Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to upstream 519c2986c73c23461b130ad19b93fd7d081353d5 (Chromium 92 0 4515 107) #68

Merged
Merged
Changes from 1 commit
Commits
Show all changes
562 commits
Select commit Hold shift + click to select a range
0a86cbf
RAND_set_rand_method returns int.
davidben Feb 26, 2021
e7bb89b
Fix OPENSSL_EC_* constants and add EC_GROUP_get_asn1_flag
davidben Feb 26, 2021
e9315d5
Remove X509_REQ_to_X509.
davidben Feb 26, 2021
a1d1a67
Remove some remnants of TLS 1.3 downgrade carveouts.
davidben Feb 26, 2021
84c0c90
Move PKCS#12 samples to embed_test_data.
davidben Feb 27, 2021
abd6c05
Support creating unencrypted PKCS#12 files.
davidben Feb 27, 2021
d4fdb7b
Make the X509_VAL structure opaque.
davidben Feb 26, 2021
24df734
Remove TODO to reverse the output of PKCS12_parse.
davidben Mar 1, 2021
dfe0b01
Stub out some more of PKCS7.
davidben Mar 1, 2021
215f4a0
Register POLICY_MAPPING with bssl::UniquePtr.
davidben Mar 4, 2021
04b3213
Register NAME_CONSTRAINTS with bssl::UniquePtr.
davidben Mar 4, 2021
6b48efa
Add -rr-record flag to runner.go.
dmcardle Mar 11, 2021
acf6149
Align with OpenSSL on constness of static ASN1_OBJECTs.
davidben Mar 13, 2021
f7b87c8
fips: add counters.
Mar 9, 2021
3d15a94
Document ASN1_TYPE and related functions.
davidben Mar 14, 2021
87aafb6
Initialize nonce in PerAEADTest.ABI.
davidben Mar 16, 2021
1eae297
runner: Remove redundant -enable-all-curves shim flag.
davidben Mar 15, 2021
2c1c9fa
Better document nullable X.509 getters.
davidben Mar 15, 2021
a3437c0
Implement rsa_pkcs1_sha256_legacy.
davidben Feb 25, 2021
fb855a2
Move fips.c into a subdirectory.
davidben Mar 17, 2021
c953ee4
Add RNG support for FreeBSD.
bdhess Mar 16, 2021
b214741
Only pass -handshaker-path in split handshakes tests.
davidben Mar 17, 2021
b09f283
Add a Windows no-op impl of BORINGSSL_self_test
bdhess Mar 17, 2021
c9d3265
Generalize make_errors.go to allow EVP covering multiple directories.
davidben Mar 18, 2021
d9ee55a
Refactor HPKE API to include explicit length parameters.
dmcardle Mar 15, 2021
8c31179
Fix unnecessarily direction-specific tests in cipher_tests.txt
davidben Mar 19, 2021
e5fe31c
Revert "Implement rsa_pkcs1_sha256_legacy."
davidben Mar 19, 2021
502fcee
Test empty EVP_CIPHER inputs and fix exact memcpy overlap.
davidben Mar 19, 2021
477b309
Add X509_PUBKEY_get0_public_key.
davidben Mar 22, 2021
ac85c03
Do not access value.ptr with V_ASN1_BOOLEAN.
davidben Mar 21, 2021
a99d3a8
Document a few more functions in x509.h.
davidben Mar 21, 2021
9be3252
Remove X509_REQ_set_extension_nids and document related functions.
davidben Mar 21, 2021
5650816
Make generate_build_files.py python3 compatible.
yoshisatoyanagisawa Mar 23, 2021
edfe413
Automatically enable C11 atomics when available.
davidben Mar 22, 2021
d0b66c7
Bump minimum CMake version.
davidben Mar 22, 2021
49f0329
Remove GCC 4.8.99 check.
davidben Mar 22, 2021
139adff
Fix mismatch between header and implementation of bn_sqr_comba8.
davidben Mar 25, 2021
a24ab54
Use an unsized helper for truncated SHA-512 variants.
davidben Mar 25, 2021
20f7bba
Add some warnings on how to use OPENSSL_memory_* functions.
davidben Mar 24, 2021
04c44d9
Remove OPENSSL_DANGEROUS_RELEASE_PTHREAD_KEY build flag.
davidben Mar 24, 2021
da890de
Remove is_resume field on TestState.
davidben Mar 26, 2021
4aef687
Zero out FIPS counters.
agl Mar 29, 2021
3af6226
Enforce that pre_shared_key must come with psk_key_exchange_modes.
davidben Mar 30, 2021
0da75f3
FIPS counters for AES-CTR.
Mar 30, 2021
1a93f4f
modulewrapper: add option to print build information.
Mar 30, 2021
b9b0363
Tidy up handshaker tester.
davidben Mar 26, 2021
953650c
Define HANDSHAKER_SUPPORTED in once place.
davidben Mar 26, 2021
60a78dc
Remove tls13-split-handshakes flag.
davidben Mar 29, 2021
