Commit Graph

1313 Commits

Author SHA1 Message Date
Jonathan M. Wilbur
91bc783a93 Support all NULL-syntax X.509v3 extensions
Signed-off-by: Jonathan M. Wilbur <jonathan@wilbur.space>

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21342)
2023-09-25 15:12:04 -04:00
Dimitri Papadopoulos
bbaeadb068 "foo * bar" should be "foo *bar"
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Dimitri Papadopoulos
ad31628cfe Remove repeated words
Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)
2023-09-11 10:15:30 +02:00
Matt Caswell
da1c088f59 Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
2023-09-07 09:59:15 +01:00
Tomas Mraz
6404d064b8 ossl_x509_store_ctx_get_by_subject(): Check return value of X509_STORE_lock()
Fixes Coverity 1539148

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21755)
2023-08-18 15:06:18 +02:00
vl-loz
4a469cba27 Add X509_STORE_CTX_set_get_crl and X509_STORE_CTX_set_current_reasons
This change is for feature request #21679.

Adds a couple of setters to aid with custom CRL validation.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21737)
2023-08-17 21:34:12 +02:00
slontis
39ed7636e0 Fix decoders so that they use the passed in propq.
Fixes #21198

decoder objects were setting propq as NULL.
Added a set_ctx/settable_ctx to all decoders that should supply
a property query parameter to internal functions.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21219)
2023-08-16 18:02:51 +02:00
3lswear
945fde53a3 Check i2d_X509_NAME return in X509_NAME_hash_ex/old
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21697)
2023-08-16 10:46:14 +02:00
Matt Caswell
e3d897d3fa Fix a regression in X509_VERIFY_PARAM_add0_policy()
Also fixes a similar regression in X509_VERIFY_PARAM_add0_table().

Commit 38ebfc3 introduced a regression in 3.0.6 that changed the return
value of the two functions above from 1 on success to the number of entries
in the stack. If there are more than one entry then this is a change in
behaviour which should not have been introduced into a stable release.

This reverts the behaviour back to what it was prior to the change. The code
is slightly different to the original code in that we also handle a possible
-1 return value from the stack push function. This should never happen in
reality because we never pass a NULL stack as a parameter - but for the sake
of robustness we handle it anyway.

Note that the changed behaviour exists in all versions of 3.1 (it never had
the original version). But 3.1 should be fully backwards compatible with 3.0
so we should change it there too.

Fixes #21570

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/21576)
2023-07-31 14:11:03 +01:00
atishkov
ae29622f39 x509/by_file.c: fix unreachable and redundant code
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/21545)
2023-07-27 10:26:11 -04:00
atishkov
bc5d9cc871 get_cert_by_subject_ex(): Check result of X509_STORE_lock()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21515)
2023-07-25 17:02:20 +02:00
atishkov
46e9590376 x509: add ASN1_STRING_set() check result
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21497)
2023-07-25 12:08:14 +10:00
Adam Šulc
7551264186 fix: reject adding a duplicity into STACK_OF(X509_ATTRIBUTE)
Function `X509at_add1_attr()` (crypto/x509/x509_att.c) rejects to add a duplicity into `*x` but it searches in a wrong stack.

Changed to search in `*x`.

CLA: trivial

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21505)
2023-07-24 12:44:46 +10:00
Pauli
a903a132a4 x509: update to structure based atomics
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21260)
2023-07-01 21:18:25 +10:00
Hugo Landau
dfdbc113ee Partially revert #18070 (Add support for Windows CA certificate store)
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21190)
2023-06-15 18:01:59 +10:00
Dimitri Papadopoulos
eb4129e12c Fix typos found by codespell
Typos in doc/man* will be fixed in a different commit.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20910)
2023-06-15 10:11:46 +10:00
Yi Li
4032cd9a14 configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).

Signed-off-by: Yi Li <yi1.li@intel.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)
2023-06-14 13:06:22 +10:00
Wim Decroix
ec59752835 X509_NAME_cmp fix for empty name
CLA: trivial

Fixes #21156

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21155)
2023-06-12 15:25:43 +02:00
Theo Buehler
959c150a1d Fix incorrect ERR_raise() calls
A few ERR_raise() calls in v3_purp.c use the wrong library. For example,
in OpenSSL 3.1.1 we get

00000000:error:0580009E:x509 certificate routines:ossl_x509v3_cache_extensions:reason(158):crypto/x509/v3_purp.c:635:

instead of

00000000:error:1100009E:X509 V3 routines:ossl_x509v3_cache_extensions:invalid certificate:crypto/x509/v3_purp.c:635:

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21168)
2023-06-12 08:26:20 +02:00
Tomas Mraz
4bcbf8d444 Coverity 1531872: j is not used anywhere later, remove the assignment 2023-06-10 19:23:59 -04:00
Vladimír Kotal
3ca28c9e81 allow to disable http
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21108)
2023-06-06 11:05:02 +10:00
Matt Caswell
80935bf5ad Don't take a write lock to retrieve a value from a stack
ossl_x509_store_ctx_get_by_subject() was taking a write lock for the
store, but was only (usually) retrieving a value from the stack of
objects. We take a read lock instead.

