summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Benjamin <davidben@chromium.org>2016-02-07 00:35:42 -0500
committerThe Android Automerger <android-build@google.com>2016-03-25 17:46:35 -0700
commit591be84e89682622957c8f103ca4be3a5ed0f800 (patch)
tree524148f08a096d5309e53f1c8fbc6583cada73e0
parentf7063c1e913edebd3402a2c2467c1bdb3d4b79a9 (diff)
downloadexternal_boringssl-591be84e89682622957c8f103ca4be3a5ed0f800.zip
external_boringssl-591be84e89682622957c8f103ca4be3a5ed0f800.tar.gz
external_boringssl-591be84e89682622957c8f103ca4be3a5ed0f800.tar.bz2
Remove support for mis-encoded PKCS#8 DSA keys.
Previously, OpenSSL supported many different DSA PKCS#8 encodings. Only support the standard format. One of the workaround formats (SEQUENCE of private key and public key) seems to be a workaround for an old Netscape bug. From inspection, NSS seems to have fixed this from the first open source commit. (cherry-picked from 440f1037716eca16f203edb8f03d4a59c92ae0cc) Bug: 27449871 Change-Id: I1e097b675145954b4d7a0bed8733e5a25c25fd8e Reviewed-on: https://boringssl-review.googlesource.com/7074 Reviewed-by: Adam Langley <agl@google.com>
-rw-r--r--src/crypto/evp/p_dsa_asn1.c60
1 files changed, 7 insertions, 53 deletions
diff --git a/src/crypto/evp/p_dsa_asn1.c b/src/crypto/evp/p_dsa_asn1.c
index 0ac7da7..2c3326e 100644
--- a/src/crypto/evp/p_dsa_asn1.c
+++ b/src/crypto/evp/p_dsa_asn1.c
@@ -168,64 +168,20 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) {
/* In PKCS#8 DSA: you just get a private key integer and parameters in the
* AlgorithmIdentifier the pubkey must be recalculated. */
- STACK_OF(ASN1_TYPE) *ndsa = NULL;
DSA *dsa = NULL;
if (!PKCS8_pkey_get0(NULL, &p, &pklen, &palg, p8)) {
return 0;
}
- X509_ALGOR_get0(NULL, &ptype, &pval, palg);
-
- /* Check for broken DSA PKCS#8, UGH! */
- if (*p == (V_ASN1_SEQUENCE | V_ASN1_CONSTRUCTED)) {
- ASN1_TYPE *t1, *t2;
- ndsa = d2i_ASN1_SEQUENCE_ANY(NULL, &p, pklen);
- if (ndsa == NULL) {
- goto decerr;
- }
- if (sk_ASN1_TYPE_num(ndsa) != 2) {
- goto decerr;
- }
-
- /* Handle Two broken types:
- * SEQUENCE {parameters, priv_key}
- * SEQUENCE {pub_key, priv_key}. */
-
- t1 = sk_ASN1_TYPE_value(ndsa, 0);
- t2 = sk_ASN1_TYPE_value(ndsa, 1);
- if (t1->type == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_EMBEDDED_PARAM;
- pval = t1->value.ptr;
- } else if (ptype == V_ASN1_SEQUENCE) {
- p8->broken = PKCS8_NS_DB;
- } else {
- goto decerr;
- }
-
- if (t2->type != V_ASN1_INTEGER) {
- goto decerr;
- }
-
- privkey = t2->value.integer;
- } else {
- const uint8_t *q = p;
- privkey = d2i_ASN1_INTEGER(NULL, &p, pklen);
- if (privkey == NULL) {
- goto decerr;
- }
- if (privkey->type == V_ASN1_NEG_INTEGER) {
- p8->broken = PKCS8_NEG_PRIVKEY;
- ASN1_INTEGER_free(privkey);
- privkey = d2i_ASN1_UINTEGER(NULL, &q, pklen);
- if (privkey == NULL) {
- goto decerr;
- }
- }
- if (ptype != V_ASN1_SEQUENCE) {
- goto decerr;
- }
+ privkey = d2i_ASN1_INTEGER(NULL, &p, pklen);
+ if (privkey == NULL || privkey->type == V_ASN1_NEG_INTEGER) {
+ goto decerr;
}
+ X509_ALGOR_get0(NULL, &ptype, &pval, palg);
+ if (ptype != V_ASN1_SEQUENCE) {
+ goto decerr;
+ }
pstr = pval;
pm = pstr->data;
pmlen = pstr->length;
@@ -258,7 +214,6 @@ static int dsa_priv_decode(EVP_PKEY *pkey, PKCS8_PRIV_KEY_INFO *p8) {
EVP_PKEY_assign_DSA(pkey, dsa);
BN_CTX_free(ctx);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
ASN1_INTEGER_free(privkey);
return 1;
@@ -269,7 +224,6 @@ decerr:
dsaerr:
BN_CTX_free(ctx);
ASN1_INTEGER_free(privkey);
- sk_ASN1_TYPE_pop_free(ndsa, ASN1_TYPE_free);
DSA_free(dsa);
return 0;
}