diff options
author | davidben <davidben@chromium.org> | 2014-11-10 16:13:13 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2014-11-11 00:13:48 +0000 |
commit | 40af916dfb14ca12890e3a7cf8b50d8e62c69695 (patch) | |
tree | 5b870f1349f77e8ebac518c57e04b114eab35d81 /crypto/signature_verifier_openssl.cc | |
parent | 991bb31434938a71af3cbb3e080cfea6a0240009 (diff) | |
download | chromium_src-40af916dfb14ca12890e3a7cf8b50d8e62c69695.zip chromium_src-40af916dfb14ca12890e3a7cf8b50d8e62c69695.tar.gz chromium_src-40af916dfb14ca12890e3a7cf8b50d8e62c69695.tar.bz2 |
Check trailing data when parsing ASN.1.
Properly check that the entire buffer was consumed. d2i_* may process only a
prefix of its input. In addition, don't bother using a memory BIO when the
buffer can be parsed directly.
This aligns the NSS and OpenSSL port's behavior in most places:
SEC_QuickDERDecodeItem fails with SEC_ERROR_EXTRA_INPUT if there is excess data.
Add tests. Both for testing and to verify this is the NSS port's behavior.
For a PKCS #8 PrivateKeyInfo, NSS will silently accept trailing data. Fix
WebCrypto in NSS to align with the spec. RSAPrivateKey is left for a follow-up. (This includes an NSS roll to pick up a symbol export.)
BUG=430200
Review URL: https://codereview.chromium.org/685063007
Cr-Commit-Position: refs/heads/master@{#303546}
Diffstat (limited to 'crypto/signature_verifier_openssl.cc')
-rw-r--r-- | crypto/signature_verifier_openssl.cc | 13 |
1 files changed, 4 insertions, 9 deletions
diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc index a855120..53637eb 100644 --- a/crypto/signature_verifier_openssl.cc +++ b/crypto/signature_verifier_openssl.cc @@ -141,19 +141,14 @@ bool SignatureVerifier::CommonInit(const EVP_MD* digest, signature_.assign(signature, signature + signature_len); - // BIO_new_mem_buf is not const aware, but it does not modify the buffer. - char* data = reinterpret_cast<char*>(const_cast<uint8*>(public_key_info)); - ScopedBIO bio(BIO_new_mem_buf(data, public_key_info_len)); - if (!bio.get()) - return false; - - ScopedEVP_PKEY public_key(d2i_PUBKEY_bio(bio.get(), NULL)); - if (!public_key.get()) + const uint8_t* ptr = public_key_info; + ScopedEVP_PKEY public_key(d2i_PUBKEY(nullptr, &ptr, public_key_info_len)); + if (!public_key.get() || ptr != public_key_info + public_key_info_len) return false; verify_context_->ctx.reset(EVP_MD_CTX_create()); int rv = EVP_DigestVerifyInit(verify_context_->ctx.get(), pkey_ctx, - digest, NULL, public_key.get()); + digest, nullptr, public_key.get()); return rv == 1; } |