Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(420)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/child/webcrypto/openssl/util_openssl.cc

Issue 685063007: Check trailing data when parsing ASN.1. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: NSS... Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/child/webcrypto/nss/rsa_key_nss.cc ('K') | « content/child/webcrypto/nss/rsa_key_nss.cc ('k') | content/test/data/webcrypto/bad_rsa_keys.json » ('j') | crypto/rsa_private_key_nss.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/child/webcrypto/openssl/util_openssl.h" 5 #include "content/child/webcrypto/openssl/util_openssl.h"
6 6
7 #include <openssl/evp.h> 7 #include <openssl/evp.h>
8 #include <openssl/pkcs12.h> 8 #include <openssl/pkcs12.h>
9 9
10 #include "base/stl_util.h" 10 #include "base/stl_util.h"
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after
184 } 184 }
185 185
186 Status ImportUnverifiedPkeyFromSpki(const CryptoData& key_data, 186 Status ImportUnverifiedPkeyFromSpki(const CryptoData& key_data,
187 int expected_pkey_id, 187 int expected_pkey_id,
188 crypto::ScopedEVP_PKEY* pkey) { 188 crypto::ScopedEVP_PKEY* pkey) {
189 if (!key_data.byte_length()) 189 if (!key_data.byte_length())
190 return Status::ErrorImportEmptyKeyData(); 190 return Status::ErrorImportEmptyKeyData();
191 191
192 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 192 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
193 193
194 crypto::ScopedBIO bio(BIO_new_mem_buf(const_cast<uint8_t*>(key_data.bytes()), 194 const uint8_t* ptr = key_data.bytes();
195 key_data.byte_length())); 195 pkey->reset(d2i_PUBKEY(nullptr, &ptr, key_data.byte_length()));
196 if (!bio.get()) 196 if (!pkey->get() || ptr != key_data.bytes() + key_data.byte_length())
197 return Status::ErrorUnexpected();
198
199 pkey->reset(d2i_PUBKEY_bio(bio.get(), NULL));
200 if (!pkey->get())
201 return Status::DataError(); 197 return Status::DataError();
202 198
203 if (EVP_PKEY_id(pkey->get()) != expected_pkey_id) 199 if (EVP_PKEY_id(pkey->get()) != expected_pkey_id)
204 return Status::DataError(); // Data did not define expected key type. 200 return Status::DataError(); // Data did not define expected key type.
205 201
206 return Status::Success(); 202 return Status::Success();
207 } 203 }
208 204
209 Status ImportUnverifiedPkeyFromPkcs8(const CryptoData& key_data, 205 Status ImportUnverifiedPkeyFromPkcs8(const CryptoData& key_data,
210 int expected_pkey_id, 206 int expected_pkey_id,
211 crypto::ScopedEVP_PKEY* pkey) { 207 crypto::ScopedEVP_PKEY* pkey) {
212 if (!key_data.byte_length()) 208 if (!key_data.byte_length())
213 return Status::ErrorImportEmptyKeyData(); 209 return Status::ErrorImportEmptyKeyData();
214 210
215 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 211 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
216 212
217 crypto::ScopedBIO bio(BIO_new_mem_buf(const_cast<uint8_t*>(key_data.bytes()), 213 const uint8_t* ptr = key_data.bytes();
218 key_data.byte_length()));
219 if (!bio.get())
220 return Status::ErrorUnexpected();
221
222 crypto::ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>::Type 214 crypto::ScopedOpenSSL<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_free>::Type
223 p8inf(d2i_PKCS8_PRIV_KEY_INFO_bio(bio.get(), NULL)); 215 p8inf(d2i_PKCS8_PRIV_KEY_INFO(nullptr, &ptr, key_data.byte_length()));
224 if (!p8inf.get()) 216 if (!p8inf.get() || ptr != key_data.bytes() + key_data.byte_length())
225 return Status::DataError(); 217 return Status::DataError();
226 218
227 pkey->reset(EVP_PKCS82PKEY(p8inf.get())); 219 pkey->reset(EVP_PKCS82PKEY(p8inf.get()));
228 if (!pkey->get()) 220 if (!pkey->get())
229 return Status::DataError(); 221 return Status::DataError();
230 222
231 if (EVP_PKEY_id(pkey->get()) != expected_pkey_id) 223 if (EVP_PKEY_id(pkey->get()) != expected_pkey_id)
232 return Status::DataError(); // Data did not define expected key type. 224 return Status::DataError(); // Data did not define expected key type.
233 225
234 return Status::Success(); 226 return Status::Success();
235 } 227 }
236 228
237 BIGNUM* CreateBIGNUM(const std::string& n) { 229 BIGNUM* CreateBIGNUM(const std::string& n) {
238 return BN_bin2bn(reinterpret_cast<const uint8_t*>(n.data()), n.size(), NULL); 230 return BN_bin2bn(reinterpret_cast<const uint8_t*>(n.data()), n.size(), NULL);
239 } 231 }
240 232
241 std::vector<uint8_t> BIGNUMToVector(const BIGNUM* n) { 233 std::vector<uint8_t> BIGNUMToVector(const BIGNUM* n) {
242 std::vector<uint8_t> v(BN_num_bytes(n)); 234 std::vector<uint8_t> v(BN_num_bytes(n));
243 BN_bn2bin(n, vector_as_array(&v)); 235 BN_bn2bin(n, vector_as_array(&v));
244 return v; 236 return v;
245 } 237 }
246 238
247 } // namespace webcrypto 239 } // namespace webcrypto
248 240
249 } // namespace content 241 } // namespace content
OLDNEW
« content/child/webcrypto/nss/rsa_key_nss.cc ('K') | « content/child/webcrypto/nss/rsa_key_nss.cc ('k') | content/test/data/webcrypto/bad_rsa_keys.json » ('j') | crypto/rsa_private_key_nss.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698