summaryrefslogtreecommitdiffstats
path: root/crypto/pkcs7 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Avoid NULL dereference with PKCS7_OP_SET_DETACHED_SIGNATURETomas Mraz2024-12-021-0/+5
| | | | | | | | | | We would dereference p7->d.sign pointer which can be NULL. Reported by Han Zheng. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26078)
* Use sk_X509_ATTRIBUTE_deep_copy() to copy attribute stacks in pk7_doit.cNiels Dossche2024-11-281-20/+2
| | | | | | | | Clean up the code by using the dedicated stack copy function. Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25713)
* Add support for p7->d.sign->contents with the V_ASN1_SEQUENCE typeolszomal2024-10-211-4/+55
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22575)
* Fix potential memory leak in PKCS7_signatureVerify()Niels Dossche2024-10-071-3/+3
| | | | | | | | | | | | | | | Fixes #25594 The code jumps to an error block when EVP_VerifyUpdate fails. This error block does not free abuf. In the success path the abuf memory is freed. Move the free operation to the error block. CLA: trivial Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25596)
* Copyright year updatesTomas Mraz2024-09-054-4/+4
| | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
* When calling ASN1_item_i2d () check both returned length and allocated pointerXZ-X2024-08-202-2/+6
| | | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24979)
* {CMS,PKCS7}_verify(): use 'certs' parameter ('-certfile' option) also for ↵Dr. David von Oheimb2024-07-173-20/+27
| | | | | | | | chain building Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18916)
* Fix possible double-free in pkcs7 add_attribute functionBernd Edlinger2024-07-081-25/+18
| | | | | | | | | | | | | | | | The problem is the ownership of the input parameter value is transfered to the X509_ATTRIBUTE object attr, as soon as X509_ATTRIBUTE_create succeeds, but when an error happens after that point there is no way to get the ownership back to the caller, which is necessary to fullfill the API contract. Fixed that by moving the call to X509_ATTRIBUTE_create to the end of the function, and make sure that no errors are possible after that point. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22721)
* Copyright year updatesRichard Levitte2024-04-092-2/+2
| | | | | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
* PKCS7: Remove one of the duplicate checksJiasheng Jiang2024-03-111-2/+1
| | | | | | | | | | | | | | There are two consecutive identical checks "if (i <= 0)". We can remove one of them to make the code clear. CLA: trivial Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23741)
* Add NULL checks where ContentInfo data can be NULLMatt Caswell2024-01-251-2/+5
| | | | | | | | | | | | | | PKCS12 structures contain PKCS7 ContentInfo fields. These fields are optional and can be NULL even if the "type" is a valid value. OpenSSL was not properly accounting for this and a NULL dereference can occur causing a crash. CVE-2024-0727 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23361)
* Fix possible memleak in PKCS7_add0_attrib_signing_timeBernd Edlinger2023-11-221-3/+9
| | | | | | | | | | | | When PKCS7_add_signed_attribute fails, the ASN1_TIME object may be leaked when it was not passed in as input parameter. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22772)
* Fix a possible memleak in PKCS7_add_attrib_smimecapBernd Edlinger2023-11-221-2/+6
| | | | | | | | | | | When PKCS7_add_signed_attribute fails, the ASN1_STRING object may be leaked. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22744)
* CMS and PKCS7: fix handlling of EVP_PKEY_get_size() failureDr. David von Oheimb2023-10-261-4/+3
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22459)
* Copyright year updatesMatt Caswell2023-09-073-3/+3
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
* CMS, PKCS7, and CRMF: simplify use of EVP_PKEY_decrypt() by helper functionDr. David von Oheimb2023-05-301-15/+4
| | | | | | | | | | Also remove needless constant_time_* and ERR_clear_error() calls from OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/17354)
* Support signedAndEnveloped content in PKCS7_decrypt()Tomas Mraz2023-02-071-1/+2
| | | | | Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* pk7_doit.c: Check return of BIO_set_md() callsTomas Mraz2023-02-071-2/+10