Partially fixes #20286

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20952)
2023-06-05 09:09:32 +10:00
Matt Caswell
50001e0e15 Avoid an unneccessary lock if we didn't add anything to the store
Partially fixes #20286

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20952)
2023-06-05 09:09:23 +10:00
Clemens Lang
95a8aa6dc0 x509: Handle ossl_policy_level_add_node errors
The invocation of ossl_policy_level_add_node in tree_calculate_user_set
did not have any error handling. Add it to prevent a memory leak for the
allocated extra policy data.

Also add error handling to sk_X509_POLICY_NODE_push to ensure that if
a new node was allocated, but could not be added to the stack, it is
freed correctly.

Fix error handling if tree->user_policies cannot be allocated by
returning 0, indicating failure, rather than 1.

Signed-off-by: Clemens Lang <cllang@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21040)
2023-05-29 14:52:27 +02:00
Clemens Lang
de53817ec3 x509: Fix possible use-after-free when OOM
ossl_policy_level_add_node() first adds the new node to the level->nodes
stack, and then attempts to add extra data if extra_data is true. If
memory allocation or adding the extra data to tree->extra_data fails,
the allocated node (that has already been added to the level->nodes
stack) is freed using ossl_policy_node_free(), which leads to
a potential use after free.

Additionally, the tree's node count and the parent's child count would
not be updated, despite the new node being added.

Fix this by either performing the function's purpose completely, or not
at all by reverting the changes on error.

Signed-off-by: Clemens Lang <cllang@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21040)
2023-05-29 14:52:26 +02:00
Pauli
efe0222f5c x509: sort stacks before finds
x509_trust.c, x509_vpm.c and v3_lib.c don't have a lock for their sorts.
This is no worse than the existing code which sorted silently without locks.

Addition is quadratic time in by_dir.c and v3_purp.c.  However, this
is an improvement over the older O(n^2 log n) code where each find also
sorted the stack.  Also note that v3_purp.c is limited to a maximum of
10 items, so quadratic behaviour isn't terrible.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/20842)
2023-05-01 17:14:42 +10:00
Pauli
3ef5b60097 x509: sort stacks prior to searching
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20782)
2023-04-28 09:24:06 +02:00
Petr Mikhalicin
4e5f3d6913 Fix checking return code of EVP_PKEY_get_int_param at check_curve
According to docs, EVP_PKEY_get_int_param should return 1 on Success, and
0 on Failure. So, fix checking of this return value at check_curve

CLA: trivial

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20770)
2023-04-21 10:17:52 +02:00
Todd Short
3c95ef22df RFC7250 (RPK) support
Add support for the RFC7250 certificate-type extensions.
Alows the use of only private keys for connection (i.e. certs not needed).

Add APIs
Add unit tests
Add documentation
Add s_client/s_server support

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18185)
2023-03-28 13:49:54 -04:00
Matt Caswell
e4142ec43b Ensure that EXFLAG_INVALID_POLICY is checked even in leaf certs
Even though we check the leaf cert to confirm it is valid, we
later ignored the invalid flag and did not notice that the leaf
cert was bad.

Fixes: CVE-2023-0465

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20585)
2023-03-28 13:31:38 +02:00
Pauli
3a81370f75 x509: excessive resource use verifying policy constraints
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints.  Attackers may be able to exploit this
vulnerability by creating a malicious certificate chain that triggers
exponential use of computational resources, leading to a denial-of-service
(DoS) attack on affected systems.

Fixes CVE-2023-0464

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/20571)
2023-03-22 11:24:45 +11:00
Dr. David von Oheimb
1caa4835eb doc/man3/X509_STORE_CTX_get_error.pod: make order consistent, add some missing entries
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20450)
2023-03-15 08:32:18 +11:00
Michael Baentsch
ee58915cfd first cut at sigalg loading
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19312)
2023-02-24 11:02:48 +11:00
Hugo Landau
7880536fe1 Fix GENERAL_NAME_cmp for x400Address (master)
CVE-2023-0286

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2023-02-07 17:05:10 +01:00
Tomas Mraz
604247bf75 Do not create DSA keys without parameters by decoder
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2023-02-07 17:05:10 +01:00
Viktor Dukhovni
748f478f81 Fix type confusion in nc_match_single()
This function assumes that if the "gen" is an OtherName, then the "base"
is a rfc822Name constraint. This assumption is not true in all cases.
If the end-entity certificate contains an OtherName SAN of any type besides
SmtpUtf8Mailbox and the CA certificate contains a name constraint of
OtherName (of any type), then "nc_email_eai" will be invoked, with the
OTHERNAME "base" being incorrectly interpreted as a ASN1_IA5STRING.

