Commit 38eca7fe authored by Richard Levitte's avatar Richard Levitte
Browse files

Make EVP_PKEY_asn1_new() stricter with its input 



Reviewed-by: default avatarMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6880)
parent 3ef97bd8

CHANGES

+5 −0
Original line number Diff line number Diff line
@@ -9,6 +9,11 @@ 














 Changes between 1.1.0h and 1.1.1 [xx XXX xxxx]



























  *) Make EVP_PKEY_asn1_new() a bit stricter about its input.  A NULL pem_str













     parameter is no longer accepted, as it leads to a corrupt table.  NULL













     pem_str is reserved for alias entries only.













     [Richard Levitte]



























  *) Use the new ec_scalar_mul_ladder scaffold to implement a specialized ladder















     step for prime curves. The new implementation is based on formulae from















     differential addition-and-doubling in homogeneous projective coordinates

































crypto/asn1/ameth_lib.c



+12
−0






























Original line number
Diff line number
Diff line








@@ -216,6 +216,18 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags,













            goto err;















    }





























    /*













     * One of the following must be true:













     *













     * pem_str == NULL AND ASN1_PKEY_ALIAS is set













     * pem_str != NULL AND ASN1_PKEY_ALIAS is clear













     *













     * Anything else is an error and may lead to a corrupt ASN1 method table













     */













    if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0)













          || (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0)))













        goto err;





























    if (pem_str) {















        ameth->pem_str = OPENSSL_strdup(pem_str);















        if (!ameth->pem_str)

































test/asn1_internal_test.c



+19
−1






























Original line number
Diff line number
Diff line








@@ -67,6 +67,7 @@ static int test_standard_methods(void)













    const EVP_PKEY_ASN1_METHOD **tmp;















    int last_pkey_id = -1;















    size_t i;













    int ok = 1;































    for (tmp = standard_methods, i = 0; i < OSSL_NELEM(standard_methods);















         i++, tmp++) {









@@ -75,11 +76,28 @@ static int test_standard_methods(void)













            break;















        }















        last_pkey_id = (*tmp)->pkey_id;



























        /*













         * One of the following must be true:













         *













         * pem_str == NULL AND ASN1_PKEY_ALIAS is set













         * pem_str != NULL AND ASN1_PKEY_ALIAS is clear













         *













         * Anything else is an error and may lead to a corrupt ASN1 method table













         */













        if (!TEST_true((*tmp)->pem_str == NULL &&













                       ((*tmp)->pkey_flags & ASN1_PKEY_ALIAS) != 0)













            && !TEST_true((*tmp)->pem_str != NULL &&













                          ((*tmp)->pkey_flags & ASN1_PKEY_ALIAS) == 0)) {













            TEST_note("asn1 standard methods: Index %zu, pkey ID %d, Name=%s",













                      i, (*tmp)->pkey_id, OBJ_nid2sn((*tmp)->pkey_id));













            ok = 0;













        }















    }































    if (TEST_int_ne(last_pkey_id, 0)) {















        TEST_info("asn1 standard methods: Table order OK");













        return 1;













        return ok;















    }































    TEST_note("asn1 standard methods: out of order");