feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

Merge pull request #1380 from SparkiDev/ber_indef

Browse Source 
Support indefinite length BER encodings in PKCS #7
This commit is contained in:
toddouska
2018-02-22 08:31:26 -08:00
committed by GitHub
parent 7a2aa6bc13 274110a10c
commit 20e7d2d426
8 changed files with 440 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
configure.ac
View File

@ -217,6 +217,7 @@ then
enable_aeskeywrap=yes
enable_x963kdf=yes
enable_scrypt=yes
enable_indef=yes
AM_CFLAGS="-DHAVE_AES_DECRYPT $AM_CFLAGS"
fi
@ -2662,6 +2663,19 @@ fi
AM_CONDITIONAL([BUILD_SRP], [test "x$ENABLED_SRP" = "xyes"])
# Indefinite length encoded BER message support
AC_ARG_ENABLE([indef],
[AS_HELP_STRING([--enable-indef],[Enable parsing of indefinite length encoded msgs (default: disabled)])],
[ ENABLED_BER_INDEF=$enableval ],
[ ENABLED_BER_INDEF=no ]
)
if test "x$ENABLED_BER_INDEF" = "xyes"
then
AM_CFLAGS="$AM_CFLAGS -DASN_BER_TO_DER"
fi
# Small Stack
AC_ARG_ENABLE([smallstack],
@ -4247,6 +4261,7 @@ echo " * SIGNAL: $ENABLED_SIGNAL"
echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS"
echo " * DTLS: $ENABLED_DTLS"
echo " * SCTP: $ENABLED_SCTP"
echo " * Indefinite Length: $ENABLED_BER_INDEF"
echo " * Multicast: $ENABLED_MCAST"
echo " * Old TLS Versions: $ENABLED_OLD_TLS"
echo " * SSL version 3.0: $ENABLED_SSLV3"

