From: tye1 Date: Fri, 28 Oct 2011 07:41:26 +0000 (+0000) Subject: 1. Fix build break issue for NOOPT target. X-Git-Tag: edk2-stable201903~14010 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=da9e7418daad22aee7b48790c1d1db5d2ede7e58 1. Fix build break issue for NOOPT target. 2. Fix potential system hang issue in X509_STORE_CTX_cleanup. 3. Fix potential overflow when convert UINTN to INT. 4. Update Pkcs7Sign() to output stripped PKCS#7 SignedData. 5. Update Pkcs7Verify() to support both wrapped/stripped PKCS#7 SignedData. Signed-off-by: tye Reviewed-by: xdu2 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12593 6f19259b-4bc3-4df7-8a09-765794883524 --- diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c index bc5c93ff98..ed53b2dcbf 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c +++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c @@ -85,6 +85,10 @@ RsaGetPrivateKeyFromPem ( ASSERT (PemData != NULL); ASSERT (RsaContext != NULL); + if (PemSize > INT_MAX) { + return FALSE; + } + Status = FALSE; PemBio = NULL; diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index 5f93e4af93..0370fd77a5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -65,6 +65,10 @@ AuthenticodeVerify ( ASSERT (AuthData != NULL); ASSERT (ImageHash != NULL); + if (DataSize > INT_MAX) { + return FALSE; + } + Status = FALSE; Pkcs7 = NULL; OrigAuthData = AuthData; diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c index e866284f17..433175bbf1 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c @@ -18,6 +18,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include +UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 }; /** Verification callback function to override any existing callbacks in OpenSSL @@ -143,6 +144,8 @@ Pkcs7Sign ( PKCS7 *Pkcs7; UINT8 *RsaContext; UINT8 *P7Data; + UINTN P7DataSize; + UINT8 *Tmp; // // Check input parameters. @@ -155,6 +158,10 @@ Pkcs7Sign ( return FALSE; } + if (InDataSize > INT_MAX) { + return FALSE; + } + RsaContext = NULL; Key = NULL; Pkcs7 = NULL; @@ -216,13 +223,23 @@ Pkcs7Sign ( // // Convert PKCS#7 signedData structure into DER-encoded buffer. // - *SignedDataSize = i2d_PKCS7 (Pkcs7, NULL); - if (*SignedDataSize == 0) { + P7DataSize = i2d_PKCS7 (Pkcs7, NULL); + if (P7DataSize <= 19) { goto _Exit; } + P7Data = OPENSSL_malloc (P7DataSize); + Tmp = P7Data; + P7DataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &Tmp); + + // + // Strip ContentInfo to content only for signeddata. The data be trimmed off + // is totally 19 bytes. + // + *SignedDataSize = P7DataSize - 19; *SignedData = OPENSSL_malloc (*SignedDataSize); - P7Data = *SignedData; - *SignedDataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &P7Data); + CopyMem (*SignedData, P7Data + 19, *SignedDataSize); + + OPENSSL_free (P7Data); Status = TRUE; @@ -253,8 +270,9 @@ _Exit: } /** - Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: Cryptographic - Message Syntax Standard". + Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: + Cryptographic Message Syntax Standard". The input signed data could be wrapped + in a ContentInfo structure. If P7Data is NULL, then ASSERT(). @@ -287,11 +305,19 @@ Pkcs7Verify ( BOOLEAN Status; X509 *Cert; X509_STORE *CertStore; + UINT8 *SignedData; + UINT8 *Temp; + UINTN SignedDataSize; + BOOLEAN Wrapped; // - // ASSERT if P7Data is NULL + // ASSERT if P7Data is NULL or P7Length is not larger than 19 bytes. // - ASSERT (P7Data != NULL); + ASSERT ((P7Data != NULL) || (P7Length <= 19)); + + if ((CertLength > INT_MAX) || (DataLength > INT_MAX)) { + return FALSE; + } Status = FALSE; Pkcs7 = NULL; @@ -308,10 +334,81 @@ Pkcs7Verify ( EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA); EVP_add_digest (EVP_sha256()); + // + // Check whether input P7Data is a wrapped