b62a48f
Remove some now unnecessary test exclusions from split handshakes.
davidben Mar 29, 2021
08b1729
Fix ssl/internal.h sectioning.
davidben Mar 29, 2021
0a6c3fc
Rearrange SSLKeyShare::Serialize.
davidben Mar 29, 2021
9bcf307
Fix some unreachable code in the QUIC handshaker driver.
davidben Mar 29, 2021
084064b
Add a few missing SSL_R_BIO_NOT_SET cases.
davidben Mar 29, 2021
6b9c012
Handle EINTR more in handshaker.cc.
davidben Mar 29, 2021
8d4c8fc
Make words in crypto/fipsmodule/modes actually words.
davidben Mar 29, 2021
ca45987
Move load/store helpers to crypto/internal.h.
davidben Mar 29, 2021
15e0f67
Fold ripemd/internal.h into ripemd.c.
davidben Mar 29, 2021
8501579
Fix MockQuicTransport::Flush error handling.
davidben Mar 31, 2021
dfde04f
Don't reset server callback expectations on new handshake.
davidben Mar 30, 2021
fd73985
Fix the spelling of HPKE AEAD constants.
davidben Apr 5, 2021
26a589e
runner: Move writeHash to the finishedHash struct.
davidben Apr 2, 2021
0508271
runner: Store a cipherSuite in ClientSessionState.
davidben Apr 2, 2021
f225516
runner: Remove remnants of the separate HelloRetryRequest message.
davidben Apr 2, 2021
7a15a70
runner: Remove CheckTLS13DowngradeRandom.
davidben Apr 3, 2021
5f757bc
runner: Fix writeClientHash and writeRecord ordering.
davidben Apr 3, 2021
99f6d4b
runner: Remove remnants of SSL 3.0.
davidben Apr 3, 2021
4b854a6
runner: Don't maintain two copies of the same transcript hash.
davidben Apr 3, 2021
4151b9f
runner: Don't use the buffer in TLS 1.3.
davidben Apr 3, 2021
d791fbd
runner: UpdateForHelloRetryRequest cannot fail.
davidben Apr 3, 2021
7d2ddd2
runner: Fix HPKE parameter order.
davidben Apr 5, 2021
fa2d3d5
runner: Fix ECH confirmation calculation with PSKs in tests.
davidben Apr 3, 2021
6810f0e
runner: Ensure helloBytes is always the same as hello.marshal().
davidben Apr 3, 2021
bff8834
runner: Test different V2ClientHello challenge lengths.
davidben Apr 3, 2021
7a0834b
Remove remnants of CBC SHA2 cipher suites.
davidben Apr 7, 2021
c31fb79
Simplify tls_cbc.c slightly.
davidben Apr 7, 2021
ca65bff
runner: Construct finishedHash earlier.
davidben Apr 3, 2021
61d5aab
runner: Remove unused field
davidben Apr 4, 2021
00e434d
Add ECH server (draft-ietf-tls-esni-09).
dmcardle Feb 18, 2021
669ffe6
Simplify the Lucky13 mitigation.
davidben Apr 7, 2021
3af8854
Fix ppc64le build.
Apr 12, 2021
2de33c6
Add ECH server config API to ssl_ctx_api fuzzer
dmcardle Apr 12, 2021
e2b7bb7
Only skip early data with HRR when offered.
davidben Apr 12, 2021
3b8c5ec
Rearrange key share and early data logic.
davidben Apr 12, 2021
e4c1917
Don't duplicate ServerHello construction code.
davidben Apr 12, 2021
12a3e7e
Check for invalid ALPN inputs in SSL_(CTX_)set_alpn_protos.
davidben Apr 13, 2021
09f71c1
acvp: support KAS-ECC-SSC staticUnified mode.
Apr 8, 2021
4382899
Add util/bot/libFuzzer to .gitignore.
davidben Apr 14, 2021
5545b61
Use a consistent plural for 'corpus'.
davidben Apr 14, 2021
94b477c
Record a fuzzing corpus for the ClientHelloInner decoder.
davidben Apr 14, 2021
7a1986c
acvp: support GMAC as an algorithm.
Apr 14, 2021
1596137
Export ssl_client_hello_init for fuzzers.
davidben Apr 15, 2021
666f2ab
Make our Python scripts Python-3-compatible.
davidben Mar 19, 2021
b571e77
Add experimental handshake hints API.
davidben Mar 25, 2021
2f3958a
Fix issuerUID and subjectUID parsing in the key usage checker.
davidben Apr 16, 2021
468cde9
Always encode booleans as DER.
davidben Apr 16, 2021
e60893c
Make X509_PUBKEY opaque.
davidben Apr 19, 2021
f0e6490
Document a few more x509.h functions.
davidben Apr 19, 2021
68a799a
acvptool: Fix typo hard-coding the HTTP method.
geegeea Apr 19, 2021
575d112
Make X509_ATTRIBUTE opaque.
davidben Apr 19, 2021
b173d91