205
wolfcrypt/src/asn.c
View File

@ -786,6 +786,211 @@ static word32 SetBitString(word32 len, byte unusedBits, byte* output)
}
#endif /* !NO_RSA || HAVE_ECC || HAVE_ED25519 */
#ifdef ASN_BER_TO_DER
/* Convert a BER encoding with indefinite length items to DER.
*
* ber BER encoded data.
* berSz Length of BER encoded data.
* der Buffer to hold DER encoded version of data.
* NULL indicates only the length is required.
* derSz The size of the buffer to hold the DER encoded data.
* Will be set if der is NULL, otherwise the value is checked as der is
* filled.
* returns ASN_PARSE_E if the BER data is invalid and BAD_FUNC_ARG if ber or
* derSz are NULL.
*/
int wc_BerToDer(const byte* ber, word32 berSz, byte* der, word32* derSz)
{
int ret;
word32 i, j, k;
int len, l;
int indef;
int depth = 0;
byte type;
word32 cnt, sz;
word32 outSz;
byte lenBytes[4];
if (ber == NULL || derSz == NULL)
return BAD_FUNC_ARG;
outSz = *derSz;
for (i = 0, j = 0; i < berSz; ) {
/* Check that there is data for an ASN item to parse. */
if (i + 2 > berSz)
return ASN_PARSE_E;
/* End Of Content (EOC) mark end of indefinite length items.
* EOCs are not encoded in DER.
* Keep track of no. indefinite length items that have not been
* terminated in depth.
*/
if (ber[i] == 0 && ber[i+1] == 0) {
if (depth == 0)
break;
if (--depth == 0)
break;
i += 2;
continue;
}
/* Indefinite length is encoded as: 0x80 */
type = ber[i];
indef = ber[i+1] == ASN_INDEF_LENGTH;
if (indef && (type & 0xC0) == 0 &&
ber[i] != (ASN_SEQUENCE | ASN_CONSTRUCTED) &&
ber[i] != (ASN_SET | ASN_CONSTRUCTED)) {
/* Indefinite length OCTET STRING or other simple type.
* Put all the data into one entry.
*/
/* Type no longer constructed. */
type &= ~ASN_CONSTRUCTED;
if (der != NULL) {
/* Ensure space for type. */
if (j + 1 >= outSz)
return BUFFER_E;
der[j] = type;
}
i++; j++;
/* Skip indefinite length. */
i++;
/* There must be further ASN1 items to combine. */
if (i + 2 > berSz)
return ASN_PARSE_E;
/* Calculate length of combined data. */
len = 0;
k = i;
while (ber[k] != 0x00) {
/* Each ASN item must be the same type as the constructed. */
if (ber[k] != type)
return ASN_PARSE_E;
k++;
ret = GetLength(ber, &k, &l, berSz);
if (ret < 0)
return ASN_PARSE_E;
k += l;
len += l;
/* Must at least have terminating EOC. */
if (k + 2 > berSz)
return ASN_PARSE_E;
}
/* Ensure a valid EOC ASN item. */
if (ber[k+1] != 0x00)
return ASN_PARSE_E;
if (der == NULL) {
/* Add length of ASN item length encoding and data. */
j += SetLength(len, lenBytes);
j += len;
}
else {
/* Check space for encoded length. */
if (SetLength(len, lenBytes) > outSz - j)
return BUFFER_E;
/* Encode new length. */
j += SetLength(len, der + j);
/* Encode data in single item. */
k = i;
while (ber[k] != 0x00) {
/* Skip ASN type. */
k++;
/* Find length of data in ASN item. */
ret = GetLength(ber, &k, &l, berSz);
if (ret < 0)
return ASN_PARSE_E;
/* Ensure space for data and copy in. */
if (j + l > outSz)
return BUFFER_E;
XMEMCPY(der + j, ber + k, l);
k += l; j += l;
}
}
/* Continue conversion after EOC. */
i = k + 2;
continue;
}
if (der != NULL) {
/* Ensure space for type and at least one byte of length. */
if (j + 1 >= outSz)
return BUFFER_E;
/* Put in type. */
der[j] = ber[i];
}
i++; j++;
if (indef) {
/* Skip indefinite length. */
i++;
/* Calculate the size of the data inside constructed. */
ret = wc_BerToDer(ber + i, berSz - i, NULL, &sz);
if (ret != LENGTH_ONLY_E)
return ret;
if (der != NULL) {
/* Ensure space for encoded length. */
if (SetLength(sz, lenBytes) > outSz - j)
return BUFFER_E;
/* Encode real length. */
j += SetLength(sz, der + j);
}
else {
/* Add size of encoded length. */
j += SetLength(sz, lenBytes);
}
/* Another EOC to find. */
depth++;
}
else {
/* Get the size of the encode length and length value. */
cnt = i;
ret = GetLength(ber, &cnt, &len, berSz);
if (ret < 0)
return ASN_PARSE_E;
cnt -= i;
/* Check there is enough data to copy out. */
if (i + cnt + len > berSz)
return ASN_PARSE_E;
if (der != NULL) {
/* Ensure space in DER buffer. */
if (j + cnt + len > outSz)
return BUFFER_E;
/* Copy length and data into DER buffer. */
XMEMCPY(der + j, ber + i, cnt + len);
}
/* Continue conversion after this ASN item. */
i += cnt + len;
j += cnt + len;
}
}
if (depth >= 1)
return ASN_PARSE_E;
/* Return length if no buffer to write to. */
if (der == NULL) {
*derSz = j;
return LENGTH_ONLY_E;
}
return 0;
}
#endif
#if defined(WOLFSSL_CERT_GEN) || defined(WOLFSSL_KEY_GEN)
#if (!defined(NO_RSA) && !defined(HAVE_USER_RSA)) || \

3
wolfcrypt/src/error.c
View File

@ -449,6 +449,9 @@ const char* wc_GetErrorString(int error)
case PRIME_GEN_E:
return "Unable to find a prime for RSA key";
case BER_INDEF_E:
return "Unable to decode an indefinite length encoded message";
default:
return "unknown error number";

