Commit graph

1072 commits

Author SHA1 Message Date
Kurt Roeckx
e80f3b6af2 Cast to an unsigned type before negating
llvm's ubsan reported:
runtime error: negation of -9223372036854775808 cannot be represented in
type 'int64_t' (aka 'long'); cast to an unsigned type to negate this
value to itself

Found using libfuzzer

Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #1908
2016-11-12 14:07:31 +01:00
Dr. Stephen Henson
f962541d0b Don't set choice selector on parse failure.
Don't set choice selector on parse failure: this can pass unexpected
values to the choice callback. Instead free up partial structure
directly.

CVE-2016-7053

Thanks to Tyler Nighswander of ForAllSecure for reporting this issue.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-11-10 13:04:11 +00:00
Richard Levitte
2c16617148 Convert asn1 selftests (a_strnid and ameth_lib) into internal test
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1789)
2016-11-03 13:13:31 +01:00
Matt Caswell
3befffa39d Create BIO_write_ex() which handles size_t arguments
Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_write_ex function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28 09:48:54 +01:00
Matt Caswell
d07aee2c7a Create BIO_read_ex() which handles size_t arguments
Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_read function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28 09:48:54 +01:00
Richard Levitte
12d2ee211b Fix config option 'no-deprecated'
crypto/asn1/asn1_item_list.c needed including dh.h and rsa.h directly.
The reason is that they are not included by x509.h when configured
'no-deprecated'

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1741)
2016-10-19 12:11:56 +02:00
Patrick Steuer
34657a8da2 Fix strict-warnings build
crypto/asn1/a_strex.c: Type of width variable in asn1_valid_host
function  needs to be changed from char to signed char to avoid
build error due to '-Werror=type-limits'.

Signed-off-by: Patrick Steuer <psteuer@mail.de>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
CLA: trivial
2016-10-18 17:09:47 +01:00
Dr. Stephen Henson
6215f27a83 Fix embedded string handling.
Don't rely on embedded flag to free strings correctly: it wont be
set if there is a malloc failure during initialisation.

Thanks to Guido Vranken for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1725)
2016-10-17 14:34:00 +01:00
Dr. Stephen Henson
73a9f60dd1 Print <ABSENT> if a STACK is NULL.
If a STACK (corresponding to SEQUENCE OF or SET OF) is NULL then the
field is absent as opposed to empty (present but has zero elements).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-29 16:21:46 +01:00
Dr. Stephen Henson
56501ebd09 Add ASN1_ITEM lookup and enumerate functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-29 16:21:45 +01:00
Rich Salz
f3b3d7f003 Add -Wswitch-enum
Change code so when switching on an enumeration, have case's for all
enumeration values.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-09-22 08:36:26 -04:00
FdaSilvaYY
0fe9123687 Constify a bit X509_NAME_get_entry
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23 11:47:22 +02:00
FdaSilvaYY
9f5466b9b8 Constify some X509_NAME, ASN1 printing code
ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23 11:47:22 +02:00
FdaSilvaYY
a026fbf977 Constify some inputs buffers
remove useless cast to call ASN1_STRING_set

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23 11:47:22 +02:00
FdaSilvaYY
35da893f86 Constify ASN1_PCTX_*
... add a static keyword.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-23 11:47:22 +02:00
Matt Caswell
030648cea9 Ensure the mime_hdr_free function can handle NULLs
Sometimes it is called with a NULL pointer

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-23 00:19:15 +01:00
Dr. Stephen Henson
0b7347effe Add X509_getm_notBefore, X509_getm_notAfter
Add mutable versions of X509_get0_notBefore and X509_get0_notAfter.

Rename X509_SIG_get0_mutable to X509_SIG_getm.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-08-21 18:25:23 +01:00
Kurt Roeckx
a73be798ce Fix off by 1 in ASN1_STRING_set()
Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #3176
2016-08-20 18:53:56 +02:00
Dr. Stephen Henson
095d2f0f8a Constify i2a*
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-18 17:20:36 +01:00
Matt Caswell
604f6eff31 Convert X509_REVOKED* functions to use const getters
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-18 11:59:39 +01:00
Dr. Stephen Henson
59b4da05b4 Constify X509_SIG.
Constify X509_SIG_get0() and order arguments to mactch new standard.