Remove support for malformed X509_ATTRIBUTEs.
davidben Apr 19, 2021
daf1aca
Revert handshaker fd numbers and make StartProcess more flexible.
davidben Apr 20, 2021
ab7811e
Document and test X509_ATTRIBUTE creation functions.
davidben Apr 20, 2021
fcec391
Remove some BoringSSL-only X509_CINF functions.
davidben Apr 20, 2021
16c76ac
Include assembly optimizations in Bazel builds on Linux-aarch64.
PiotrSikora Apr 21, 2021
eec7f32
Use a placeholder for unknown errors in ERR_*_error_string.
davidben Apr 21, 2021
2e54edf
A couple of Aarch64 FIPS delocate fixes.
Apr 21, 2021
c5dc278
avcp: SHA-1 for ECDSA _verification_ is still supported by NIST.
Apr 22, 2021
354cd48
Clarify OBJ_get0_data and OBJ_get_length.
davidben Apr 22, 2021
782d9b6
Const-correct ASN1_OBJECT_create.
davidben Apr 22, 2021
a96f4dd
Rename X509V*_VERSION constants.
davidben Apr 28, 2021
1cf78cd
Use passive entropy collection everywhere.
Apr 29, 2021
d4f877e
Reference the newer ChaCha20-Poly1305 RFC.
davidben Apr 29, 2021
853ca1e
Remove non-deterministic bits from ECDSA ACVP test.
Apr 29, 2021
fe049e4
Document expected use of BTI and PAC macros.
davidben Apr 28, 2021
94a63a5
Implement ECH draft 10 and update HPKE to draft 08.
Apr 29, 2021
1264f0c
Correctly order PKCS#7 certificates and CRLs.
davidben May 3, 2021
9f70097
Remove HKDF-SHA384 and HKDF-SHA512 from HPKE.
davidben May 3, 2021
e4d6556
Remove HPKE PSK mode.
davidben May 3, 2021
198c5f5
Fix a memory leak with d2i_ASN1_OBJECT object reuse.
davidben May 5, 2021
da4390f
Revise the deterministic for_test variant of HPKE's SetupBaseS.
davidben May 3, 2021
1d842c6
Don't mark up the first word in a collective comment.
davidben May 5, 2021
f39c81d
Introduce EVP_HPKE_{AEAD,KDF} types.
davidben May 3, 2021
2b2cb7d
Switch HPKE to a three-parameter output buffer.
davidben May 4, 2021
9fc6174
acvp: move hash iterations into modulewrapper.
May 6, 2021
9f55d97
Make X509_SIG and X509_CERT_AUX opaque.
davidben May 5, 2021
9b2cdb7
Add SSL_can_release_private_key.
davidben Apr 2, 2021
f0e5ea2
Update ACVP URLs.
May 10, 2021
1d58cd1
Shift the KEM dependency in HPKE up a step.
davidben May 4, 2021
1eb7769
Refer to EVP_HPKE_CTX by a consistent name.
davidben May 7, 2021
070a6c3
Export the HPKE implementation.
davidben May 5, 2021
8349dfc
Fix the ech_accept comment.
davidben May 10, 2021
962b375
Move session ID assignment out of ssl_get_new_session.
davidben May 10, 2021
1f6c3dc
Simplify renego + resumption handling.
davidben May 10, 2021
6ff9429
Don't use SHA256(ticket) as the signaling session ID for tickets.
davidben May 10, 2021
71a3b82
Check for resumption identifiers in SSL_SESSION_is_resumable.
davidben May 10, 2021
4b066b0
Add APIs to manually fill in signatures for CRLs.
davidben May 14, 2021
29507b8
Validate RSA public keys more consistently.
davidben May 7, 2021
940475d
Be clearer which signing inputs are digests.
davidben May 13, 2021
a464674
Fix some includes.
davidben May 13, 2021
ddecaab
Check hs->early_session, not ssl->session, for the early data limit.
davidben May 13, 2021
aaecb82
Make X509_REQ and X509_REQ_INFO opaque.
davidben May 14, 2021
d89ec68
Remove draft tokbind implementation.
davidben May 18, 2021
747229e
Add a missing case to SSL_error_description.
davidben May 18, 2021
5e72294
fuzz/minimise_corpora.sh: Add shebang and chmod +x
dmcardle May 19, 2021
49ee62f
Update the ECH GREASE size selection.
davidben May 20, 2021
b778b9c
Const-correct SSL_get_srtp_profiles.
davidben May 20, 2021
aef0a88
runner: Reject all zero client and server randoms.
davidben May 17, 2021
3675eb3
GREASE is now RFC 8701.
davidben May 18, 2021
ef1d779
Don't try to write empty early data in the tool.
davidben May 21, 2021
4749d8f
Implement fuzzer mode for ECH server.
dmcardle May 20, 2021
d13dbf8
Refresh SSL corpora after adding ECH fuzzer mode.
