[openssl-commits] [openssl] master update
Richard Levitte
levitte at openssl.org
Sun Sep 9 01:45:05 UTC 2018
The branch master has been updated
via ca89174bc92c16f0a2a7eb86359b6c6fd1dd7a4d (commit)
via c2278c8bc41b01df9fac5fc3d7134430a88dd0e5 (commit)
from d74f23d2dbf2de0f374bff004c135242cfb65174 (commit)
- Log -----------------------------------------------------------------
commit ca89174bc92c16f0a2a7eb86359b6c6fd1dd7a4d
Author: Richard Levitte <levitte at openssl.org>
Date: Thu Sep 6 22:09:11 2018 +0200
ASN.1 DER: Make INT32 / INT64 types read badly encoded LONG zeroes
The deprecated ASN.1 type LONG / ZLONG (incorrectly) produced zero
length INTEGER encoding for zeroes. For the sake of backward
compatibility, we allow those to be read without fault when using the
replacement types INT32 / UINT32 / INT64 / UINT64.
Fixes #7134
Reviewed-by: Tim Hudson <tjh at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7144)
commit c2278c8bc41b01df9fac5fc3d7134430a88dd0e5
Author: Richard Levitte <levitte at openssl.org>
Date: Sat Sep 8 10:09:32 2018 +0200
TESTS: add test of decoding of invalid zero length ASN.1 INTEGER zero
Confirms #7134
Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Paul Dale <paul.dale at oracle.com>
(Merged from https://github.com/openssl/openssl/pull/7153)
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/x_int64.c | 24 +++
test/asn1_decode_test.c | 173 +++++++++++++++++++++
test/build.info | 6 +-
.../{03-test_exdata.t => 04-test_asn1_decode.t} | 2 +-
4 files changed, 203 insertions(+), 2 deletions(-)
create mode 100644 test/asn1_decode_test.c
copy test/recipes/{03-test_exdata.t => 04-test_asn1_decode.t} (87%)
diff --git a/crypto/asn1/x_int64.c b/crypto/asn1/x_int64.c
index f07ca3c..0ee552c 100644
--- a/crypto/asn1/x_int64.c
+++ b/crypto/asn1/x_int64.c
@@ -81,6 +81,16 @@ static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
return 0;
cp = (char *)*pval;
+
+ /*
+ * Strictly speaking, zero length is malformed. However, long_c2i
+ * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
+ * so for the sake of backward compatibility, we still decode zero
+ * length INTEGERs as the number zero.
+ */
+ if (len == 0)
+ goto long_compat;
+
if (!c2i_uint64_int(&utmp, &neg, &cont, len))
return 0;
if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
@@ -95,6 +105,8 @@ static int uint64_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
if (neg)
/* c2i_uint64_int() returns positive values */
utmp = 0 - utmp;
+
+ long_compat:
memcpy(cp, &utmp, sizeof(utmp));
return 1;
}
@@ -172,6 +184,16 @@ static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
return 0;
cp = (char *)*pval;
+
+ /*
+ * Strictly speaking, zero length is malformed. However, long_c2i
+ * (x_long.c) encodes 0 as a zero length INTEGER (wrongly, of course),
+ * so for the sake of backward compatibility, we still decode zero
+ * length INTEGERs as the number zero.
+ */
+ if (len == 0)
+ goto long_compat;
+
if (!c2i_uint64_int(&utmp, &neg, &cont, len))
return 0;
if ((it->size & INTxx_FLAG_SIGNED) == 0 && neg) {
@@ -191,6 +213,8 @@ static int uint32_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
return 0;
}
}
+
+ long_compat:
utmp2 = (uint32_t)utmp;
memcpy(cp, &utmp2, sizeof(utmp2));
return 1;
diff --git a/test/asn1_decode_test.c b/test/asn1_decode_test.c
new file mode 100644
index 0000000..369023d
--- /dev/null
+++ b/test/asn1_decode_test.c
@@ -0,0 +1,173 @@
+/*
+ * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <stdio.h>
+#include <string.h>
+
+#include <openssl/rand.h>
+#include <openssl/asn1t.h>
+#include "internal/numbers.h"
+#include "testutil.h"
+
+#ifdef __GNUC__
+# pragma GCC diagnostic ignored "-Wunused-function"
+#endif
+#ifdef __clang__
+# pragma clang diagnostic ignored "-Wunused-function"
+#endif
+
+/* Badly coded ASN.1 INTEGER zero wrapped in a sequence */
+static unsigned char t_invalid_zero[] = {
+ 0x30, 0x02, /* SEQUENCE tag + length */
+ 0x02, 0x00 /* INTEGER tag + length */
+};
+
+#if OPENSSL_API_COMPAT < 0x10200000L
+/* LONG case ************************************************************* */
+
+typedef struct {
+ long test_long;
+} ASN1_LONG_DATA;
+
+ASN1_SEQUENCE(ASN1_LONG_DATA) = {
+ ASN1_EMBED(ASN1_LONG_DATA, test_long, LONG),
+} static_ASN1_SEQUENCE_END(ASN1_LONG_DATA)
+
+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_LONG_DATA)
+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_LONG_DATA)
+
+static int test_long(void)
+{
+ const unsigned char *p = t_invalid_zero;
+ ASN1_LONG_DATA *dectst =
+ d2i_ASN1_LONG_DATA(NULL, &p, sizeof(t_invalid_zero));