85
wolfcrypt/src/pkcs7.c
View File

@ -338,6 +338,11 @@ void wc_PKCS7_Free(PKCS7* pkcs7)
return;
wc_PKCS7_FreeDecodedAttrib(pkcs7->decodedAttrib, pkcs7->heap);
#ifdef ASN_BER_TO_DER
if (pkcs7->der != NULL)
XFREE(pkcs7->der, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
#endif
}
@ -1839,6 +1844,9 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
byte* signedAttrib = NULL;
int contentSz = 0, sigSz = 0, certSz = 0, signedAttribSz = 0;
byte degenerate;
#ifdef ASN_BER_TO_DER
byte* der;
#endif
if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0)
return BAD_FUNC_ARG;
@ -1849,6 +1857,30 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
if (length == 0 && pkiMsg[idx-1] == 0x80) {
#ifdef ASN_BER_TO_DER
word32 len;
ret = wc_BerToDer(pkiMsg, pkiMsgSz, NULL, &len);
if (ret != LENGTH_ONLY_E)
return ret;
pkcs7->der = (byte*)XMALLOC(len, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (pkcs7->der == NULL)
return MEMORY_E;
ret = wc_BerToDer(pkiMsg, pkiMsgSz, pkcs7->der, &len);
if (ret < 0)
return ret;
pkiMsg = pkcs7->der;
pkiMsgSz = len;
idx = 0;
if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
#else
return BER_INDEF_E;
#endif
}
/* Get the contentInfo contentType */
if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
return ASN_PARSE_E;
@ -1959,8 +1991,14 @@ int wc_PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz)
certSz += (certIdx - idx);
}
#ifdef ASN_BER_TO_DER
der = pkcs7->der;
#endif
/* This will reset PKCS7 structure and then set the certificate */
wc_PKCS7_InitWithCert(pkcs7, cert, certSz);
#ifdef ASN_BER_TO_DER
pkcs7->der = der;
#endif
/* iterate through any additional certificates */
if (MAX_PKCS7_CERTS > 0) {
@ -4299,6 +4337,7 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
int encryptedContentSz;
byte padLen;
byte* encryptedContent = NULL;
int explicitOctet;
if (pkcs7 == NULL || pkcs7->singleCert == NULL ||
pkcs7->singleCertSz == 0 || pkcs7->privateKey == NULL ||
@ -4313,6 +4352,30 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
if (length == 0 && pkiMsg[idx-1] == 0x80) {
#ifdef ASN_BER_TO_DER
word32 len;
ret = wc_BerToDer(pkiMsg, pkiMsgSz, NULL, &len);
if (ret != LENGTH_ONLY_E)
return ret;
pkcs7->der = (byte*)XMALLOC(len, pkcs7->heap, DYNAMIC_TYPE_PKCS7);
if (pkcs7->der == NULL)
return MEMORY_E;
ret = wc_BerToDer(pkiMsg, pkiMsgSz, pkcs7->der, &len);
if (ret < 0)
return ret;
pkiMsg = pkcs7->der;
pkiMsgSz = len;
idx = 0;
if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0)
return ASN_PARSE_E;
#else
return BER_INDEF_E;
#endif
}
if (wc_GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0)
return ASN_PARSE_E;
@ -4435,13 +4498,17 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
XMEMCPY(tmpIv, &pkiMsg[idx], length);
idx += length;
explicitOctet = pkiMsg[idx] == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0);
/* read encryptedContent, cont[0] */
if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) {
if (pkiMsg[idx] != (ASN_CONTEXT_SPECIFIC | 0) &&
pkiMsg[idx] != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(decryptedKey, NULL, DYNAMIC_TYPE_PKCS7);
#endif
return ASN_PARSE_E;
}
idx++;
if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
@ -4450,6 +4517,22 @@ WOLFSSL_API int wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
return ASN_PARSE_E;
}
if (explicitOctet) {
if (pkiMsg[idx++] != ASN_OCTET_STRING) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(decryptedKey, NULL, DYNAMIC_TYPE_PKCS7);
#endif
return ASN_PARSE_E;
}
if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) <= 0) {
#ifdef WOLFSSL_SMALL_STACK
XFREE(decryptedKey, NULL, DYNAMIC_TYPE_PKCS7);
#endif
return ASN_PARSE_E;
}
}
encryptedContent = (byte*)XMALLOC(encryptedContentSz, pkcs7->heap,
DYNAMIC_TYPE_PKCS7);
if (encryptedContent == NULL) {

