Commit Graph

9 Commits

Author SHA1 Message Date
David Benjamin
375124b162 Parse BER for PKCS#12 more accurately.
CBS_asn1_ber_to_der currently uses heuristics because implicitly-tagged
constructed strings in BER are ambiguous with implicitly-tagged sequences. It's
not possible to convert BER to DER without knowing the schema.

Fortunately, implicitly tagged strings don't appear often so instead split the
job up: CBS_asn1_ber_to_der fixes indefinite-length elements and constructed
strings it can see. Implicitly-tagged strings it leaves uncoverted, but they
will only nest one level down (because BER kindly allows one to nest
constructed strings arbitrarily!).

CBS_get_asn1_implicit_string then performs the final concatenation at parse
time. This isn't much more complex and lets us parse BER more accurately and
also reject a number of mis-encoded values (e.g. constructed INTEGERs are not a
thing) we'd previously let through. The downside is the post-conversion parsing
code must be aware of this limitation of CBS_asn1_ber_to_der. Fortunately,
there's only one implicitly-tagged string in our PKCS#12 code.

(In the category of things that really really don't matter, but I had spare
cycles and the old BER converter is weird.)

Change-Id: Iebdd13b08559fa158b308ef83a5bb07bfdf80ae8
Reviewed-on: https://boringssl-review.googlesource.com/7052
Reviewed-by: Adam Langley <agl@google.com>
2016-02-16 19:32:50 +00:00
David Benjamin
11aac10987 Fix theoretical memory leak on malloc error in CBS_asn1_ber_to_der.
On failure, CBB_finish doesn't call CBB_cleanup. Also chain more of the ||s
together now that CBB_cleanup after failed CBB_init is legal.

(I don't think this is actually reachable because the CBB is guaranteed to be
flushed by this point.)

Change-Id: Ib16a0a185f15e13675ac2550c5e8e0926ceb7957
Reviewed-on: https://boringssl-review.googlesource.com/7051
Reviewed-by: Adam Langley <agl@google.com>
2016-02-04 17:23:28 +00:00
Matt Braithwaite
fa9eb568b0 Correct the spelling of "primitive".
Spotted by Matt Smart.

Change-Id: Id9c61ba6a293ddc52b2e2c93c427860765848c6d
Reviewed-on: https://boringssl-review.googlesource.com/6430
Reviewed-by: Adam Langley <agl@google.com>
2015-11-03 21:47:19 +00:00
Adam Langley
cc1e3df75c Make CBS_get_any_asn1_element accept only DER.
This change makes |CBS_get_any_asn1_element| only handle DER elements.
Another function, |CBS_get_any_ber_asn1_element| is exposed internally
for the cases where we need to process BER data.

Change-Id: I544141a1a3d7913986352a8fd9a6d00b9f282652
Reviewed-on: https://boringssl-review.googlesource.com/4994
Reviewed-by: Adam Langley <agl@google.com>
2015-06-03 22:08:16 +00:00
David Benjamin
3fa65f0f05 Fix some malloc test crashs.
This isn't exhaustive. There are still failures in some tests which probably
ought to get C++'d first.

Change-Id: Iac58df9d98cdfd94603d54374a531b2559df64c3
Reviewed-on: https://boringssl-review.googlesource.com/4795
Reviewed-by: Adam Langley <agl@google.com>
2015-05-21 18:00:10 +00:00
Adam Langley
2b2d66d409 Remove string.h from base.h.
Including string.h in base.h causes any file that includes a BoringSSL
header to include string.h. Generally this wouldn't be a problem,
although string.h might slow down the compile if it wasn't otherwise
needed. However, it also causes problems for ipsec-tools in Android
because OpenSSL didn't have this behaviour.

This change removes string.h from base.h and, instead, adds it to each
.c file that requires it.

Change-Id: I5968e50b0e230fd3adf9b72dd2836e6f52d6fb37
Reviewed-on: https://boringssl-review.googlesource.com/3200
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-02-02 19:14:15 +00:00
Adam Langley
af7e74ba9f Remove variable shadowing.
Bruce Dawson pointed out that the shadowing of |ret| in |s3_srvr.c|
looked dodgy. It was actually deliberate (we don't want to reset the
default value of the function's |ret| variable with a successful return
from the callback) but it does look dodgy.

This change adds -Wshadow to ban variable shadowing and fixes all
current instances.

Change-Id: I1268f88b9f26245c7d16d6ead5bb9014ea471c01
Reviewed-on: https://boringssl-review.googlesource.com/2520
Reviewed-by: Adam Langley <agl@google.com>
2014-12-09 21:32:49 +00:00
Adam Langley
58f90951eb Remove hack in parsing PKCS#12.
This change removes the previous OpenSSL/NSS hack in PKCS#12 parsing and
limits the hacks purely to the BER->DER conversion function, where they
belong.

PKCS#7 and #12 switch between implicit and explicit tags in different
places and sometimes only implicitly define that they are using implicit
tags. This change fixes a previous confusion where an implicit tag was
thought to be explicit.

Change-Id: Ib68c78cf2a1bfcbf90a296cb98313ab86ed2a1f3
Reviewed-on: https://boringssl-review.googlesource.com/1640
Reviewed-by: Adam Langley <agl@google.com>
2014-08-26 22:07:02 +00:00
Adam Langley
9c01e00c2e Rework support for ASN.1 BER.
Previously, the ASN.1 functions in bytestring were capable of processing
indefinite length elements when the _ber functions were used. That works
well enough for PKCS#3, but NSS goes a bit crazy with BER encoding and
PKCS#12. Rather than complicate the core bytestring functions further,
the BER support is removed from them and moved to a separate function
that converts from BER to DER (if needed).

Change-Id: I2212b28e99bab9fab8c61f80d2012d3e5a3cc2f0
Reviewed-on: https://boringssl-review.googlesource.com/1591
Reviewed-by: Adam Langley <agl@google.com>
2014-08-25 21:38:08 +00:00