dmcardle May 24, 2021
3dd9864
Test ECH server with unique and repeated config IDs.
dmcardle May 24, 2021
47cefed
Don't copy client's session ID into server's session.
May 26, 2021
92c6fbf
Fix array-parameter warnings
pefoley2 May 28, 2021
d4c3f2a
Ensure name not null in EVP_get_cipherbyname
codebytere Jun 1, 2021
4320bc4
Pull HASH_TRANSFORM out of md32_common.h.
davidben Mar 29, 2021
597ffef
Make md32_common.h single-included and use an unsized helper for SHA-…
davidben Mar 29, 2021
cf816d0
Add compatibility impl for EVP_PKEY_get0
codebytere Jun 2, 2021
a1d3bfb
Cite an RFC over 9000 (draft-ietf-quic-tls is now RFC 9001).
davidben Jun 1, 2021
7a3e801
fix #415: Perl scripts fail when building from a path with spaces
florin-crisan Jun 3, 2021
4848294
Remove impossible ssl->s3 null check.
davidben May 21, 2021
bc4c91a
DTLS-SRTP is only defined for DTLS.
davidben May 18, 2021
8acec00
Manage Channel ID handshake state better.
davidben May 19, 2021
b587911
Remove the Channel ID callback.
davidben May 18, 2021
bcef514
Const-correct message creation hooks.
davidben Jun 2, 2021
da15f29
Move ECH-related APIs to encrypted_client_hello.cc.
davidben May 20, 2021
5b7ec83
Reject the ECH extension in TLS 1.2 ServerHello.
davidben Jun 2, 2021
3a036c7
Add SSL_ech_accepted API and ech_is_required alerts.
davidben Jun 2, 2021
88df13d
Fix ECH-Server-RepeatedConfigID test.
davidben Jun 3, 2021
1241228
runner: Revise ECHConfig type in preparation for client implementation
davidben Jun 3, 2021
00bccd6
runner: Make echIsInner a boolean.
davidben Jun 3, 2021
1f54fd9
runner: Parse the status_request extension more strictly.
davidben Jun 3, 2021
7fffa46
runner: Implement ECH server for testing.
davidben Jun 4, 2021
26f186b
Implement a handshake hint for certificate compression.
davidben Jun 8, 2021
4e93cd4
Move the early_data_{offered,reason} logic out of extension callbacks.
davidben May 18, 2021
6c9758f
Release some temporaries outside of ClientHello callbacks.
davidben May 18, 2021
97ede40
Move key_share computation out of ClientHello callbacks.
davidben May 18, 2021
52b3638
Remove the extension init hook.
davidben May 19, 2021
33e8c78
Initialize grease_seed on construction.
davidben May 19, 2021
43ab56c
Pick up the GREASE ECH config ID from grease_seed.
davidben May 20, 2021
246c556
Compute the ECH GREASE payload outside of the callbacks.
davidben May 20, 2021
5fd91db
Fix documentation typo.
davidben Jun 10, 2021
14e51ad
Make add_clienthello callbacks const.
davidben May 19, 2021
5acf9f4
Replace hs->needs_psk_binder with an output parameter.
davidben May 24, 2021
e9109cb
Add move support to EVP_MD_CTX.
davidben May 22, 2021
9052286
Add a note about extension callback names.
davidben May 27, 2021
fb4d257
Shift some complexity out of ssl_add_clienthello_tlsext.
davidben Jun 1, 2021
c89ce97
Move the TLS vs DTLS header length adjustment into ssl_add_clienthell…
davidben Jun 2, 2021
b32aa05
Tidy up the PSK binder logic.
davidben Jun 2, 2021
350fe3b
Fix ext_pre_shared_key_clienthello_length calculation.
davidben Jun 2, 2021
cd89004
Don't pad the second ClientHello.
davidben Jun 2, 2021
0724e3d
runner: Self-check tests more accurately and earlier.
davidben Jun 5, 2021
c3b373b
Rename SSL_ECH_SERVER_CONFIG_LIST to SSL_ECH_KEYS.
davidben Jun 6, 2021
c890ae5
Make ECH server APIs take EVP_HPKE_KEY.
davidben Jun 6, 2021
24545c5
Add a basic API to make ECHConfigs.
davidben Jun 7, 2021
83a4993
Add most of an ECH client implementation.
davidben May 20, 2021
878795c
Remove outdated comment in primality testing.
davidben Jun 12, 2021
5358cb5
runner: Check the test name against the protocol being tested.
davidben Jun 12, 2021
e9c5d72
Add an option to permute ClientHello extension order.
davidben Jun 9, 2021
9734e44
More reliably report handshake errors through SSL_write.