Reported by Corey Bonnell from Digicert.

CVE-2022-4203

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
2023-02-07 17:05:10 +01:00
Dr. David von Oheimb
342e3652c7 APPS: generated certs bear X.509 V3, unless -x509v1 option of req app is given
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19271)
2023-01-24 15:16:47 +01:00
Dr. David von Oheimb
7e0013d973 X509{,_CRL,_REVOKED}_{set,sign}*(): fix 'modified' field and return values
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19271)
2023-01-24 15:16:25 +01:00
Hugo Landau
3147785eb2 Fix corruption when searching for CRLs in hashed directories
The by_dir certificate/CRL lookup code uses an OPENSSL_STACK to track
how many sequentially numbered CRL files have been loaded for a given
X509_NAME hash which is being requested. This avoids loading already
loaded CRL files and repeated stat() calls.

This OPENSSL_STACK is searched using sk_find, however this mutates
the OPENSSL_STACK unless it is known to be sorted. This operation
therefore requires a write lock, which was not taken.

Fix this issue by sorting the OPENSSL_STACK whenever it is mutated. This
guarantees no mutation will occur during sk_find. This is chosen over
taking a write lock during sk_find as retrieving a CRL by X509_NAME is
assumed to be a hotter path than the case where a new CRL is installed.

Also optimise the code by avoiding creating the structure to track the
last CRL file sequence number in the circumstance where it would match
the initial value, namely where no CRL with the given hash is installed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20076)
2023-01-24 11:23:17 +11:00
Dr. David von Oheimb
ec6cbda0f2 X509_V_ERR_INVALID_PURPOSE: fix misleading text; Fix omission in X509_VERIFY_PARAM_clear_flags doc
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/20052)
2023-01-23 11:00:04 +01:00
Niels Dossche
53b5d6c30f Fix incorrect error return value in i2r_ADMISSION_SYNTAX()
The other implementations of i2r return 0 in case of an error, but
i2r_ADMISSION_SYNTAX() returns -1. That means the check on i2r does not
catch the error. Change it to return 0 like the others do.

Fixes: #20066

CLA: trivial

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20068)
2023-01-19 14:15:19 +01:00
Peiwei Hu
dd1f28427b Refine the documents of several APIs
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19816)
2022-12-16 18:59:28 +01:00
Pauli
4d0340a6d2 x509: fix double locking problem
This reverts commit 9aa4be691f and removed the
redundant flag setting.

Fixes #19643

Fixes LOW CVE-2022-3996

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19652)
2022-12-08 11:10:58 +01:00
slontis
26cfa4cd85 Fix coverity issues in X509v3_addr
CID 1516955 : Null pointer deref (REVERSE_INULL)
CID 1516954 : Null pointer deref (REVERSE_INULL)
CID 1516953 : RESOURCE_LEAK of child

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19700)
2022-11-21 12:41:25 +01:00
Dr. David von Oheimb
8a2f9a7cc8 x509/v3_purp.c: rename 'require_ca' parameters to the more adequate 'non_leaf'
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19064)
2022-11-18 15:10:01 +01:00
Dr. David von Oheimb
3fa6dbd1be x509/v3_purp.c etc.: improve doc/comments on codesign and timestamp purpose checks
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19064)
2022-11-18 15:10:01 +01:00
Graham Woodward
9351f675fa Catch incorrect IPAddressFamily lengths
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19273)
2022-11-16 17:19:25 +01:00
Pauli
905ba92439 punycode: update to use WPACKET instead of using custom range checking
Add test for `.' overflows, remove the output size argument from
ossl_a2ulabel() since it was never used and greatly complicated the code.
Convert ossl_a2ulabel() to use WPACKET for building the output string.
Update the documentation to match the new definition of ossl_a2ulabel().

x509: let punycode handle the '\0' string termination.  Saves a memset(3)
and some size fiddling.  Also update to deal with the modified parameters.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/19591)
2022-11-11 08:14:47 +11:00
slontis
820723dde0 Add d2i_PUBKEY_ex_fp and d2i_PUBKEY_ex_bio.
These functions pass a library content and prop query.
The i2d documentation related to these functions has been corrected since the bio and fp functions always return 0 or 1.

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18427)
2022-11-02 11:25:48 +01:00
Sam James
c713186685 x509: fix -Wunused-but-set-variable
The value of 'l' isn't ever actually used.

Fixes this error with Clang 15:
```
crypto/x509/x_name.c:506:9: error: variable 'l' set but not used [-Werror,-Wunused-but-set-variable]
    int l, i;
        ^
1 error generated.
```

Signed-off-by: Sam James <sam@gentoo.org>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19450)
2022-10-21 15:56:32 +02:00