kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
f9f312af61
boringssl/crypto
History
Steven Valdez f9f312af61 Add some sanity checks when checking CRL scores and tests 
Note: this was accidentally omitted from OpenSSL 1.0.2 branch.
Without this fix any attempt to use CRLs will crash.

CVE-2016-7052

(Imported from upstream's 6e629b5be45face20b4ca71c4fcbfed78b864a2e)

Test CRL Root Key:

-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAo16WiLWZuaymsD8n5SKPmxV1y6jjgr3BS/dUBpbrzd1aeFzN
lI8l2jfAnzUyp+I21RQ+nh/MhqjGElkTtK9xMn1Y+S9GMRh+5R/Du0iCb1tCZIPY
07Tgrb0KMNWe0v2QKVVruuYSgxIWodBfxlKO64Z8AJ5IbnWpuRqO6rctN9qUoMlT
IAB6dL4G0tDJ/PGFWOJYwOMEIX54bly2wgyYJVBKiRRt4f7n8H922qmvPNA9idmX
9G1VAtgV6x97XXi7ULORIQvn9lVQF6nTYDBJhyuPB+mLThbLP2o9orxGx7aCtnnB
ZUIxUvHNOI0FaSaZH7Fi0xsZ/GkG2HZe7ImPJwIDAQABAoIBAQCJF9MTHfHGkk+/
DwCXlA0Wg0e6hBuHl10iNobYkMWIl/xXjOknhYiqOqb181py76472SVC5ERprC+r
Lf0PXzqKuA117mnkwT2bYLCL9Skf8WEhoFLQNbVlloF6wYjqXcYgKYKh8HgQbZl4
aLg2YQl2NADTNABsUWj/4H2WEelsODVviqfFs725lFg9KHDI8zxAZXLzDt/M9uVL
GxJiX12tr0AwaeAFZ1oPM/y+LznM3N3+Ht3jHHw3jZ/u8Z1RdAmdpu3bZ6tbwGBr
9edsH5rKkm9aBvMrY7eX5VHqaqyRNFyG152ZOJh4XiiFG7EmgTPCpaHo50Y018Re
grVtk+FBAoGBANY3lY+V8ZOwMxSHes+kTnoimHO5Ob7nxrOC71i27x+4HHsYUeAr
/zOOghiDIn+oNkuiX5CIOWZKx159Bp65CPpCbTb/fh+HYnSgXFgCw7XptycO7LXM
5GwR5jSfpfzBFdYxjxoUzDMFBwTEYRTm0HkUHkH+s+ajjw5wqqbcGLcfAoGBAMM8
DKW6Tb66xsf708f0jonAjKYTLZ+WOcwsBEWSFHoY8dUjvW5gqx5acHTEsc5ZTeh4
BCFLa+Mn9cuJWVJNs09k7Xb2PNl92HQ4GN2vbdkJhExbkT6oLDHg1hVD0w8KLfz1
lTAW6pS+6CdOHMEJpvqx89EgU/1GgIQ1fXYczE75AoGAKeJoXdDFkUjsU+FBhAPu
TDcjc80Nm2QaF9NMFR5/lsYa236f06MGnQAKM9zADBHJu/Qdl1brUjLg1HrBppsr
RDNkw1IlSOjhuUf5hkPUHGd8Jijm440SRIcjabqla8wdBupdvo2+d2NOQgJbsQiI
ToQ+fkzcxAXK3Nnuo/1436UCgYBjLH7UNOZHS8OsVM0I1r8NVKVdu4JCfeJQR8/H
s2P5ffBir+wLRMnH+nMDreMQiibcPxMCArkERAlE4jlgaJ38Z62E76KLbLTmnJRt
EC9Bv+bXjvAiHvWMRMUbOj/ddPNVez7Uld+FvdBaHwDWQlvzHzBWfBCOKSEhh7Z6
qDhUqQKBgQDPMDx2i5rfmQp3imV9xUcCkIRsyYQVf8Eo7NV07IdUy/otmksgn4Zt
Lbf3v2dvxOpTNTONWjp2c+iUQo8QxJCZr5Sfb21oQ9Ktcrmc/CY7LeBVDibXwxdM
vRG8kBzvslFWh7REzC3u06GSVhyKDfW93kN2cKVwGoahRlhj7oHuZQ==
-----END RSA PRIVATE KEY-----