davidben Jun 15, 2021
160a889
Add util/fetch_ech_config_list.go
dmcardle Jun 9, 2021
9a5abe0
Revert "Add util/fetch_ech_config_list.go"
davidben Jun 16, 2021
995574c
Reland "Add util/fetch_ech_config_list.go"
dmcardle Jun 9, 2021
6d3d069
Reformat x509_vfy.h and convert comments.
davidben Jun 17, 2021
36ea4d1
Move crypto/x509/vpm_int.h into internal.h.
davidben Jun 17, 2021
58abd2e
Make X509_VERIFY_PARAM opaque.
davidben Jun 17, 2021
869bf9f
Fold X509_VERIFY_PARAM_ID into X509_VERIFY_PARAM.
davidben Jun 18, 2021
9cbe737
Validate ECH public names.
davidben Jun 15, 2021
f315a86
Fix a -Wdeprecated-copy warning.
pkasting Jun 20, 2021
f25ada3
Prefix and unexport a2i_ipadd.
davidben Jun 16, 2021
ec552ca
Rename t1_lib.cc to extensions.cc.
davidben Jun 16, 2021
7f85116
Unexport almost all of LHASH.
davidben Jun 21, 2021
ec8c67d
Prefix internal LHASH functions.
davidben Jun 21, 2021
cafb992
Remove lh_FOO_doall.
davidben Jun 21, 2021
5206782
Compute ASN.1 BIT STRING sizes more consistently.
davidben Jun 19, 2021
5f8c681
Const-correct ASN1_item_verify a bit more.
davidben Jun 19, 2021
87be659
Document ASN1_STRING_to_UTF8.
davidben Jun 20, 2021
b147c99
Document some ASN1_INTEGER and ASN1_ENUMERATED functions.
davidben Jun 20, 2021
479adf9
Remove old ASN.1 SET macros.
davidben Jun 20, 2021
c41a3a9
runner: Fix process exit timeout.
davidben Jun 21, 2021
5d224a5
runner: Clean up test logic.
davidben Jun 21, 2021
afa867b
runner: Test that clients actually use renewed tickets.
davidben Jun 16, 2021
10a76ac
Only clear not_resumable after the handshake.
davidben Jun 16, 2021
a10017c
Reduce bouncing on the cache lock in ssl_update_cache.
davidben Jun 16, 2021
ca7ef8c
runner: Add a convenience function for base64 flags.
davidben Jun 17, 2021
ba423c9
Implement ClientHelloOuter handshakes.
davidben Jun 15, 2021
b90cddd
swtb is another AArch64 magic tweak.
Jun 24, 2021
25d501c
SHA-256 is used on AArch64, even if NO_ASM.
Jun 24, 2021
c220b5f
Decorate x509v3_a2i_ipadd declaration as its definition.
marinelli Jun 25, 2021
5514476
Update hpke_test.go.
Jun 28, 2021
e3a7bd0
Rename asn1_locl.h to internal.h.
davidben Jun 30, 2021
170045f
Make ASN1_OBJECT opaque.
davidben Jun 30, 2021
ae7c178
Add some OpenSSL compatibility aliases.
davidben Jul 1, 2021
919a973
conf: don't crash when parsing.
Jul 1, 2021
7ada846
conf: fix getting keys from the default section.
Jul 1, 2021
957f23d
Document a batch of extension-related functions in x509.h.
davidben Jun 28, 2021
2cf7a2c
Remove X509at_get0_data_by_OBJ.
davidben Jul 1, 2021
62d6ed6
Remove -2 return value from X509*_get_*_by_NID.
davidben Jul 1, 2021
ad5db96
Handle the server case in SSL_get0_ech_name_override.
davidben Jul 8, 2021
61a21e7
Fix sign bit in BN_div if numerator and quotient alias.
davidben Jul 8, 2021
268a4a6
Remove unused field in X509_NAME_ENTRY.
davidben Jul 8, 2021
ecc301c
Add a pointer alignment helper function.
davidben Jul 2, 2021
b86dcfe
Switch another malloc to bssl::Array.
davidben Jul 12, 2021
a5a9b54
Make X509_CRL opaque.
davidben Jul 14, 2021
94a608a
Make X509_EXTENSION opaque.
davidben Jul 14, 2021
7153013
hrss: use less stack space.
Jun 30, 2021
519c298
Always have CRYPTO_sysrand_for_seed.
Jul 15, 2021
61de933
boringssl upgrade
baentsch Aug 11, 2021
9853af4
correct test case
baentsch Aug 12, 2021
d282195
Merge branch 'master' into mb-519c2986c73c23461b130ad19b93fd7d081353d…
baentsch Aug 12, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Make ASN1_OBJECT opaque.
This cleans up the story with
https://boringssl-review.googlesource.com/c/boringssl/+/46164. None of
our exported functions mutate ASN1_OBJECTS, with the exception of
ASN1_OBJECT_free, the object reuse mode of c2i_ASN1_OBJECT, and their
callers. Those functions check flags to correctly handle static
ASN1_OBJECTs.

