test/verify_extra_test.c

   1 /*
   2  * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include <string.h>
  12 #include <openssl/crypto.h>
  13 #include <openssl/bio.h>
  14 #include <openssl/x509.h>
  15 #include <openssl/pem.h>
  16 #include <openssl/err.h>
  17 #include "testutil.h"
  18
  19 static const char *roots_f;
  20 static const char *untrusted_f;
  21 static const char *bad_f;
  22
  23 static STACK_OF(X509) *load_certs_from_file(const char *filename)
  24 {
  25     STACK_OF(X509) *certs;
  26     BIO *bio;
  27     X509 *x;
  28
  29     bio = BIO_new_file(filename, "r");
  30
  31     if (bio == NULL) {
  32         return NULL;
  33     }
  34
  35     certs = sk_X509_new_null();
  36     if (certs == NULL) {
  37         BIO_free(bio);
  38         return NULL;
  39     }
  40
  41     ERR_set_mark();
  42     do {
  43         x = PEM_read_bio_X509(bio, NULL, 0, NULL);
  44         if (x != NULL && !sk_X509_push(certs, x)) {
  45             sk_X509_pop_free(certs, X509_free);
  46             BIO_free(bio);
  47             return NULL;
  48         } else if (x == NULL) {
  49             /*
  50              * We probably just ran out of certs, so ignore any errors
  51              * generated
  52              */
  53             ERR_pop_to_mark();
  54         }
  55     } while (x != NULL);
  56
  57     BIO_free(bio);
  58
  59     return certs;
  60 }
  61
  62 /*
  63  * Test for CVE-2015-1793 (Alternate Chains Certificate Forgery)
  64  *
  65  * Chain is as follows:
  66  *
  67  * rootCA (self-signed)
  68  *   |
  69  * interCA
  70  *   |
  71  * subinterCA       subinterCA (self-signed)
  72  *   |                   |
  73  * leaf ------------------
  74  *   |
  75  * bad
  76  *
  77  * rootCA, interCA, subinterCA, subinterCA (ss) all have CA=TRUE
  78  * leaf and bad have CA=FALSE
  79  *
  80  * subinterCA and subinterCA (ss) have the same subject name and keys
  81  *
  82  * interCA (but not rootCA) and subinterCA (ss) are in the trusted store
  83  * (roots.pem)
  84  * leaf and subinterCA are in the untrusted list (untrusted.pem)
  85  * bad is the certificate being verified (bad.pem)
  86  *
  87  * Versions vulnerable to CVE-2015-1793 will fail to detect that leaf has
  88  * CA=FALSE, and will therefore incorrectly verify bad
  89  *
  90  */
  91 static int test_alt_chains_cert_forgery(void)
  92 {
  93     int ret = 0;
  94     int i;
  95     X509 *x = NULL;
  96     STACK_OF(X509) *untrusted = NULL;
  97     BIO *bio = NULL;
  98     X509_STORE_CTX *sctx = NULL;
  99     X509_STORE *store = NULL;
 100     X509_LOOKUP *lookup = NULL;
 101
 102     store = X509_STORE_new();
 103     if (store == NULL)
 104         goto err;
 105
 106     lookup = X509_STORE_add_lookup(store, X509_LOOKUP_file());
 107     if (lookup == NULL)
 108         goto err;
 109     if (!X509_LOOKUP_load_file(lookup, roots_f, X509_FILETYPE_PEM))
 110         goto err;
 111
 112     untrusted = load_certs_from_file(untrusted_f);
 113
 114     if ((bio = BIO_new_file(bad_f, "r")) == NULL)
 115         goto err;
 116
 117     if ((x = PEM_read_bio_X509(bio, NULL, 0, NULL)) == NULL)
 118         goto err;
 119
 120     sctx = X509_STORE_CTX_new();
 121     if (sctx == NULL)
 122         goto err;
 123
 124     if (!X509_STORE_CTX_init(sctx, store, x, untrusted))
 125         goto err;
 126
 127     i = X509_verify_cert(sctx);
 128
 129     if (i == 0 && X509_STORE_CTX_get_error(sctx) == X509_V_ERR_INVALID_CA) {
 130         /* This is the result we were expecting: Test passed */
 131         ret = 1;
 132     }
 133  err:
 134     X509_STORE_CTX_free(sctx);
 135     X509_free(x);
 136     BIO_free(bio);
 137     sk_X509_pop_free(untrusted, X509_free);
 138     X509_STORE_free(store);
 139     return ret;
 140 }
 141
 142 static int test_store_ctx(void)
 143 {
 144     X509_STORE_CTX *sctx = NULL;
 145     X509 *x = NULL;
 146     BIO *bio = NULL;
 147     int testresult = 0, ret;
 148
 149     bio = BIO_new_file(bad_f, "r");
 150     if (bio == NULL)
 151         goto err;
 152
 153     x = PEM_read_bio_X509(bio, NULL, 0, NULL);
 154     if (x == NULL)
 155         goto err;
 156
 157     sctx = X509_STORE_CTX_new();
 158     if (sctx == NULL)
 159         goto err;
 160
 161     if (!X509_STORE_CTX_init(sctx, NULL, x, NULL))
 162         goto err;
 163
 164     /* Verifying a cert where we have no trusted certs should fail */
 165     ret = X509_verify_cert(sctx);
 166
 167     if (ret == 0) {
 168         /* This is the result we were expecting: Test passed */
 169         testresult = 1;
 170     }
 171
 172  err:
 173     X509_STORE_CTX_free(sctx);
 174     X509_free(x);
 175     BIO_free(bio);
 176     return testresult;
 177 }
 178
 179 OPT_TEST_DECLARE_USAGE("roots.pem untrusted.pem bad.pem\n")
 180
 181 #ifndef OPENSSL_NO_SM2
 182 static int test_sm2_id(void)
 183 {
 184     /* we only need an X509 structure, no matter if it's a real SM2 cert */
 185     X509 *x = NULL;
 186     BIO *bio = NULL;
 187     int ret = 0;
 188     ASN1_OCTET_STRING *v = NULL, *v2 = NULL;
 189     char *sm2id = "this is an ID";
 190
 191     bio = BIO_new_file(bad_f, "r");
 192     if (bio == NULL)
 193         goto err;
 194
 195     x = PEM_read_bio_X509(bio, NULL, 0, NULL);
 196     if (x == NULL)
 197         goto err;
 198
 199     v = ASN1_OCTET_STRING_new();
 200     if (v == NULL)
 201         goto err;
 202
 203     if (!ASN1_OCTET_STRING_set(v, (unsigned char *)sm2id, (int)strlen(sm2id))) {
 204         ASN1_OCTET_STRING_free(v);
 205         goto err;
 206     }
 207
 208     X509_set0_sm2_id(x, v);
 209
 210     v2 = X509_get0_sm2_id(x);
 211     if (!TEST_ptr(v2)
 212             || !TEST_int_eq(ASN1_OCTET_STRING_cmp(v, v2), 0))
 213         goto err;
 214
 215     ret = 1;
 216  err:
 217     X509_free(x);
 218     BIO_free(bio);
 219     return ret;
 220 }
 221 #endif
 222
 223 int setup_tests(void)
 224 {
 225     if (!TEST_ptr(roots_f = test_get_argument(0))
 226             || !TEST_ptr(untrusted_f = test_get_argument(1))
 227             || !TEST_ptr(bad_f = test_get_argument(2)))
 228         return 0;
 229
 230     ADD_TEST(test_alt_chains_cert_forgery);
 231     ADD_TEST(test_store_ctx);
 232 #ifndef OPENSSL_NO_SM2
 233     ADD_TEST(test_sm2_id);
 234 #endif
 235     return 1;
 236 }