Change-Id: Icc58811c78d4682591f5bb460cdd219bd41566d8
Reviewed-on: https://boringssl-review.googlesource.com/11246
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-09-26 18:06:52 +00:00
..
aes Allow .arch directives with Clang. 2016-08-26 17:45:49 +00:00
asn1 Remove trailing ';' from macros 2016-09-12 19:17:26 +00:00
base64 Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
bio Implement BIO_eof() for compatibility 2016-09-13 23:52:14 +00:00
bn Define __STDC_CONSTANT_MACROS in bn_test.cc. 2016-09-19 15:28:12 +00:00
buf
bytestring Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
chacha Use fewer macros in C ChaCha implementation. 2016-09-13 01:56:09 +00:00
cipher Add EVP_AEAD_CTX_aead. 2016-09-17 01:06:40 +00:00
cmac Replace Scoped* heap types with bssl::UniquePtr. 2016-09-01 22:22:54 +00:00
conf
curve25519 Replace Scoped* heap types with bssl::UniquePtr. 2016-09-01 22:22:54 +00:00
des
dh Fold stack-allocated types into headers. 2016-09-07 21:50:05 +00:00
digest Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
dsa Add various 1.1.0 accessors. 2016-08-10 16:52:15 +00:00
ec Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
ecdh Replace Scoped* heap types with bssl::UniquePtr. 2016-09-01 22:22:54 +00:00
ecdsa Replace Scoped* heap types with bssl::UniquePtr. 2016-09-01 22:22:54 +00:00
engine Remove trailing ';' from macros 2016-09-12 19:17:26 +00:00
err Only predict X25519 in TLS 1.3. 2016-09-21 21:18:34 +00:00
evp Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
hkdf Adding ARRAY_SIZE macro for getting the size of constant arrays. 2016-08-19 19:30:39 +00:00
hmac Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
lhash Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
md4
md5 Switch perlasm calling convention. 2016-06-27 21:59:26 +00:00
modes Move gcm_test to C++ 2016-09-14 16:51:56 +00:00
newhope Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
obj Rename the |dont_return_name| flag of |OBJ_obj2txt| to |always_return_oid|. 2016-08-10 17:18:25 +00:00
pem
perlasm Remove unused crypto/perlasm/cbc.pl. 2016-09-12 19:03:57 +00:00
pkcs8 Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
poly1305 Resolve a small handful of size_t truncation warnings. 2016-08-05 19:12:31 +00:00
rand Resolve a small handful of size_t truncation warnings. 2016-08-05 19:12:31 +00:00
rc4 Simplify RC4 code and remove assembly. 2016-08-30 15:32:31 +00:00
rsa Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
sha sha/asm/sha1-x86_64.pl: fix crash in SHAEXT code on Windows. 2016-08-16 19:46:06 +00:00
stack Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
test Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
x509 Add some sanity checks when checking CRL scores and tests 2016-09-26 18:06:52 +00:00
x509v3 Finish aligning up_ref functions with OpenSSL 1.1.0. 2016-08-11 16:51:52 +00:00
CMakeLists.txt Switch perlasm calling convention. 2016-06-27 21:59:26 +00:00
constant_time_test.c
cpu-aarch64-linux.c
cpu-arm-linux.c
cpu-arm.c
cpu-intel.c Wrap MSVC-only warning pragmas in a macro. 2016-06-09 21:29:36 +00:00
crypto.c Add no-op function ENGINE_register_all_complete. 2016-07-12 17:54:41 +00:00
ex_data.c Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
internal.h Use pthreads on MinGW. 2016-09-20 22:25:14 +00:00
mem.c Breaking news: 1998 has come and gone. 2016-07-11 23:51:47 +00:00
refcount_c11.c
refcount_lock.c Split unlock functions into read/write variants. 2016-05-31 21:09:29 +00:00
refcount_test.c
thread_none.c Split unlock functions into read/write variants. 2016-05-31 21:09:29 +00:00
thread_pthread.c Use pthreads on MinGW. 2016-09-20 22:25:14 +00:00
thread_test.c Wrap MSVC-only warning pragmas in a macro. 2016-06-09 21:29:36 +00:00
thread_win.c Use pthreads on MinGW. 2016-09-20 22:25:14 +00:00
thread.c Remove a bunch of unnecessary includes. 2016-06-28 20:31:14 +00:00
time_support.c