For now, I've kept the struct definition in crypto/asn1 even though
ASN1_OBJECT is partially in crypto/obj. Since we prefer to cut
dependencies to crypto/asn1, we probably should rearrange this later.

I've also, for now, kept crypto/asn1/internal.h at C-style comments,
though our style story here is weird. (Maybe it's time to clang-format
crypto/asn1 and crypto/x509? Patches from upstream rarely directly apply
anyway, since we're a mix of 1.0.2 and 1.1.1 in crypto/x509.)

Update-Note: ASN1_OBJECT is now opaque. Callers should use accessors.

Change-Id: I655e6bd8afda98a2d1e676c3abeb873aa8de6691
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/48326
Reviewed-by: Adam Langley <agl@google.com>
  • Loading branch information
davidben authored and agl committed Jun 30, 2021
commit 170045f4900cf6ffc2d5bf162a4ef196b2400e1a
1 change: 1 addition & 0 deletions crypto/asn1/a_object.c
Original file line number Diff line number Diff line change
@@ -64,6 +64,7 @@
#include <openssl/obj.h>

#include "../internal.h"
#include "internal.h"


int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp)
20 changes: 20 additions & 0 deletions crypto/asn1/internal.h
Original file line number Diff line number Diff line change
@@ -86,6 +86,26 @@ int OPENSSL_gmtime_diff(int *out_days, int *out_secs, const struct tm *from,

/* Internal ASN1 structures and functions: not for application use */

/* These are used internally in the ASN1_OBJECT to keep track of
* whether the names and data need to be free()ed */
#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */

/* An asn1_object_st (aka |ASN1_OBJECT|) represents an ASN.1 OBJECT IDENTIFIER.
* Note: Mutating an |ASN1_OBJECT| is only permitted when initializing it. The
* library maintains a table of static |ASN1_OBJECT|s, which may be referenced
* by non-const |ASN1_OBJECT| pointers. Code which receives an |ASN1_OBJECT|
* pointer externally must assume it is immutable, even if the pointer is not
* const. */
struct asn1_object_st {
const char *sn, *ln;
int nid;
int length;
const unsigned char *data; /* data remains const after init */
int flags; /* Should we free this one */
};

int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d);
int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d);