| | | | | | | | | | | | | | | | These calls invoke EVP_DigestInit() which can fail for digests with implicit fetches. Subsequent EVP_DigestUpdate() from BIO_write() or EVP_DigestFinal() from BIO_read() will segfault on NULL dereference. This can be triggered by an attacker providing PKCS7 data digested with MD4 for example if the legacy provider is not loaded. If BIO_set_md() fails the md BIO cannot be used. CVE-2023-0401 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
* Do not dereference PKCS7 object data if not setTomas Mraz2023-02-071-4/+12
| | | | | | | Fixes CVE-2023-0216 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Fix incomplete check on EVP_CIPHER_param_to_asn1()ndossche2023-02-021-1/+1
| | | | | | | | | | | | | | | | That function is a wrapper around evp_cipher_param_to_asn1_ex() which can return 0 as an error value via its ret <= 0 check [1]. Furthermore, all other callers of this function check against <= 0 instead of < 0 and this is also in line with what the documentation tells us. Fix the incomplete check by changing it to <= 0 as well. CLA: trivial [1] https://github.com/openssl/openssl/blob/114d99b46bfb212ffc510865df317ca2c1542623/crypto/evp/evp_lib.c#L164-L165 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20180)
* Fix incomplete checks for EVP_CIPHER_asn1_to_paramNiels Dossche2023-01-251-1/+1
| | | | | | | | | | | | | | | | EVP_CIPHER_asn1_to_param() returns a value <= 0 in case of an error, and a value greater than 0 in case of success. Two callsites only check for < 0 instead of <= 0. The other callsites perform this check correctly. Change the two callsites to <= 0. Additionally correctly handle a zero return value from EVP_CIPHER_get_asn1_iv as success. Fixes: #20116 CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/201213)
* smime/pkcs7: disable the Bleichenbacher workaroundHubert Kario2022-12-121-0/+7
| | | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13817)
* pkcs7: Remove unused includesCameron Cawley2022-11-091-5/+0
| | | | | | | | | CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19608)
* crypto/*: Fix various typos, repeated words, align some spelling to LDP.FdaSilvaYY2022-10-121-1/+1
| | | | | | | | | | | | partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - host name -> hostname - ipv6 -> IPv6 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19059)
* Stop raising ERR_R_MALLOC_FAILURE in most placesRichard Levitte2022-10-055-40/+30
| | | | | | | | | | | | | | | | | | | | | | | Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
* X509_STORE_CTX_set_default(): improve error handling, also in its useDavid von Oheimb2022-09-161-1/+2
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/18918)
* PKCS7: add notes to pkcs7.h.in and minor code cleanup in crypto/{pkcs7,cms}/Dr. David von Oheimb2022-09-021-6/+7
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18915)
* PKCS7_dataVerify(): fix missing use of CRLs in PKCS#7 messageDr. David von Oheimb2022-09-011-11/+17
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18913)
* x509_att.c: improve error checking and reporting and coding styleDr. David von Oheimb2022-08-241-5/+5
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18931)
* Handle SMIME_crlf_copy return codeAlon Bar-Lev2022-07-281-1/+2
| | | | | | | | | | | | | | Currently the SMIME_crlf_copy result is ignored in all usages. It does return failure when memory allocation fails. This patch handles the SMIME_crlf_copy return code in all occurrences. Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18876)
* Revert unnecessary PKCS7_verify() performance optimizationNikolas2022-06-021-25/+4
| | | | | | | | | | It appears that creating temporary read-only mem BIO won't increase performance significally anymore. But it increases PKCS7_verify() complexity, so should be removed. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16590)
* Fix the checks of BIO_get_cipher_statusPeiwei Hu2022-06-021-2/+2
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/18424)
* Fix the incorrect checks of EVP_CIPHER_CTX_set_key_lengthPeiwei Hu2022-05-271-1/+1
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18397)
* Fix check of dtls1_process_recordPeiwei Hu2022-05-261-2/+2
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18369)
