Check CA names during the handshake.

Rather than store CA names and only find out that they're unparsable
when we're asked for a |STACK_OF(X509_NAME)|, check that we can parse
them all during the handshake. This avoids changing the semantics with
the previous change that kept CA names as |CRYPTO_BUFFER|s.

Change-Id: I0fc7a4e6ab01685347e7a5be0d0579f45b8a4818
Reviewed-on: https://boringssl-review.googlesource.com/13969
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
Adam Langley 2017-02-23 15:02:58 -08:00 committed by CQ bot account: commit-bot@chromium.org
parent 34b4c829fd
commit 0bdef09263
4 changed files with 35 additions and 0 deletions

View File

@ -1446,6 +1446,11 @@ struct ssl_protocol_method_st {
}; };
struct ssl_x509_method_st { struct ssl_x509_method_st {
/* check_client_CA_list returns one if |names| is a good list of X.509
* distinguished names and zero otherwise. This is used to ensure that we can
* reject unparsable values at handshake time when using crypto/x509. */
int (*check_client_CA_list)(STACK_OF(CRYPTO_BUFFER) *names);
/* cert_clear frees and NULLs all X509-related state. */ /* cert_clear frees and NULLs all X509-related state. */
void (*cert_clear)(CERT *cert); void (*cert_clear)(CERT *cert);
/* cert_flush_cached_chain drops any cached |X509|-based certificate chain /* cert_flush_cached_chain drops any cached |X509|-based certificate chain

View File

@ -726,6 +726,12 @@ STACK_OF(CRYPTO_BUFFER) *
} }
} }
if (!ssl->ctx->x509_method->check_client_CA_list(ret)) {
*out_alert = SSL_AD_INTERNAL_ERROR;
OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
goto err;
}
return ret; return ret;
err: err:

View File

@ -331,6 +331,23 @@ static void ssl_crypto_x509_flush_cached_chain(CERT *cert) {
cert->x509_chain = NULL; cert->x509_chain = NULL;
} }
static int ssl_crypto_x509_check_client_CA_list(
STACK_OF(CRYPTO_BUFFER) *names) {
for (size_t i = 0; i < sk_CRYPTO_BUFFER_num(names); i++) {
const CRYPTO_BUFFER *buffer = sk_CRYPTO_BUFFER_value(names, i);
const uint8_t *inp = CRYPTO_BUFFER_data(buffer);
X509_NAME *name = d2i_X509_NAME(NULL, &inp, CRYPTO_BUFFER_len(buffer));
const int ok = name != NULL && inp == CRYPTO_BUFFER_data(buffer) +
CRYPTO_BUFFER_len(buffer);
X509_NAME_free(name);
if (!ok) {
return 0;
}
}
return 1;
}
static void ssl_crypto_x509_clear(CERT *cert) { static void ssl_crypto_x509_clear(CERT *cert) {
ssl_crypto_x509_flush_cached_leaf(cert); ssl_crypto_x509_flush_cached_leaf(cert);
ssl_crypto_x509_flush_cached_chain(cert); ssl_crypto_x509_flush_cached_chain(cert);
@ -427,6 +444,7 @@ static void ssl_crypto_x509_ssl_ctx_flush_cached_client_CA(SSL_CTX *ctx) {
} }
const SSL_X509_METHOD ssl_crypto_x509_method = { const SSL_X509_METHOD ssl_crypto_x509_method = {
ssl_crypto_x509_check_client_CA_list,
ssl_crypto_x509_clear, ssl_crypto_x509_clear,
ssl_crypto_x509_flush_cached_chain, ssl_crypto_x509_flush_cached_chain,
ssl_crypto_x509_flush_cached_leaf, ssl_crypto_x509_flush_cached_leaf,

View File

@ -258,6 +258,11 @@ const SSL_METHOD *TLS_client_method(void) {
return TLS_method(); return TLS_method();
} }
static int ssl_noop_x509_check_client_CA_names(
STACK_OF(CRYPTO_BUFFER) *names) {
return 1;
}
static void ssl_noop_x509_clear(CERT *cert) {} static void ssl_noop_x509_clear(CERT *cert) {}
static void ssl_noop_x509_flush_cached_leaf(CERT *cert) {} static void ssl_noop_x509_flush_cached_leaf(CERT *cert) {}
static void ssl_noop_x509_flush_cached_chain(CERT *cert) {} static void ssl_noop_x509_flush_cached_chain(CERT *cert) {}
@ -275,6 +280,7 @@ static void ssl_noop_x509_ssl_flush_cached_client_CA(SSL *ssl) {}
static void ssl_noop_x509_ssl_ctx_flush_cached_client_CA(SSL_CTX *ctx) {} static void ssl_noop_x509_ssl_ctx_flush_cached_client_CA(SSL_CTX *ctx) {}
const SSL_X509_METHOD ssl_noop_x509_method = { const SSL_X509_METHOD ssl_noop_x509_method = {
ssl_noop_x509_check_client_CA_names,
ssl_noop_x509_clear, ssl_noop_x509_clear,
ssl_noop_x509_flush_cached_chain, ssl_noop_x509_flush_cached_chain,
ssl_noop_x509_flush_cached_leaf, ssl_noop_x509_flush_cached_leaf,