[openssl] master update
Richard Levitte
levitte at openssl.org
Mon May 4 03:50:13 UTC 2020
The branch master has been updated
via 12cbb8e0497bc4990cfb02f1b9ebe23df9b53a2c (commit)
from 200e5ee5a4493906b307bf23117630b7caff0694 (commit)
- Log -----------------------------------------------------------------
commit 12cbb8e0497bc4990cfb02f1b9ebe23df9b53a2c
Author: Richard Levitte <levitte at openssl.org>
Date: Fri May 1 18:06:18 2020 +0200
WPACKET: don't write DER length when we don't want to
With endfirst writing, it could be that we want to abandon any zero
length sub-packet. That's what WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH
was supposed to make happen, but the DER length writing code didn't
look at that flag. Now it does.
Reviewed-by: Matt Caswell <matt at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/11703)
-----------------------------------------------------------------------
Summary of changes:
crypto/packet.c | 5 ++++-
test/wpackettest.c | 9 +++++++++
2 files changed, 13 insertions(+), 1 deletion(-)
diff --git a/crypto/packet.c b/crypto/packet.c
index 661b59e842..6db97a5434 100644
--- a/crypto/packet.c
+++ b/crypto/packet.c
@@ -265,7 +265,10 @@ static int wpacket_intern_close(WPACKET *pkt, WPACKET_SUB *sub, int doclose)
&& !put_value(&buf[sub->packet_len], packlen,
sub->lenbytes))
return 0;
- } else if (pkt->endfirst && sub->parent != NULL) {
+ } else if (pkt->endfirst && sub->parent != NULL
+ && (packlen != 0
+ || (sub->flags
+ & WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH) == 0)) {
size_t tmplen = packlen;
size_t numlenbytes = 1;
diff --git a/test/wpackettest.c b/test/wpackettest.c
index 08b5f976ca..b03dfcd2e0 100644
--- a/test/wpackettest.c
+++ b/test/wpackettest.c
@@ -360,6 +360,8 @@ static int test_WPACKET_init_der(void)
unsigned char testdata[] = { 0x00, 0x01, 0x02, 0x03 };
unsigned char testdata2[259] = { 0x82, 0x01, 0x00 };
size_t written[2];
+ size_t size1, size2;
+ int flags = WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH;
int i;
/* Test initialising for writing DER */
@@ -370,6 +372,13 @@ static int test_WPACKET_init_der(void)
|| !TEST_true(WPACKET_memcpy(&pkt, testdata, sizeof(testdata)))
|| !TEST_true(WPACKET_close(&pkt))
|| !TEST_true(WPACKET_put_bytes_u8(&pkt, 0xfc))
+ /* this sub-packet is empty, and should render zero bytes */
+ || (!TEST_true(WPACKET_start_sub_packet(&pkt))
+ || !TEST_true(WPACKET_set_flags(&pkt, flags))
+ || !TEST_true(WPACKET_get_total_written(&pkt, &size1))
+ || !TEST_true(WPACKET_close(&pkt))
+ || !TEST_true(WPACKET_get_total_written(&pkt, &size2))
+ || !TEST_size_t_eq(size1, size2))
|| !TEST_true(WPACKET_finish(&pkt))
|| !TEST_true(WPACKET_get_total_written(&pkt, &written[0]))
|| !TEST_mem_eq(WPACKET_get_curr(&pkt), written[0], simpleder,
More information about the openssl-commits
mailing list