From: Alberto Leiva Popper Date: Thu, 23 May 2024 22:15:37 +0000 (-0600) Subject: Mirror 1165270e73508b9fb3dfdc0294a5926d56679c75 in other d2i's X-Git-Tag: 1.6.2~4 X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=17250cb7b77d443d5a8ce3957a280a2b230beedf;p=thirdparty%2FFORT-validator.git Mirror 1165270e73508b9fb3dfdc0294a5926d56679c75 in other d2i's Also, fix memory leak in signed_data.c. --- diff --git a/src/asn1/asn1c/Certificate.c b/src/asn1/asn1c/Certificate.c index 7352786e..807b890d 100644 --- a/src/asn1/asn1c/Certificate.c +++ b/src/asn1/asn1c/Certificate.c @@ -5,6 +5,7 @@ #include "extension.h" #include "json_util.h" #include "libcrypto_util.h" +#include "log.h" static json_t * validity2json(X509 *x) @@ -172,7 +173,7 @@ fail: json_decref(parent); json_t * Certificate_any2json(ANY_t *ber) { - const unsigned char *tmp; + unsigned char const *origin, *cursor; X509 *cert; json_t *json; @@ -182,11 +183,14 @@ Certificate_any2json(ANY_t *ber) * (https://www.openssl.org/docs/man1.0.2/crypto/d2i_X509_fp.html) * We don't want @ber->buf modified, so use a dummy pointer. */ - tmp = (const unsigned char *) ber->buf; + origin = (unsigned char const *) ber->buf; + cursor = origin; - cert = d2i_X509(NULL, &tmp, ber->size); + cert = d2i_X509(NULL, &cursor, ber->size); if (cert == NULL) return NULL; + if (cursor != origin + ber->size) + pr_op_warn("There's trailing garbage after one of the certificates."); json = x509_to_json(cert); diff --git a/src/asn1/signed_data.c b/src/asn1/signed_data.c index 1604ccc5..41ebf911 100644 --- a/src/asn1/signed_data.c +++ b/src/asn1/signed_data.c @@ -82,7 +82,7 @@ handle_sdata_certificate(ANY_t *cert_encoded, struct ee_cert *ee, } if (tmp != otmp + cert_encoded->size) { error = val_crypto_err("Signed object's 'certificate' element contains trailing garbage"); - goto end1; + goto end2; } x509_name_pr_debug("Issuer", X509_get_issuer_name(cert)); diff --git a/src/object/certificate.c b/src/object/certificate.c index 50524882..876eb835 100644 --- a/src/object/certificate.c +++ b/src/object/certificate.c @@ -242,6 +242,35 @@ validate_subject(X509 *cert) return error; } +static X509_PUBKEY * +decode_spki(struct tal *tal) +{ + X509_PUBKEY *spki = NULL; + unsigned char const *origin, *cursor; + size_t len; + + fnstack_push(tal_get_file_name(tal)); + tal_get_spki(tal, &origin, &len); + cursor = origin; + spki = d2i_X509_PUBKEY(NULL, &cursor, len); + + if (spki == NULL) { + op_crypto_err("The public key cannot be decoded."); + goto fail; + } + if (cursor != origin + len) { + X509_PUBKEY_free(spki); + op_crypto_err("The public key contains trailing garbage."); + goto fail; + } + + fnstack_pop(); + return spki; + +fail: fnstack_pop(); + return NULL; +} + static int root_different_alg_err(void) { @@ -259,10 +288,7 @@ validate_spki(X509_PUBKEY *cert_spki) { struct validation *state; struct tal *tal; - X509_PUBKEY *tal_spki; - unsigned char const *_tal_spki; - size_t _tal_spki_len; state = state_retrieve(); @@ -288,29 +314,20 @@ validate_spki(X509_PUBKEY *cert_spki) * Reminder: "X509_PUBKEY" and "Subject Public Key Info" are synonyms. */ - fnstack_push(tal_get_file_name(tal)); - tal_get_spki(tal, &_tal_spki, &_tal_spki_len); - tal_spki = d2i_X509_PUBKEY(NULL, &_tal_spki, _tal_spki_len); - fnstack_pop(); - - if (tal_spki == NULL) { - op_crypto_err("The TAL's public key cannot be decoded"); - goto fail1; - } + tal_spki = decode_spki(tal); + if (tal_spki == NULL) + return -EINVAL; if (spki_cmp(tal_spki, cert_spki, root_different_alg_err, - root_different_pk_err) != 0) - goto fail2; + root_different_pk_err) != 0) { + X509_PUBKEY_free(tal_spki); + validation_pubkey_invalid(state); + return -EINVAL; + } X509_PUBKEY_free(tal_spki); validation_pubkey_valid(state); return 0; - -fail2: - X509_PUBKEY_free(tal_spki); -fail1: - validation_pubkey_invalid(state); - return -EINVAL; } /* diff --git a/src/slurm/slurm_parser.c b/src/slurm/slurm_parser.c index e03f3d28..9c236e09 100644 --- a/src/slurm/slurm_parser.c +++ b/src/slurm/slurm_parser.c @@ -262,17 +262,23 @@ set_ski(json_t *object, bool is_assertion, struct slurm_bgpsec *result, static int validate_router_spki(unsigned char *data, size_t len) { - unsigned char const *tmp; + unsigned char const *origin, *cursor; X509_PUBKEY *spki; X509_ALGOR *pa; ASN1_OBJECT *alg; int ok; int error; - tmp = data; - spki = d2i_X509_PUBKEY(NULL, &tmp, len); + origin = data; + cursor = origin; + + spki = d2i_X509_PUBKEY(NULL, &cursor, len); if (spki == NULL) return op_crypto_err("Not a valid router public key"); + if (cursor != origin + len) { + X509_PUBKEY_free(spki); + return op_crypto_err("Router public key contains trailing garbage."); + } ok = X509_PUBKEY_get0_param(&alg, NULL, NULL, &pa, spki); if (!ok) {