123
wolfcrypt/test/test.c
View File

@ -316,6 +316,9 @@ int memory_test(void);
#ifdef HAVE_VALGRIND
int mp_test(void);
#endif
#ifdef ASN_BER_TO_DER
int berder_test(void);
#endif
int logging_test(void);
int mutex_test(void);
#if defined(USE_WOLFSSL_MEMORY) && !defined(FREERTOS)
@ -883,6 +886,13 @@ int wolfcrypt_test(void* args)
printf( "mp test passed!\n");
#endif
#ifdef ASN_BER_TO_DER
if ( (ret = berder_test()) != 0)
return err_sys("ber-der test failed!\n", ret);
else
printf( "ber-der test passed!\n");
#endif
if ( (ret = logging_test()) != 0)
return err_sys("logging test failed!\n", ret);
else
@ -16693,6 +16703,10 @@ int pkcs7encrypted_test(void)
testSz = sizeof(testVectors) / sizeof(pkcs7EncryptedVector);
for (i = 0; i < testSz; i++) {
ret = wc_PKCS7_Init(&pkcs7, HEAP_HINT, devId);
if (ret != 0)
return -7599;
pkcs7.content = (byte*)testVectors[i].content;
pkcs7.contentSz = testVectors[i].contentSz;
pkcs7.contentOID = testVectors[i].contentOID;
@ -16701,7 +16715,6 @@ int pkcs7encrypted_test(void)
pkcs7.encryptionKeySz = testVectors[i].encryptionKeySz;
pkcs7.unprotectedAttribs = testVectors[i].attribs;
pkcs7.unprotectedAttribsSz = testVectors[i].attribsSz;
pkcs7.heap = HEAP_HINT;
/* encode encryptedData */
encryptedSz = wc_PKCS7_EncodeEncryptedData(&pkcs7, encrypted,
@ -17349,6 +17362,114 @@ done:
}
#endif
#ifdef ASN_BER_TO_DER
typedef struct berDerTestData {
const byte *in;
word32 inSz;
const byte *out;
word32 outSz;
} berDerTestData;
int berder_test(void)
{
int ret;
int i;
word32 len, l;
byte out[32];
static const byte good1_in[] = { 0x30, 0x80, 0x00, 0x00 };
static const byte good1_out[] = { 0x30, 0x00 };
static const byte good2_in[] = { 0x30, 0x80, 0x02, 0x01, 0x01, 0x00, 0x00 };
static const byte good2_out[] = { 0x30, 0x03, 0x02, 0x01, 0x01 };
static const byte good3_in[] = {
0x24, 0x80, 0x04, 0x01, 0x01, 0x00, 0x00
};
static const byte good3_out[] = { 0x04, 0x1, 0x01 };
static const byte good4_in[] = {
0x30, 0x80,
0x02, 0x01, 0x01,
0x30, 0x80,
0x24, 0x80,
0x04, 0x01, 0x01,
0x04, 0x02, 0x02, 0x03,
0x00, 0x00,
0x06, 0x01, 0x01,
0x00, 0x00,
0x31, 0x80,
0x06, 0x01, 0x01,
0x00, 0x00,
0x00, 0x00,
};
static const byte good4_out[] = {
0x30, 0x0d,
0x02, 0x01, 0x01,
0x30, 0x08,
0x04, 0x03, 0x01, 0x02, 0x03,
0x06, 0x01, 0x01,
0x31, 0x03,
0x06, 0x01, 0x01
};
berDerTestData testData[] = {
{ good1_in, sizeof(good1_in), good1_out, sizeof(good1_out) },
{ good2_in, sizeof(good2_in), good2_out, sizeof(good2_out) },
{ good3_in, sizeof(good3_in), good3_out, sizeof(good3_out) },
{ good4_in, sizeof(good4_in), good4_out, sizeof(good4_out) },
};
for (i = 0; i < (int)(sizeof(testData) / sizeof(*testData)); i++) {
ret = wc_BerToDer(testData[i].in, testData[i].inSz, NULL, &len);
if (ret != LENGTH_ONLY_E)
return -7830 - i;
if (len != testData[i].outSz)
return -7840 - i;
len = testData[i].outSz;
ret = wc_BerToDer(testData[i].in, testData[i].inSz, out, &len);
if (ret != 0)
return -7850 - i;
if (XMEMCMP(out, testData[i].out, len) != 0)
return -7860 - i;
for (l = 1; l < testData[i].inSz; l++) {
ret = wc_BerToDer(testData[i].in, l, NULL, &len);
if (ret != ASN_PARSE_E)
return -7870;
len = testData[i].outSz;
ret = wc_BerToDer(testData[i].in, l, out, &len);
if (ret != ASN_PARSE_E)
return -7871;
}
}
ret = wc_BerToDer(NULL, 4, NULL, NULL);
if (ret != BAD_FUNC_ARG)
return -7880;
ret = wc_BerToDer(out, 4, NULL, NULL);
if (ret != BAD_FUNC_ARG)
return -7881;
ret = wc_BerToDer(NULL, 4, NULL, &len);
if (ret != BAD_FUNC_ARG)
return -7882;
ret = wc_BerToDer(NULL, 4, out, NULL);
if (ret != BAD_FUNC_ARG)
return -7883;
ret = wc_BerToDer(out, 4, out, NULL);
if (ret != BAD_FUNC_ARG)
return -7884;
ret = wc_BerToDer(NULL, 4, out, &len);
if (ret != BAD_FUNC_ARG)
return -7885;
for (l = 1; l < sizeof(good4_out); l++) {
len = l;
ret = wc_BerToDer(good4_in, sizeof(good4_in), out, &len);
if (ret != BUFFER_E)
return -7890;
}
return 0;
}
#endif
#ifdef DEBUG_WOLFSSL
static THREAD_LS_T int log_cnt = 0;
static void my_Logging_cb(const int logLevel, const char *const logMessage)