8 changes: 5 additions & 3 deletions crypto/digest_extra/digest_extra.c
Original file line number Diff line number Diff line change
@@ -58,11 +58,12 @@

#include <string.h>

#include <openssl/asn1.h>
#include <openssl/blake2.h>
#include <openssl/bytestring.h>
#include <openssl/obj.h>
#include <openssl/nid.h>

#include "../asn1/internal.h"
#include "../internal.h"
#include "../fipsmodule/digest/internal.h"

@@ -152,13 +153,14 @@ static const EVP_MD *cbs_to_md(const CBS *cbs) {
}

const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *obj) {
// Handle objects with no corresponding OID.
// Handle objects with no corresponding OID. Note we don't use |OBJ_obj2nid|
// here to avoid pulling in the OID table.
if (obj->nid != NID_undef) {
return EVP_get_digestbynid(obj->nid);
}

CBS cbs;
CBS_init(&cbs, obj->data, obj->length);
CBS_init(&cbs, OBJ_get0_data(obj), OBJ_length(obj));
return cbs_to_md(&cbs);
}

5 changes: 4 additions & 1 deletion crypto/obj/obj.c
Original file line number Diff line number Diff line change
@@ -67,10 +67,13 @@
#include <openssl/mem.h>
#include <openssl/thread.h>

#include "obj_dat.h"
#include "../asn1/internal.h"
#include "../internal.h"
#include "../lhash/internal.h"

// obj_data.h must be included after the definition of |ASN1_OBJECT|.
#include "obj_dat.h"


DEFINE_LHASH_OF(ASN1_OBJECT)

49 changes: 24 additions & 25 deletions crypto/obj/obj_test.cc
Original file line number Diff line number Diff line change
@@ -75,14 +75,16 @@ TEST(ObjTest, TestSignatureAlgorithms) {

static bool ExpectObj2Txt(const uint8_t *der, size_t der_len,
bool always_return_oid, const char *expected) {
ASN1_OBJECT obj;
OPENSSL_memset(&obj, 0, sizeof(obj));
obj.data = der;
obj.length = static_cast<int>(der_len);
bssl::UniquePtr<ASN1_OBJECT> obj(
ASN1_OBJECT_create(NID_undef, der, static_cast<int>(der_len),
/*sn=*/nullptr, /*ln=*/nullptr));
if (!obj) {
return false;
}

int expected_len = static_cast<int>(strlen(expected));

int len = OBJ_obj2txt(nullptr, 0, &obj, always_return_oid);
int len = OBJ_obj2txt(nullptr, 0, obj.get(), always_return_oid);
if (len != expected_len) {
fprintf(stderr,
"OBJ_obj2txt of %s with out_len = 0 returned %d, wanted %d.\n",
@@ -92,7 +94,7 @@ static bool ExpectObj2Txt(const uint8_t *der, size_t der_len,

char short_buf[1];
OPENSSL_memset(short_buf, 0xff, sizeof(short_buf));
len = OBJ_obj2txt(short_buf, sizeof(short_buf), &obj, always_return_oid);
len = OBJ_obj2txt(short_buf, sizeof(short_buf), obj.get(), always_return_oid);
if (len != expected_len) {
fprintf(stderr,
"OBJ_obj2txt of %s with out_len = 1 returned %d, wanted %d.\n",
@@ -109,7 +111,7 @@ static bool ExpectObj2Txt(const uint8_t *der, size_t der_len,
}

char buf[256];
len = OBJ_obj2txt(buf, sizeof(buf), &obj, always_return_oid);
len = OBJ_obj2txt(buf, sizeof(buf), obj.get(), always_return_oid);
if (len != expected_len) {
fprintf(stderr,
"OBJ_obj2txt of %s with out_len = 256 returned %d, wanted %d.\n",
@@ -166,34 +168,31 @@ TEST(ObjTest, TestObj2Txt) {
ASSERT_TRUE(ExpectObj2Txt(nullptr, 0, false /* return name */, ""));
ASSERT_TRUE(ExpectObj2Txt(nullptr, 0, true /* don't return name */, ""));

ASN1_OBJECT obj;
OPENSSL_memset(&obj, 0, sizeof(obj));