+
+ if (dectst == NULL)
+ return 0; /* Fail */
+
+ ASN1_LONG_DATA_free(dectst);
+ return 1;
+}
+#endif
+
+/* INT32 case ************************************************************* */
+
+typedef struct {
+ int32_t test_int32;
+} ASN1_INT32_DATA;
+
+ASN1_SEQUENCE(ASN1_INT32_DATA) = {
+ ASN1_EMBED(ASN1_INT32_DATA, test_int32, INT32),
+} static_ASN1_SEQUENCE_END(ASN1_INT32_DATA)
+
+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT32_DATA)
+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT32_DATA)
+
+static int test_int32(void)
+{
+ const unsigned char *p = t_invalid_zero;
+ ASN1_INT32_DATA *dectst =
+ d2i_ASN1_INT32_DATA(NULL, &p, sizeof(t_invalid_zero));
+
+ if (dectst == NULL)
+ return 0; /* Fail */
+
+ ASN1_INT32_DATA_free(dectst);
+ return 1;
+}
+
+/* UINT32 case ************************************************************* */
+
+typedef struct {
+ uint32_t test_uint32;
+} ASN1_UINT32_DATA;
+
+ASN1_SEQUENCE(ASN1_UINT32_DATA) = {
+ ASN1_EMBED(ASN1_UINT32_DATA, test_uint32, UINT32),
+} static_ASN1_SEQUENCE_END(ASN1_UINT32_DATA)
+
+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT32_DATA)
+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT32_DATA)
+
+static int test_uint32(void)
+{
+ const unsigned char *p = t_invalid_zero;
+ ASN1_UINT32_DATA *dectst =
+ d2i_ASN1_UINT32_DATA(NULL, &p, sizeof(t_invalid_zero));
+
+ if (dectst == NULL)
+ return 0; /* Fail */
+
+ ASN1_UINT32_DATA_free(dectst);
+ return 1;
+}
+
+/* INT64 case ************************************************************* */
+
+typedef struct {
+ int64_t test_int64;
+} ASN1_INT64_DATA;
+
+ASN1_SEQUENCE(ASN1_INT64_DATA) = {
+ ASN1_EMBED(ASN1_INT64_DATA, test_int64, INT64),
+} static_ASN1_SEQUENCE_END(ASN1_INT64_DATA)
+
+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_INT64_DATA)
+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_INT64_DATA)
+
+static int test_int64(void)
+{
+ const unsigned char *p = t_invalid_zero;
+ ASN1_INT64_DATA *dectst =
+ d2i_ASN1_INT64_DATA(NULL, &p, sizeof(t_invalid_zero));
+
+ if (dectst == NULL)
+ return 0; /* Fail */
+
+ ASN1_INT64_DATA_free(dectst);
+ return 1;
+}
+
+/* UINT64 case ************************************************************* */
+
+typedef struct {
+ uint64_t test_uint64;
+} ASN1_UINT64_DATA;
+
+ASN1_SEQUENCE(ASN1_UINT64_DATA) = {
+ ASN1_EMBED(ASN1_UINT64_DATA, test_uint64, UINT64),
+} static_ASN1_SEQUENCE_END(ASN1_UINT64_DATA)
+
+IMPLEMENT_STATIC_ASN1_ENCODE_FUNCTIONS(ASN1_UINT64_DATA)
+IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(ASN1_UINT64_DATA)
+
+static int test_uint64(void)
+{
+ const unsigned char *p = t_invalid_zero;
+ ASN1_UINT64_DATA *dectst =
+ d2i_ASN1_UINT64_DATA(NULL, &p, sizeof(t_invalid_zero));
+
+ if (dectst == NULL)
+ return 0; /* Fail */
+
+ ASN1_UINT64_DATA_free(dectst);
+ return 1;
+}
+
+int setup_tests(void)
+{
+#if OPENSSL_API_COMPAT < 0x10200000L
+ ADD_TEST(test_long);
+#endif
+ ADD_TEST(test_int32);
+ ADD_TEST(test_uint32);
+ ADD_TEST(test_int64);
+ ADD_TEST(test_uint64);
+ return 1;
+}
diff --git a/test/build.info b/test/build.info
index 2c02ecc..08657c8 100644
--- a/test/build.info
+++ b/test/build.info
@@ -44,7 +44,7 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN
bio_callback_test \
bioprinttest sslapitest dtlstest sslcorrupttest bio_enc_test \
pkey_meth_test pkey_meth_kdf_test uitest cipherbytes_test \
- asn1_encode_test asn1_string_table_test \
+ asn1_encode_test asn1_decode_test asn1_string_table_test \
x509_time_test x509_dup_cert_test x509_check_cert_pkey_test \
recordlentest drbgtest sslbuffertest \
recordlentest drbgtest drbg_cavs_test sslbuffertest \
@@ -410,6 +410,10 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN
INCLUDE[asn1_encode_test]=../include
DEPEND[asn1_encode_test]=../libcrypto libtestutil.a
+ SOURCE[asn1_decode_test]=asn1_decode_test.c
+ INCLUDE[asn1_decode_test]=../include
+ DEPEND[asn1_decode_test]=../libcrypto libtestutil.a
+
SOURCE[asn1_string_table_test]=asn1_string_table_test.c
INCLUDE[asn1_string_table_test]=../include
DEPEND[asn1_string_table_test]=../libcrypto libtestutil.a
diff --git a/test/recipes/03-test_exdata.t b/test/recipes/04-test_asn1_decode.t
similarity index 87%
copy from test/recipes/03-test_exdata.t
copy to test/recipes/04-test_asn1_decode.t
index da66f95..d2c4563 100644
--- a/test/recipes/03-test_exdata.t
+++ b/test/recipes/04-test_asn1_decode.t
@@ -9,4 +9,4 @@
use OpenSSL::Test::Simple;
-simple_test("test_exdata", "exdatatest");
+simple_test("test_asn1_decode", "asn1_decode_test");
More information about the openssl-commits
mailing list