* Update copyright yearMatt Caswell2022-05-031-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
* Fix malloc failure handling of X509_ALGOR_set0()Dr. David von Oheimb2022-01-141-12/+14
| | | | | | | Also update and slightly extend the respective documentation and simplify some code. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16251)
* Update copyright yearMatt Caswell2021-06-171-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15801)
* Teach more of the ASN.1 code about libctx/propqMatt Caswell2021-06-052-3/+19
| | | | | | | | | | Make sure we pass libctx/propq down to all the layers so that objects that are created during parsing have the right values. Then use this new capability for PKCS7. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15591)
* Rename all getters to use get/get0 in nameTomas Mraz2021-06-012-15/+15
| | | | | | | | | | | | | | For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
* add zero strenght arguments to BN and RAND RNG callsPauli2021-05-291-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
* err: rename err_load_xxx_strings_int functionsPauli2021-05-261-1/+1
| | | | | | | | The new names are ossl_err_load_xxx_strings. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15446)
* Make SMIME_read_CMS_ex() and SMIME_read_ASN1_ex() support binary inputDr. David von Oheimb2021-05-191-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12959)
* Add library context and property query support into the PKCS12 APIJon Spillett2021-04-302-0/+33
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434)
* Modify OBJ_nid2sn(OBJ_obj2nid(...)) occurences to use OBJ_obj2txt()Richard Levitte2021-04-182-13/+23
| | | | | | | | | | | The intention is to allow for OIDs for which libcrypto has no information, but are still fetchable for OSSL_ALGORITHM implementations that specify an OID amongst their names. Fixes #14278 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14498)
* Add "origin" field to EVP_CIPHER, EVP_MDRich Salz2021-04-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a "where did this EVP_{CIPHER,MD} come from" flag: global, via fetch, or via EVP_{CIPHER,MD}_meth_new. Update EVP_{CIPHER,MD}_free to handle all three origins. The flag is deliberately right before some function pointers, so that compile-time failures (int/pointer) will occur, as opposed to taking a bit in the existing "flags" field. The "global variable" flag is non-zero, so the default case of using OPENSSL_zalloc (for provider ciphers), will do the right thing. Ref-counting is a no-op for Make up_ref no-op for global MD and CIPHER objects Deprecate EVP_MD_CTX_md(). Added EVP_MD_CTX_get0_md() (same semantics as the deprecated function) and EVP_MD_CTX_get1_md(). Likewise, deprecate EVP_CIPHER_CTX_cipher() in favor of EVP_CIPHER_CTX_get0_cipher(), and add EVP_CIPHER_CTX_get1_CIPHER(). Refactor EVP_MD_free() and EVP_MD_meth_free() to call new common evp_md_free_int() function. Refactor EVP_CIPHER_free() and EVP_CIPHER_meth_free() to call new common evp_cipher_free_int() function. Also change some flags tests to explicit test == or != zero. E.g., if (flags & x) --> if ((flags & x) != 0) if (!(flags & x)) --> if ((flags & x) == 0) Only done for those lines where "get0_cipher" calls were made. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
* Deprecate the EVP_PKEY controls for CMS and PKCS#7Tomas Mraz2021-04-061-60/+0
| | | | | | | | | | | | | Improve the ossl_rsa_check_key() to prevent non-signature operations with PSS keys. Do not invoke the EVP_PKEY controls for CMS and PKCS#7 anymore as they are not needed anymore and deprecate them. Fixes #14276 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14760)
* Add ossl_ x509 symbolsShane Lontis2021-03-181-2/+2
| | | | | | | Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
* TS and CMS CAdES-BES: Refactor check_signing_certs() funcs into common ESS funcDr. David von Oheimb2021-03-181-4/+4
| | | | | | | Also constify related CMS/PKCS7 functions and improve error codes thrown. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14503)
* misc: other init function param additionsPauli2021-03-111-1/+2
| | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
* Update copyright yearMatt Caswell2021-03-111-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-19 18:02:11 +0100