6
wolfssl/wolfcrypt/asn.h
View File

@ -86,7 +86,8 @@ enum ASN_Tags {
ASN_GENERALIZED_TIME = 0x18,
CRL_EXTENSIONS = 0xa0,
ASN_EXTENSIONS = 0xa3,
ASN_LONG_LENGTH = 0x80
ASN_LONG_LENGTH = 0x80,
ASN_INDEF_LENGTH = 0x80
};
#define ASN_UTC_TIME_SIZE 14
@ -765,6 +766,9 @@ struct TrustedPeerCert {
#define WOLFSSL_ASN_API WOLFSSL_LOCAL
#endif
WOLFSSL_ASN_API int wc_BerToDer(const byte* ber, word32 berSz, byte* der,
word32* derSz);
WOLFSSL_ASN_API void FreeAltNames(DNS_entry*, void*);
#ifndef IGNORE_NAME_CONSTRAINTS
WOLFSSL_ASN_API void FreeNameSubtrees(Base_entry*, void*);

4
wolfssl/wolfcrypt/error-crypt.h
View File

@ -198,7 +198,9 @@ enum {
PSS_SALTLEN_E = -250, /* PSS length of salt is to long for hash */
PRIME_GEN_E = -251, /* Failure finding a prime. */
WC_LAST_E = -251, /* Update this to indicate last error */
BER_INDEF_E = -252, /* Cannot decode indefinite length BER. */
WC_LAST_E = -252, /* Update this to indicate last error */
MIN_CODE_E = -300 /* errors -101 - -299 */
/* add new companion error id strings for any new error codes

3
wolfssl/wolfcrypt/pkcs7.h
View File

@ -100,6 +100,9 @@ typedef struct PKCS7 {
byte* issuer; /* issuer name of singleCert */
byte* privateKey; /* private key, DER, not owner */
void* heap; /* heap hint for dynamic memory */
#ifdef ASN_BER_TO_DER
byte* der; /* DER encoded version of message */
#endif
byte* cert[MAX_PKCS7_CERTS];
/* Encrypted-data Content Type */