ContentInfo structure or not. + // + Wrapped = FALSE; + if ((P7Data[4] == 0x06) && (P7Data[5] == 0x09)) { + if (CompareMem (P7Data + 6, mOidValue, sizeof (mOidValue)) == 0) { + if ((P7Data[15] == 0xA0) && (P7Data[16] == 0x82)) { + Wrapped = TRUE; + } + } + } + + if (Wrapped) { + SignedData = (UINT8 *) P7Data; + SignedDataSize = P7Length; + } else { + // + // Wrap PKCS#7 signeddata to a ContentInfo structure - add a header in 19 bytes. + // + SignedDataSize = P7Length + 19; + SignedData = OPENSSL_malloc (SignedDataSize); + if (SignedData == NULL) { + return FALSE; + } + + // + // Part1: 0x30, 0x82. + // + SignedData[0] = 0x30; + SignedData[1] = 0x82; + + // + // Part2: Length1 = P7Length + 19 - 4, in big endian. + // + SignedData[2] = (UINT8) (((UINT16) (SignedDataSize - 4)) >> 8); + SignedData[3] = (UINT8) (((UINT16) (SignedDataSize - 4)) & 0xff); + + // + // Part3: 0x06, 0x09. + // + SignedData[4] = 0x06; + SignedData[5] = 0x09; + + // + // Part4: OID value -- 0x2A 0x86 0x48 0x86 0xF7 0x0D 0x01 0x07 0x02. + // + CopyMem (SignedData + 6, mOidValue, sizeof (mOidValue)); + + // + // Part5: 0xA0, 0x82. + // + SignedData[15] = 0xA0; + SignedData[16] = 0x82; + + // + // Part6: Length2 = P7Length, in big endian. + // + SignedData[17] = (UINT8) (((UINT16) P7Length) >> 8); + SignedData[18] = (UINT8) (((UINT16) P7Length) & 0xff); + + // + // Part7: P7Data. + // + CopyMem (SignedData + 19, P7Data, P7Length); + } + // // Retrieve PKCS#7 Data (DER encoding) // - Pkcs7 = d2i_PKCS7 (NULL, &P7Data, (int)P7Length); + if (SignedDataSize > INT_MAX) { + goto _Exit; + } + + Temp = SignedData; + Pkcs7 = d2i_PKCS7 (NULL, &Temp, (int) SignedDataSize); if (Pkcs7 == NULL) { goto _Exit; } @@ -375,5 +472,9 @@ _Exit: X509_STORE_free (CertStore); PKCS7_free (Pkcs7); + if (!Wrapped) { + OPENSSL_free (SignedData); + } + return Status; } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 7557399aa4..88c21369b6 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -48,6 +48,10 @@ X509ConstructCertificate ( ASSERT (Cert != NULL); ASSERT (SingleX509Cert != NULL); + if (CertSize > INT_MAX) { + return FALSE; + } + Status = FALSE; // @@ -439,6 +443,7 @@ X509VerifyCert ( // X509 Certificate Verification. // Status = (BOOLEAN) X509_verify_cert (&CertCtx); + X509_STORE_CTX_cleanup (&CertCtx); _Exit: // @@ -447,7 +452,6 @@ _Exit: X509_free (X509Cert); X509_free (X509CACert); X509_STORE_free (CertStore); - X509_STORE_CTX_cleanup (&CertCtx); return Status; } diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf index f40f36ece2..a74a0c19ed 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -597,8 +597,8 @@ MSFT:RELEASE_*_X64_CC_FLAGS == /nologo /c /WX /GS- /X /Gs32768 /D UNICODE /O1ib2s /GL /Gy /FIAutoGen.h /EHs-c- /GR- /GF -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w MSFT:DEBUG_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /EHs-c- /GR- /Gy /Os /GL /FIAutoGen.h /QIPF_fr32 /Zi -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w MSFT:RELEASE_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /EHs-c- /GR- /Gy /Os /GL /FIAutoGen.h /QIPF_fr32 -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w - INTEL:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w - GCC:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w + MSFT:NOOPT_*_IA32_CC_FLAGS == /nologo /c /WX /GS- /Gs32768 /D UNICODE /Od /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w + INTEL:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w + GCC:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w RVCT:DEBUG_*_*_CC_FLAGS = $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) --library_interface=aeabi_clib99 --fpu=vfpv3 RVCT:RELEASE_*_*_CC_FLAGS = $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) --library_interface=aeabi_clib99 --fpu=vfpv3 -