From: Richard Levitte Date: Tue, 7 Aug 2018 02:55:47 +0000 (+0200) Subject: Make EVP_PKEY_asn1_new() stricter with its input X-Git-Tag: OpenSSL_1_1_0i~10 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=29cbeb9f0279678706dc9f5d96bcb64fc766658f;p=oweals%2Fopenssl.git Make EVP_PKEY_asn1_new() stricter with its input Reviewed-by: Matthias St. Pierre Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/6880) (cherry picked from commit 38eca7fed09a57c1b7a05d651af2c667b3e87719) --- diff --git a/CHANGES b/CHANGES index 277654dc7e..13cc6411e0 100644 --- a/CHANGES +++ b/CHANGES @@ -9,6 +9,11 @@ Changes between 1.1.0h and 1.1.0i [xx XXX xxxx] + *) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str + parameter is no longer accepted, as it leads to a corrupt table. NULL + pem_str is reserved for alias entries only. + [Richard Levitte] + *) Revert blinding in ECDSA sign and instead make problematic addition length-invariant. Switch even to fixed-length Montgomery multiplication. [Andy Polyakov] diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index b8ba067877..9b0a2ccb20 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -255,6 +255,18 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, goto err; } + /* + * One of the following must be true: + * + * pem_str == NULL AND ASN1_PKEY_ALIAS is set + * pem_str != NULL AND ASN1_PKEY_ALIAS is clear + * + * Anything else is an error and may lead to a corrupt ASN1 method table + */ + if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0) + || (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0))) + goto err; + if (pem_str) { ameth->pem_str = OPENSSL_strdup(pem_str); if (!ameth->pem_str)