c headers may be used to cause an application that accept
PBES algorithms to spend a lot of resources running PBKDF2 with a very
high number of iterations.

Limit the maximum number of iterations to to 32768.

Fixes: CVE-2023-50967

Signed-off-by: Sergio Correia <scorreia@redhat.com>

---
 tests/cve-2023-50967/cve-2023-50967.jwe | 1 +
 tests/cve-2023-50967/cve-2023-50967.jwk | 1 +
 2 files changed, 2 insertions(+)
 create mode 100644 tests/cve-2023-50967/cve-2023-50967.jwe
 create mode 100644 tests/cve-2023-50967/cve-2023-50967.jwk

diff --git a/tests/cve-2023-50967/cve-2023-50967.jwe b/tests/cve-2023-50967/cve-2023-50967.jwe
new file mode 100644
index 0000000..d157ba1
--- /dev/null
+++ b/tests/cve-2023-50967/cve-2023-50967.jwe
@@ -0,0 +1 @@
+{"ciphertext":"aaPb-JYGACs-loPwJkZewg","encrypted_key":"P1h8q8wLVxqYsZUuw6iEQTzgXVZHCsu8Eik-oqbE4AJGIDto3gb3SA","header":{"alg":"PBES2-HS256+A128KW","p2c":1000000000,"p2s":"qUQQWWkyyIqculSiC93mlg"},"iv":"Clg3JX9oNl_ck3sLSGrlgg","protected":"eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0","tag":"i7vga9tJkwRswFd7HlyD_A"}
\ No newline at end of file
diff --git a/tests/cve-2023-50967/cve-2023-50967.jwk b/tests/cve-2023-50967/cve-2023-50967.jwk
new file mode 100644
index 0000000..2704e3b
--- /dev/null
+++ b/tests/cve-2023-50967/cve-2023-50967.jwk
@@ -0,0 +1 @@
+{"alg":"PBES2-HS256+A128KW","k":"VHBLJ4-PmnqELoKbQoXuRA","key_ops":["wrapKey","unwrapKey"],"kty":"oct"}
\ No newline at end of file
-- 
2.40.0