|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/asn1/a_bitstr.c.cert-fingerprint openssl-1.0.1e/crypto/asn1/a_bitstr.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/asn1/a_bitstr.c.cert-fingerprint 2013-02-11 16:26:04.000000000 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/asn1/a_bitstr.c 2015-01-13 12:23:36.090478923 +0100
|
|
|
78ef1d |
@@ -136,11 +136,16 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN
|
|
|
78ef1d |
|
|
|
78ef1d |
p= *pp;
|
|
|
78ef1d |
i= *(p++);
|
|
|
78ef1d |
+ if (i > 7)
|
|
|
78ef1d |
+ {
|
|
|
78ef1d |
+ i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
|
|
|
78ef1d |
+ goto err;
|
|
|
78ef1d |
+ }
|
|
|
78ef1d |
/* We do this to preserve the settings. If we modify
|
|
|
78ef1d |
* the settings, via the _set_bit function, we will recalculate
|
|
|
78ef1d |
* on output */
|
|
|
78ef1d |
ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
|
|
|
78ef1d |
- ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
|
|
|
78ef1d |
+ ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|i); /* set */
|
|
|
78ef1d |
|
|
|
78ef1d |
if (len-- > 1) /* using one because of the bits left byte */
|
|
|
78ef1d |
{
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/asn1/asn1_err.c.cert-fingerprint openssl-1.0.1e/crypto/asn1/asn1_err.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/asn1/asn1_err.c.cert-fingerprint 2013-02-11 16:26:04.000000000 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/asn1/asn1_err.c 2015-01-13 12:23:36.090478923 +0100
|
|
|
78ef1d |
@@ -246,6 +246,7 @@ static ERR_STRING_DATA ASN1_str_reasons[
|
|
|
78ef1d |
{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"},
|
|
|
78ef1d |
{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
|
|
|
78ef1d |
{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
|
|
|
78ef1d |
+{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),"invalid bit string bits left"},
|
|
|
78ef1d |
{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
|
|
|
78ef1d |
{ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
|
|
|
78ef1d |
{ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"},
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/asn1/asn1.h.cert-fingerprint openssl-1.0.1e/crypto/asn1/asn1.h
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/asn1/asn1.h.cert-fingerprint 2015-01-13 11:44:11.999013082 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/asn1/asn1.h 2015-01-13 12:23:36.090478923 +0100
|
|
|
78ef1d |
@@ -776,7 +776,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE,
|
|
|
78ef1d |
int ASN1_TYPE_get(ASN1_TYPE *a);
|
|
|
78ef1d |
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
|
|
|
78ef1d |
int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
|
|
|
78ef1d |
-int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
|
|
|
78ef1d |
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
|
|
|
78ef1d |
|
|
|
78ef1d |
ASN1_OBJECT * ASN1_OBJECT_new(void );
|
|
|
78ef1d |
void ASN1_OBJECT_free(ASN1_OBJECT *a);
|
|
|
78ef1d |
@@ -1329,6 +1329,7 @@ void ERR_load_ASN1_strings(void);
|
|
|
78ef1d |
#define ASN1_R_ILLEGAL_TIME_VALUE 184
|
|
|
78ef1d |
#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
|
|
|
78ef1d |
#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
|
|
|
78ef1d |
+#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
|
|
|
78ef1d |
#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
|
|
|
78ef1d |
#define ASN1_R_INVALID_DIGIT 130
|
|
|
78ef1d |
#define ASN1_R_INVALID_MIME_TYPE 205
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/asn1/a_type.c.cert-fingerprint openssl-1.0.1e/crypto/asn1/a_type.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/asn1/a_type.c.cert-fingerprint 2013-02-11 16:26:04.000000000 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/asn1/a_type.c 2015-01-13 12:43:36.779633480 +0100
