From 38eca7fed09a57c1b7a05d651af2c667b3e87719 Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Tue, 7 Aug 2018 04:55:47 +0200 Subject: [PATCH] Make EVP_PKEY_asn1_new() stricter with its input Reviewed-by: Matthias St. Pierre Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/6880) --- CHANGES | 5 +++++ crypto/asn1/ameth_lib.c | 12 ++++++++++++ test/asn1_internal_test.c | 20 +++++++++++++++++++- 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 780591290b..4b31ac79ba 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,11 @@ Changes between 1.1.0h and 1.1.1 [xx XXX xxxx] + *) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str + parameter is no longer accepted, as it leads to a corrupt table. NULL + pem_str is reserved for alias entries only. + [Richard Levitte] + *) Use the new ec_scalar_mul_ladder scaffold to implement a specialized ladder step for prime curves. The new implementation is based on formulae from differential addition-and-doubling in homogeneous projective coordinates diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index 9b3274bc4e..9a1644148a 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -216,6 +216,18 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, goto err; } + /* + * One of the following must be true: + * + * pem_str == NULL AND ASN1_PKEY_ALIAS is set + * pem_str != NULL AND ASN1_PKEY_ALIAS is clear + * + * Anything else is an error and may lead to a corrupt ASN1 method table + */ + if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0) + || (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0))) + goto err; + if (pem_str) { ameth->pem_str = OPENSSL_strdup(pem_str); if (!ameth->pem_str) diff --git a/test/asn1_internal_test.c b/test/asn1_internal_test.c index ab4dc353c4..fa69dc7a9e 100644 --- a/test/asn1_internal_test.c +++ b/test/asn1_internal_test.c @@ -67,6 +67,7 @@ static int test_standard_methods(void) const EVP_PKEY_ASN1_METHOD **tmp; int last_pkey_id = -1; size_t i; + int ok = 1; for (tmp = standard_methods, i = 0; i < OSSL_NELEM(standard_methods); i++, tmp++) { @@ -75,11 +76,28 @@ static int test_standard_methods(void) break; } last_pkey_id = (*tmp)->pkey_id; + + /* + * One of the following must be true: + * + * pem_str == NULL AND ASN1_PKEY_ALIAS is set + * pem_str != NULL AND ASN1_PKEY_ALIAS is clear + * + * Anything else is an error and may lead to a corrupt ASN1 method table + */ + if (!TEST_true((*tmp)->pem_str == NULL && + ((*tmp)->pkey_flags & ASN1_PKEY_ALIAS) != 0) + && !TEST_true((*tmp)->pem_str != NULL && + ((*tmp)->pkey_flags & ASN1_PKEY_ALIAS) == 0)) { + TEST_note("asn1 standard methods: Index %zu, pkey ID %d, Name=%s", + i, (*tmp)->pkey_id, OBJ_nid2sn((*tmp)->pkey_id)); + ok = 0; + } } if (TEST_int_ne(last_pkey_id, 0)) { TEST_info("asn1 standard methods: Table order OK"); - return 1; + return ok; } TEST_note("asn1 standard methods: out of order");