Add X509_SIG_get0_mutable() to support modification or initialisation
of an X509_SIG structure.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:48:43 +01:00
Dr. Stephen Henson
8900f3e398 Convert X509* functions to use const getters
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 13:59:04 +01:00
Dr. Stephen Henson
245c6bc33b Constify private key decode.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Dr. Stephen Henson
ac4e257747 constify X509_ALGOR_get0()
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Dr. Stephen Henson
0c8006480f Constify ASN1_item_unpack().
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-17 12:01:29 +01:00
Matt Caswell
b2e57e094d Convert PKCS8* functions to use const getters
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-08-16 23:36:27 +01:00
Dr. Stephen Henson
17ebf85abd Add ASN1_STRING_get0_data(), deprecate ASN1_STRING_data().
Deprecate the function ASN1_STRING_data() and replace with a new function
ASN1_STRING_get0_data() which returns a constant pointer. Update library
to use new function.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:35 +01:00
Dr. Stephen Henson
8b9afbc0fc Check for errors in a2d_ASN1_OBJECT()
Check for error return in BN_div_word().

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-08-16 00:19:19 +01:00
Dr. Stephen Henson
262bd85fde Add X25519 methods to internal tables
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
klemens
6025001707 spelling fixes, just comments and readme.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1413)
2016-08-05 19:07:30 -04:00
Dr. Stephen Henson
3dc87806ce Free buffer in a2i_ASN1_INTEGER() on error path.
Thank to Shi Lei for reporting this bug.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 16:36:17 +01:00
FdaSilvaYY
f48ebf9f4c Constify ASN1_INTEGER_get, ASN1_ENUMERATED_get
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-04 17:02:48 +02:00
Dr. Stephen Henson
56f9953c84 Check for overlows and error return from ASN1_object_size()
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02 13:40:32 +01:00
Dr. Stephen Henson
e9f17097e9 Check for overflows in ASN1_object_size().
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-02 13:40:32 +01:00
FdaSilvaYY
d3d5dc607a Enforce and explicit some const casting
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
e83f154f6c Constify i2t_ASN1_OBJECT, i2d_ASN1_OBJECT, i2a_ASN1_OBJECT.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
dbf89a9b94 Constify ASN1_buf_print
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
FdaSilvaYY
08275a29c1 Constify ASN1_TYPE_get, ASN1_STRING_type, ASN1_STRING_to_UTF8, ASN1_TYPE_get_octetstring & co...
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1300)
2016-07-25 08:20:00 -04:00
Kurt Roeckx
1618679ac4 Cast to an unsigned type before negating
llvm's ubsan reported:
runtime error: negation of -9223372036854775808 cannot be represented in type
'long'; cast to an unsigned type to negate this value to itself

Found using afl

Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1325
2016-07-20 19:25:16 +02:00
Kurt Roeckx
69588edbaa Check for errors allocating the error strings.
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
2016-07-20 19:20:53 +02:00
Dr. Stephen Henson
ad72d9fdf7 Check and print out boolean type properly.
If underlying type is boolean don't check field is NULL.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-19 02:33:05 +01:00
Dr. Stephen Henson
3cea73a7fc Fix print of ASN.1 BIGNUM type.
The ASN.1 BIGNUM type needs to be handled in a custom way as it is
not a generic ASN1_STRING type.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-18 17:53:05 +01:00
Kurt Roeckx
5e3553c2de Return error when trying to print invalid ASN1 integer
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1322
2016-07-16 21:51:49 +02:00
Dr. Stephen Henson
5bd5dcd496 Add nameConstraints commonName checking.
New hostname checking function asn1_valid_host()

Check commonName entries against nameConstraints: any CN components in
EE certificate which look like hostnames are checked against
nameConstraints.

Note that RFC5280 et al only require checking subject alt name against
DNS name constraints.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-11 23:30:04 +01:00
Dr. Stephen Henson
b385889640 Don't indicate errors during initial adb decode.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-07-06 02:41:14 +01:00
FdaSilvaYY
68efafc513 Add checks on sk_TYPE_push() returned value
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-07-05 17:45:50 +01:00
FdaSilvaYY
02e112a885 Whitespace cleanup in crypto
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1264)
2016-06-29 09:56:39 -04:00
Kurt Roeckx
5bea15ebb3 Avoid signed overflow
Found by afl

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #3013
2016-06-24 18:17:10 +02:00
Matt Caswell
d6079a87db Fix ASN1_STRING_to_UTF8 could not convert NumericString
tag2nbyte had -1 at 18th position, but underlying ASN1_mbstring_copy
supports NumericString. tag2nbyte is also used in do_print_ex which will
not be broken by setting 1 at 18th position of tag2nbyte

Reviewed-by: Stephen Henson <steve@openssl.org>
2016-06-23 20:49:43 +01:00
FdaSilvaYY
687b486859 Rework error handling from asn1_do_lock method.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-23 14:00:47 +01:00