|
|
|
78ef1d |
@@ -113,7 +113,7 @@ IMPLEMENT_STACK_OF(ASN1_TYPE)
|
|
|
78ef1d |
IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
|
|
|
78ef1d |
|
|
|
78ef1d |
/* Returns 0 if they are equal, != 0 otherwise. */
|
|
|
78ef1d |
-int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
|
|
|
78ef1d |
+int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
|
|
|
78ef1d |
{
|
|
|
78ef1d |
int result = -1;
|
|
|
78ef1d |
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/asn1/a_verify.c.cert-fingerprint openssl-1.0.1e/crypto/asn1/a_verify.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/asn1/a_verify.c.cert-fingerprint 2015-01-13 11:44:12.308020070 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/asn1/a_verify.c 2015-01-13 11:44:12.413022445 +0100
|
|
|
78ef1d |
@@ -93,6 +93,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_A
|
|
|
78ef1d |
ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
|
|
|
78ef1d |
goto err;
|
|
|
78ef1d |
}
|
|
|
78ef1d |
+
|
|
|
78ef1d |
+ if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
|
|
|
78ef1d |
+ {
|
|
|
78ef1d |
+ ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
|
|
|
78ef1d |
+ goto err;
|
|
|
78ef1d |
+ }
|
|
|
78ef1d |
|
|
|
78ef1d |
inl=i2d(data,NULL);
|
|
|
78ef1d |
buf_in=OPENSSL_malloc((unsigned int)inl);
|
|
|
78ef1d |
@@ -149,6 +155,12 @@ int ASN1_item_verify(const ASN1_ITEM *it
|
|
|
78ef1d |
return -1;
|
|
|
78ef1d |
}
|
|
|
78ef1d |
|
|
|
78ef1d |
+ if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
|
|
|
78ef1d |
+ {
|
|
|
78ef1d |
+ ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
|
|
|
78ef1d |
+ return -1;
|
|
|
78ef1d |
+ }
|
|
|
78ef1d |
+
|
|
|
78ef1d |
EVP_MD_CTX_init(&ctx;;
|
|
|
78ef1d |
|
|
|
78ef1d |
/* Convert signature OID into digest and public key OIDs */
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/asn1/x_algor.c.cert-fingerprint openssl-1.0.1e/crypto/asn1/x_algor.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/asn1/x_algor.c.cert-fingerprint 2013-02-11 16:26:04.000000000 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/asn1/x_algor.c 2015-01-13 12:43:36.780633502 +0100
|
|
|
78ef1d |
@@ -142,3 +142,14 @@ void X509_ALGOR_set_md(X509_ALGOR *alg,
|
|
|
78ef1d |
X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
|
|
|
78ef1d |
|
|
|
78ef1d |
}
|
|
|
78ef1d |
+
|
|
|
78ef1d |
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
|
|
|
78ef1d |
+ {
|
|
|
78ef1d |
+ int rv;
|
|
|
78ef1d |
+ rv = OBJ_cmp(a->algorithm, b->algorithm);
|
|
|
78ef1d |
+ if (rv)
|
|
|
78ef1d |
+ return rv;
|
|
|
78ef1d |
+ if (!a->parameter && !b->parameter)
|
|
|
78ef1d |
+ return 0;
|
|
|
78ef1d |
+ return ASN1_TYPE_cmp(a->parameter, b->parameter);
|
|
|
78ef1d |
+ }
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/dsa/dsa_asn1.c.cert-fingerprint openssl-1.0.1e/crypto/dsa/dsa_asn1.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/dsa/dsa_asn1.c.cert-fingerprint 2013-02-11 16:26:04.000000000 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/dsa/dsa_asn1.c 2015-01-13 11:44:12.414022468 +0100
|
|
|
78ef1d |
@@ -176,13 +176,25 @@ int DSA_verify(int type, const unsigned
|
|
|
78ef1d |
const unsigned char *sigbuf, int siglen, DSA *dsa)
|
|
|
78ef1d |
{
|
|
|
78ef1d |
DSA_SIG *s;
|
|
|
78ef1d |
+ const unsigned char *p = sigbuf;
|
|
|
78ef1d |
+ unsigned char *der = NULL;
|
|
|
78ef1d |
+ int derlen = -1;
|
|
|
78ef1d |
int ret=-1;
|
|
|
78ef1d |
|
|
|
78ef1d |
s = DSA_SIG_new();
|
|
|
78ef1d |
if (s == NULL) return(ret);
|
|
|
78ef1d |
- if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
|
|
|
78ef1d |
+ if (d2i_DSA_SIG(&s,&p,siglen) == NULL) goto err;
