/[smeserver]/rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-8275.patch
ViewVC logotype

Contents of /rpms/openssl/sme8/openssl-fips-0.9.8e-cve-2014-8275.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.1 - (show annotations) (download)
Wed Apr 15 14:21:06 2015 UTC (9 years, 1 month ago) by vip-ire
Branch: MAIN
CVS Tags: openssl-0_9_8e-33_1_el5_sme, HEAD 
* Wed Apr 15 2015 Daniel Berteaud <daniel@firewall-services.com 0.9.8e-33.1.sme
- update with ca-bundle.crt from SME 9 [SME: 8909]
1 diff -up openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c
2 --- openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c.cert-fingerprint 2005-07-26 22:55:14.000000000 +0200
3 +++ openssl-fips-0.9.8e/crypto/asn1/a_bitstr.c 2015-04-02 14:09:34.065642198 +0200
4 @@ -136,11 +136,16 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN
5
6 p= *pp;
7 i= *(p++);
8 + if (i > 7)
9 + {
10 + i=ASN1_R_INVALID_BIT_STRING_BITS_LEFT;
11 + goto err;
12 + }
13 /* We do this to preserve the settings. If we modify
14 * the settings, via the _set_bit function, we will recalculate
15 * on output */
16 ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
17 - ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
18 + ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|i); /* set */
19
20 if (len-- > 1) /* using one because of the bits left byte */
21 {
22 diff -up openssl-fips-0.9.8e/crypto/asn1/asn1_err.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/asn1_err.c
23 --- openssl-fips-0.9.8e/crypto/asn1/asn1_err.c.cert-fingerprint 2015-04-01 12:41:27.000000000 +0200
24 +++ openssl-fips-0.9.8e/crypto/asn1/asn1_err.c 2015-04-02 14:38:16.854073649 +0200
25 @@ -228,6 +228,7 @@ static ERR_STRING_DATA ASN1_str_reasons[
26 {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"},
27 {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
28 {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
29 +{ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT),"invalid bit string bits left"},
30 {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
31 {ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
32 {ERR_REASON(ASN1_R_INVALID_MODIFIER) ,"invalid modifier"},
33 diff -up openssl-fips-0.9.8e/crypto/asn1/asn1.h.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/asn1.h
34 --- openssl-fips-0.9.8e/crypto/asn1/asn1.h.cert-fingerprint 2015-04-01 12:41:27.000000000 +0200
35 +++ openssl-fips-0.9.8e/crypto/asn1/asn1.h 2015-04-02 14:36:44.517001476 +0200
36 @@ -741,6 +741,7 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE,
37
38 int ASN1_TYPE_get(ASN1_TYPE *a);
39 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
40 +int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
41
42 ASN1_OBJECT * ASN1_OBJECT_new(void );
43 void ASN1_OBJECT_free(ASN1_OBJECT *a);
44 @@ -1174,6 +1175,7 @@ void ERR_load_ASN1_strings(void);
45 #define ASN1_R_ILLEGAL_TIME_VALUE 184
46 #define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
47 #define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
48 +#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
49 #define ASN1_R_INVALID_BMPSTRING_LENGTH 129
50 #define ASN1_R_INVALID_DIGIT 130
51 #define ASN1_R_INVALID_MODIFIER 186
52 diff -up openssl-fips-0.9.8e/crypto/asn1/a_type.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/a_type.c
53 --- openssl-fips-0.9.8e/crypto/asn1/a_type.c.cert-fingerprint 2005-05-17 18:50:45.000000000 +0200
54 +++ openssl-fips-0.9.8e/crypto/asn1/a_type.c 2015-04-02 14:32:45.960662004 +0200
55 @@ -59,6 +59,7 @@
56 #include <stdio.h>
57 #include "cryptlib.h"
58 #include <openssl/asn1t.h>
59 +#include <openssl/objects.h>
60
61 int ASN1_TYPE_get(ASN1_TYPE *a)
62 {
63 @@ -82,3 +83,52 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int typ
64
65 IMPLEMENT_STACK_OF(ASN1_TYPE)
66 IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
67 +
68 +/* Returns 0 if they are equal, != 0 otherwise. */
69 +int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
70 + {
71 + int result = -1;
72 +
73 + if (!a || !b || a->type != b->type) return -1;
74 +
75 + switch (a->type)
76 + {
77 + case V_ASN1_OBJECT:
78 + result = OBJ_cmp(a->value.object, b->value.object);
79 + break;
80 + case V_ASN1_BOOLEAN:
81 + result = a->value.boolean - b->value.boolean;
82 + break;
83 + case V_ASN1_NULL:
84 + result = 0; /* They do not have content. */
85 + break;
86 + case V_ASN1_INTEGER:
87 + case V_ASN1_NEG_INTEGER:
88 + case V_ASN1_ENUMERATED:
89 + case V_ASN1_NEG_ENUMERATED:
90 + case V_ASN1_BIT_STRING:
91 + case V_ASN1_OCTET_STRING:
92 + case V_ASN1_SEQUENCE:
93 + case V_ASN1_SET:
94 + case V_ASN1_NUMERICSTRING:
95 + case V_ASN1_PRINTABLESTRING:
96 + case V_ASN1_T61STRING:
97 + case V_ASN1_VIDEOTEXSTRING:
98 + case V_ASN1_IA5STRING:
99 + case V_ASN1_UTCTIME:
100 + case V_ASN1_GENERALIZEDTIME:
101 + case V_ASN1_GRAPHICSTRING:
102 + case V_ASN1_VISIBLESTRING:
103 + case V_ASN1_GENERALSTRING:
104 + case V_ASN1_UNIVERSALSTRING:
105 + case V_ASN1_BMPSTRING:
106 + case V_ASN1_UTF8STRING:
107 + case V_ASN1_OTHER:
108 + default:
109 + result = ASN1_STRING_cmp((ASN1_STRING *) a->value.ptr,
110 + (ASN1_STRING *) b->value.ptr);
111 + break;
112 + }
113 +
114 + return result;
115 + }
116 diff -up openssl-fips-0.9.8e/crypto/asn1/a_verify.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/a_verify.c
117 --- openssl-fips-0.9.8e/crypto/asn1/a_verify.c.cert-fingerprint 2015-04-01 12:41:28.000000000 +0200
118 +++ openssl-fips-0.9.8e/crypto/asn1/a_verify.c 2015-04-02 14:34:50.143434774 +0200
119 @@ -90,6 +90,12 @@ int ASN1_verify(i2d_of_void *i2d, X509_A
120 goto err;
121 }
122
123 + if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
124 + {
125 + ASN1err(ASN1_F_ASN1_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
126 + goto err;
127 + }
128 +
129 inl=i2d(data,NULL);
130 buf_in=OPENSSL_malloc((unsigned int)inl);
131 if (buf_in == NULL)
132 @@ -139,6 +145,12 @@ int ASN1_item_verify(const ASN1_ITEM *it
133 return -1;
134 }
135
136 + if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
137 + {
138 + ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
139 + return -1;
140 + }
141 +
142 EVP_MD_CTX_init(&ctx);
143 i=OBJ_obj2nid(a->algorithm);
144 type=EVP_get_digestbyname(OBJ_nid2sn(i));
145 diff -up openssl-fips-0.9.8e/crypto/asn1/x_algor.c.cert-fingerprint openssl-fips-0.9.8e/crypto/asn1/x_algor.c
146 --- openssl-fips-0.9.8e/crypto/asn1/x_algor.c.cert-fingerprint 2001-07-27 04:22:23.000000000 +0200
147 +++ openssl-fips-0.9.8e/crypto/asn1/x_algor.c 2015-04-02 14:39:32.561772635 +0200
148 @@ -71,3 +71,14 @@ IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
149
150 IMPLEMENT_STACK_OF(X509_ALGOR)
151 IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
152 +
153 +int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
154 + {
155 + int rv;
156 + rv = OBJ_cmp(a->algorithm, b->algorithm);
157 + if (rv)
158 + return rv;
159 + if (!a->parameter && !b->parameter)
160 + return 0;
161 + return ASN1_TYPE_cmp(a->parameter, b->parameter);
162 + }
163 diff -up openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c.cert-fingerprint openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c
164 --- openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c.cert-fingerprint 2007-04-06 02:30:16.000000000 +0200
165 +++ openssl-fips-0.9.8e/crypto/dsa/dsa_asn1.c 2015-04-02 14:52:06.303693362 +0200
166 @@ -194,6 +194,9 @@ int DSA_verify(int type, const unsigned
167 const unsigned char *sigbuf, int siglen, DSA *dsa)
168 {
169 DSA_SIG *s;
170 + const unsigned char *p = sigbuf;
171 + unsigned char *der = NULL;
172 + int derlen = -1;
173 int ret=-1;
174 #ifdef OPENSSL_FIPS
175 if(FIPS_mode() && !(dsa->flags & DSA_FLAG_NON_FIPS_ALLOW))
176 @@ -205,9 +208,18 @@ int DSA_verify(int type, const unsigned
177
178 s = DSA_SIG_new();
179 if (s == NULL) return(ret);
180 - if (d2i_DSA_SIG(&s,&sigbuf,siglen) == NULL) goto err;
181 + if (d2i_DSA_SIG(&s,&p,siglen) == NULL) goto err;
182 + /* Ensure signature uses DER and doesn't have trailing garbage */
183 + derlen = i2d_DSA_SIG(s, &der);
184 + if (derlen != siglen || memcmp(sigbuf, der, derlen))
185 + goto err;
186 ret=DSA_do_verify(dgst,dgst_len,s,dsa);
187 err:
188 + if (derlen > 0)
189 + {
190 + OPENSSL_cleanse(der, derlen);
191 + OPENSSL_free(der);
192 + }
193 DSA_SIG_free(s);
194 return(ret);
195 }
196 diff -up openssl-fips-0.9.8e/crypto/x509/x_all.c.cert-fingerprint openssl-fips-0.9.8e/crypto/x509/x_all.c
197 --- openssl-fips-0.9.8e/crypto/x509/x_all.c.cert-fingerprint 2005-07-16 13:13:08.000000000 +0200
198 +++ openssl-fips-0.9.8e/crypto/x509/x_all.c 2015-04-02 14:42:00.894101419 +0200
199 @@ -73,6 +73,8 @@
200
201 int X509_verify(X509 *a, EVP_PKEY *r)
202 {
203 + if (X509_ALGOR_cmp(a->sig_alg, a->cert_info->signature))
204 + return 0;
205 return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CINF),a->sig_alg,
206 a->signature,a->cert_info,r));
207 }
208 diff -up openssl-fips-0.9.8e/crypto/x509/x509.h.cert-fingerprint openssl-fips-0.9.8e/crypto/x509/x509.h
209 --- openssl-fips-0.9.8e/crypto/x509/x509.h.cert-fingerprint 2015-04-01 12:41:27.000000000 +0200
210 +++ openssl-fips-0.9.8e/crypto/x509/x509.h 2015-04-02 14:40:57.452677705 +0200
211 @@ -841,6 +841,7 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_
212 X509_CRL *X509_CRL_dup(X509_CRL *crl);
213 X509_REQ *X509_REQ_dup(X509_REQ *req);
214 X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
215 +int X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b);
216 X509_NAME *X509_NAME_dup(X509_NAME *xn);
217 X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
218
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed