diff options
| author | David Benjamin <davidben@chromium.org> | 2016-02-07 00:35:42 -0500 |
|---|---|---|
| committer | David Benjamin <davidben@google.com> | 2016-02-22 15:35:13 -0500 |
| commit | cbacc7cd77c081c2b23907acb515992e598fea6f (patch) | |
| tree | 0d1c23eaa1e7b09a821367fa75a9be2184da600e | |
| parent | d7421ebf6cae07051caf657016f160585b64f8a6 (diff) | |
| download | boringssl-chromium-2564.zip boringssl-chromium-2564.tar.gz boringssl-chromium-2564.tar.bz2 | |
Remove support for mis-encoded PKCS#8 DSA keys.chromium-2564
Previously, OpenSSL supported many different DSA PKCS#8 encodings. Only
support the standard format. One of the workaround formats (SEQUENCE of
private key and public key) seems to be a workaround for an old Netscape
bug. From inspection, NSS seems to have fixed this from the first open
source commit.
Change-Id: I1e097b675145954b4d7a0bed8733e5a25c25fd8e
Reviewed-on: https://boringssl-review.googlesource.com/7074
Reviewed-by: Adam Langley <agl@google.com>
| -rw-r--r-- | crypto/evp/p_dsa_asn1.c | 60 |
1 files changed, 7 insertions, 53 deletions
diff --git a/crypto/evp/p_dsa_asn1.c b/crypto/evp/p_dsa_asn1.c index c92068f..3c89e5e 100644 --- a/crypto/evp/p_dsa_asn1.c +++ b/crypto/evp/p_dsa_asn1.c @@ -184,64 +184,20 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { /* In PKCS#8 DSA: you just get a private key integer and parameters in the * AlgorithmIdentifier the pubkey must be recalculated. */ - STACK_OF(ASN1_TYPE) *ndsa = NULL; DSA *dsa = NULL; if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) { return 0; } - X509_ALGOR_get0(NULL, &ptype, &pval, palg); - - /* Check for broken DSA PKCS#8, UGH! */ - if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) { - ASN1_TYPE *t1, *t2; - ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen); - if (ndsa == NULL) { - goto decerr; - } - if (sk_ASN1_TYPE_num(ndsa) != 2) { - goto decerr; - } - - /* Handle Two broken types: - * SEQUENCE {parameters, priv_key} - * SEQUENCE {pub_key, priv_key}. */ - - t1 = sk_ASN1_TYPE_value(ndsa, 0); - t2 = sk_ASN1_TYPE_value(ndsa, 1); - if (t1->type == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_EMBEDDED_PARAM; - pval = t1->value.ptr; - } else if (ptype == V_ASN1_SEQUENCE) { - p8->broken = PKCS8_NS_DB; - } else { - goto decerr; - } - - if (t2->type != V_ASN1_INTEGER) { - goto decerr; - } - - privkey = t2->value.integer; - } else { - const uint8_t *q = p; - privkey = d2i_ASN1_INTEGER(NULL, &p, pklen); - if (privkey == NULL) { - goto decerr; - } - if (privkey->type == V_ASN1_NEG_INTEGER) { - p8->broken = PKCS8_NEG_PRIVKEY; - ASN1_INTEGER_free(privkey); - privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen); - if (privkey == NULL) { - goto decerr; - } - } - if (ptype != V_ASN1_SEQUENCE) { - goto decerr; - } + privkey = d2i_ASN1_INTEGER(NULL, &p, pklen); + if (privkey == NULL || privkey->type == V_ASN1_NEG_INTEGER) { + goto decerr; } + X509_ALGOR_get0(NULL, &ptype, &pval, palg); + if (ptype != V_ASN1_SEQUENCE) { + goto decerr; + } pstr = pval; pm = pstr->data; pmlen = pstr->length; @@ -274,7 +230,6 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) { EVP_PKEY_assign_DSA(pkey, dsa); BN_CTX_free(ctx); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); ASN1_INTEGER_free(privkey); return 1; @@ -285,7 +240,6 @@ decerr: dsaerr: BN_CTX_free(ctx); ASN1_INTEGER_free(privkey); - sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free); DSA_free(dsa); return 0; } |