|
|
|
78ef1d |
+ /* Ensure signature uses DER and doesn't have trailing garbage */
|
|
|
78ef1d |
+ derlen = i2d_DSA_SIG(s, &der;;
|
|
|
78ef1d |
+ if (derlen != siglen || memcmp(sigbuf, der, derlen))
|
|
|
78ef1d |
+ goto err;
|
|
|
78ef1d |
ret=DSA_do_verify(dgst,dgst_len,s,dsa);
|
|
|
78ef1d |
err:
|
|
|
78ef1d |
+ if (derlen > 0)
|
|
|
78ef1d |
+ {
|
|
|
78ef1d |
+ OPENSSL_cleanse(der, derlen);
|
|
|
78ef1d |
+ OPENSSL_free(der);
|
|
|
78ef1d |
+ }
|
|
|
78ef1d |
DSA_SIG_free(s);
|
|
|
78ef1d |
return(ret);
|
|
|
78ef1d |
}
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/ecdsa/ecs_vrf.c.cert-fingerprint openssl-1.0.1e/crypto/ecdsa/ecs_vrf.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/ecdsa/ecs_vrf.c.cert-fingerprint 2013-02-11 16:02:48.000000000 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/ecdsa/ecs_vrf.c 2015-01-13 11:44:12.414022468 +0100
|
|
|
78ef1d |
@@ -57,6 +57,7 @@
|
|
|
78ef1d |
*/
|
|
|
78ef1d |
|
|
|
78ef1d |
#include "ecs_locl.h"
|
|
|
78ef1d |
+#include "cryptlib.h"
|
|
|
78ef1d |
#ifndef OPENSSL_NO_ENGINE
|
|
|
78ef1d |
#include <openssl/engine.h>
|
|
|
78ef1d |
#endif
|
|
|
78ef1d |
@@ -84,13 +85,25 @@ int ECDSA_verify(int type, const unsigne
|
|
|
78ef1d |
const unsigned char *sigbuf, int sig_len, EC_KEY *eckey)
|
|
|
78ef1d |
{
|
|
|
78ef1d |
ECDSA_SIG *s;
|
|
|
78ef1d |
+ const unsigned char *p = sigbuf;
|
|
|
78ef1d |
+ unsigned char *der = NULL;
|
|
|
78ef1d |
+ int derlen = -1;
|
|
|
78ef1d |
int ret=-1;
|
|
|
78ef1d |
|
|
|
78ef1d |
s = ECDSA_SIG_new();
|
|
|
78ef1d |
if (s == NULL) return(ret);
|
|
|
78ef1d |
- if (d2i_ECDSA_SIG(&s, &sigbuf, sig_len) == NULL) goto err;
|
|
|
78ef1d |
+ if (d2i_ECDSA_SIG(&s, &p, sig_len) == NULL) goto err;
|
|
|
78ef1d |
+ /* Ensure signature uses DER and doesn't have trailing garbage */
|
|
|
78ef1d |
+ derlen = i2d_ECDSA_SIG(s, &der;;
|
|
|
78ef1d |
+ if (derlen != sig_len || memcmp(sigbuf, der, derlen))
|
|
|
78ef1d |
+ goto err;
|
|
|
78ef1d |
ret=ECDSA_do_verify(dgst, dgst_len, s, eckey);
|
|
|
78ef1d |
err:
|
|
|
78ef1d |
+ if (derlen > 0)
|
|
|
78ef1d |
+ {
|
|
|
78ef1d |
+ OPENSSL_cleanse(der, derlen);
|
|
|
78ef1d |
+ OPENSSL_free(der);
|
|
|
78ef1d |
+ }
|
|
|
78ef1d |
ECDSA_SIG_free(s);
|
|
|
78ef1d |
return(ret);
|
|
|
78ef1d |
}
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/x509/x_all.c.cert-fingerprint openssl-1.0.1e/crypto/x509/x_all.c
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/x509/x_all.c.cert-fingerprint 2015-01-13 11:44:12.330020568 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/x509/x_all.c 2015-01-13 11:44:12.414022468 +0100
|
|
|
78ef1d |
@@ -72,6 +72,8 @@
|
|
|
78ef1d |
|
|
|
78ef1d |
int X509_verify(X509 *a, EVP_PKEY *r)
|
|
|
78ef1d |
{
|
|
|
78ef1d |
+ if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
|
|
|
78ef1d |
+ return 0;
|
|
|
78ef1d |
return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
|
|
|
78ef1d |
a->signature,a->cert_info,r));
|
|
|
78ef1d |
}
|
|
|
78ef1d |
diff -up openssl-1.0.1e/crypto/x509/x509.h.cert-fingerprint openssl-1.0.1e/crypto/x509/x509.h
|
|
|
78ef1d |
--- openssl-1.0.1e/crypto/x509/x509.h.cert-fingerprint 2015-01-13 11:44:12.126015954 +0100
|
|
|
78ef1d |
+++ openssl-1.0.1e/crypto/x509/x509.h 2015-01-13 12:43:36.780633502 +0100
|
|
|
78ef1d |
@@ -768,6 +768,7 @@ int X509_ALGOR_set0(X509_ALGOR *alg, ASN
|
|
|
78ef1d |
void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
|
|
|
78ef1d |
X509_ALGOR *algor);
|
|
|
78ef1d |
void X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md);
|
|
|
78ef1d |
+int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
|
|
|
78ef1d |
|
|
|
78ef1d |
X509_NAME *X509_NAME_dup(X509_NAME *xn);
|
|
|
78ef1d |
X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
|