// kNonMinimalOID is kBasicConstraints with the final component non-minimally
// encoded.
static const uint8_t kNonMinimalOID[] = {
0x55, 0x1d, 0x80, 0x13,
};
obj.data = kNonMinimalOID;
obj.length = sizeof(kNonMinimalOID);
ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, &obj, 0));
static const uint8_t kNonMinimalOID[] = {0x55, 0x1d, 0x80, 0x13};
bssl::UniquePtr<ASN1_OBJECT> obj(
ASN1_OBJECT_create(NID_undef, kNonMinimalOID, sizeof(kNonMinimalOID),
/*sn=*/nullptr, /*ln=*/nullptr));
ASSERT_TRUE(obj);
ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, obj.get(), 0));

// kOverflowOID is the DER representation of
// 1.2.840.113554.4.1.72585.18446744073709551616. (The final value is 2^64.)
static const uint8_t kOverflowOID[] = {
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x04, 0x01, 0x84, 0xb7, 0x09,
0x82, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x00,
};
obj.data = kOverflowOID;
obj.length = sizeof(kOverflowOID);
ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, &obj, 0));
obj.reset(ASN1_OBJECT_create(NID_undef, kOverflowOID, sizeof(kOverflowOID),
/*sn=*/nullptr, /*ln=*/nullptr));
ASSERT_TRUE(obj);
ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, obj.get(), 0));

// kInvalidOID is a mis-encoded version of kBasicConstraints with the final
// octet having the high bit set.
static const uint8_t kInvalidOID[] = {
0x55, 0x1d, 0x93,
};
obj.data = kInvalidOID;
obj.length = sizeof(kInvalidOID);
ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, &obj, 0));
static const uint8_t kInvalidOID[] = {0x55, 0x1d, 0x93};
obj.reset(ASN1_OBJECT_create(NID_undef, kInvalidOID, sizeof(kInvalidOID),
/*sn=*/nullptr, /*ln=*/nullptr));
ASSERT_TRUE(obj);
ASSERT_EQ(-1, OBJ_obj2txt(NULL, 0, obj.get(), 0));
}
23 changes: 0 additions & 23 deletions include/openssl/asn1.h
Original file line number Diff line number Diff line change
@@ -593,29 +593,6 @@ OPENSSL_EXPORT int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
#define MBSTRING_BMP (MBSTRING_FLAG | 2)
#define MBSTRING_UNIV (MBSTRING_FLAG | 4)

// These are used internally in the ASN1_OBJECT to keep track of
// whether the names and data need to be free()ed
#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 // internal use
#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 // internal use
#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 // internal use

// An asn1_object_st (aka |ASN1_OBJECT|) represents an ASN.1 OBJECT IDENTIFIER.
//
// Note: Although the struct is exposed, mutating an |ASN1_OBJECT| is only
// permitted when initializing it. The library maintains a table of static
// |ASN1_OBJECT|s, which may be referenced by non-const |ASN1_OBJECT| pointers.
// Code which receives an |ASN1_OBJECT| pointer externally must assume it is
// immutable, even if the pointer is not const.
//
// TODO(davidben): Document this more completely in its own section.
struct asn1_object_st {
const char *sn, *ln;
int nid;
int length;
const unsigned char *data; // data remains const after init
int flags; // Should we free this one
};

DEFINE_STACK_OF(ASN1_OBJECT)

// ASN1_ENCODING structure: this is used to save the received
9 changes: 5 additions & 4 deletions include/openssl/obj.h
Original file line number Diff line number Diff line change
@@ -84,7 +84,8 @@ extern "C" {

// Basic operations.

// OBJ_dup returns a duplicate copy of |obj| or NULL on allocation failure.
// OBJ_dup returns a duplicate copy of |obj| or NULL on allocation failure. The
// caller must call |ASN1_OBJECT_free| on the result to release it.
OPENSSL_EXPORT ASN1_OBJECT *OBJ_dup(const ASN1_OBJECT *obj);

// OBJ_cmp returns a value less than, equal to or greater than zero if |a| is
@@ -133,9 +134,9 @@ OPENSSL_EXPORT int OBJ_txt2nid(const char *s);
// OBJ_nid2obj returns the |ASN1_OBJECT| corresponding to |nid|, or NULL if
// |nid| is unknown.
//
// This function returns a static, immutable |ASN1_OBJECT|. Although the output
// is not const, callers may not mutate it. It is also not necessary to release
// the object with |ASN1_OBJECT_free|.
// Although the output is not const, this function returns a static, immutable
// |ASN1_OBJECT|. It is not necessary to release the object with
// |ASN1_OBJECT_free|.
//
// However, functions like |X509_ALGOR_set0| expect to take ownership of a
// possibly dynamically-allocated |ASN1_OBJECT|. |ASN1_OBJECT_free| is a no-op