From dda39f3a5850458391aaab330971d46bc9c2b690 Mon Sep 17 00:00:00 2001 From: tye1 Date: Thu, 2 Aug 2012 02:49:24 +0000 Subject: [PATCH] Fix several issues in BaseCryptLib: 1. Add input length check for several APIs in BaseCryptLib. 2. Add return status check when calling OpensslLib functions 3. Adjust BaseCryptLib API to match description of wrapped OpensslLib API. 4. Update INF file to add missed RuntimeServicesTableLib. 5. Fix return status issue of APIs in CryptX509.c that incorrect when error occurs. Signed-off-by: Ye Ting Reviewed-by: Dong Guo Reviewed-by: Fu Siyuan git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13579 6f19259b-4bc3-4df7-8a09-765794883524 --- CryptoPkg/Include/Library/BaseCryptLib.h | 5 +- .../Library/BaseCryptLib/BaseCryptLib.inf | 1 + .../Library/BaseCryptLib/Cipher/CryptAes.c | 12 ++- .../Library/BaseCryptLib/Cipher/CryptArc4.c | 4 +- .../Library/BaseCryptLib/Cipher/CryptTdes.c | 12 ++- .../Library/BaseCryptLib/Hmac/CryptHmacMd5.c | 2 +- .../Library/BaseCryptLib/Hmac/CryptHmacSha1.c | 2 +- .../Library/BaseCryptLib/InternalCryptLib.h | 2 + CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c | 21 +++-- CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c | 82 +++++++++++++++---- .../Library/BaseCryptLib/Pk/CryptPkcs7Sign.c | 20 +++-- .../BaseCryptLib/Pk/CryptPkcs7Verify.c | 17 +++- .../Library/BaseCryptLib/Pk/CryptRsaBasic.c | 36 +++++++- .../Library/BaseCryptLib/Pk/CryptRsaExt.c | 60 ++++++++++---- CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 55 ++++++++++--- .../Library/BaseCryptLib/Rand/CryptRand.c | 6 +- .../Library/BaseCryptLib/Rand/CryptRandItc.c | 6 +- .../Library/BaseCryptLib/Rand/CryptRandTsc.c | 6 +- .../BaseCryptLibRuntimeCryptProtocol.inf | 2 + .../InternalCryptLib.h | 2 - 20 files changed, 274 insertions(+), 79 deletions(-) diff --git a/CryptoPkg/Include/Library/BaseCryptLib.h b/CryptoPkg/Include/Library/BaseCryptLib.h index d996410201..4564d7be65 100644 --- a/CryptoPkg/Include/Library/BaseCryptLib.h +++ b/CryptoPkg/Include/Library/BaseCryptLib.h @@ -1978,12 +1978,13 @@ DhGenerateKey ( Computes exchanged common key. Given peer's public key, this function computes the exchanged common key, based on its own - context including value of prime modulus and random secret exponent. + context including value of prime modulus and random secret exponent. If DhContext is NULL, then return FALSE. If PeerPublicKey is NULL, then return FALSE. If KeySize is NULL, then return FALSE. - If KeySize is large enough but Key is NULL, then return FALSE. + If Key is NULL, then return FALSE. + If KeySize is not large enough, then return FALSE. If this interface is not supported, then return FALSE. @param[in, out] DhContext Pointer to the DH context. diff --git a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf index 5bb7829278..95a76f23fe 100644 --- a/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf +++ b/CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf @@ -93,6 +93,7 @@ BaseLib BaseMemoryLib MemoryAllocationLib + UefiRuntimeServicesTableLib DebugLib OpensslLib IntrinsicLib diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c index c8dbb797fa..753d79814f 100644 --- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c +++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptAes.c @@ -241,7 +241,11 @@ AesCbcEncrypt ( // // Check input parameters. // - if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) { + if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) { + return FALSE; + } + + if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } @@ -299,7 +303,11 @@ AesCbcDecrypt ( // // Check input parameters. // - if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) { + if (AesContext == NULL || Input == NULL || (InputSize % AES_BLOCK_SIZE) != 0) { + return FALSE; + } + + if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c index 0e5331c20d..f3c4d31a2d 100644 --- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c +++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptArc4.c @@ -115,7 +115,7 @@ Arc4Encrypt ( // // Check input parameters. // - if (Arc4Context == NULL || Input == NULL || Output == NULL) { + if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } @@ -161,7 +161,7 @@ Arc4Decrypt ( // // Check input parameters. // - if (Arc4Context == NULL || Input == NULL || Output == NULL) { + if (Arc4Context == NULL || Input == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c index f3a1eb7293..f89094a581 100644 --- a/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c +++ b/CryptoPkg/Library/BaseCryptLib/Cipher/CryptTdes.c @@ -275,7 +275,11 @@ TdesCbcEncrypt ( // // Check input parameters. // - if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) { + if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) { + return FALSE; + } + + if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } @@ -339,7 +343,11 @@ TdesCbcDecrypt ( // // Check input parameters. // - if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0 || Ivec == NULL || Output == NULL) { + if (TdesContext == NULL || Input == NULL || (InputSize % TDES_BLOCK_SIZE) != 0) { + return FALSE; + } + + if (Ivec == NULL || Output == NULL || InputSize > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c index 45f7d4977e..693cd322c9 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacMd5.c @@ -58,7 +58,7 @@ HmacMd5Init ( // // Check input parameters. // - if (HmacMd5Context == NULL) { + if (HmacMd5Context == NULL || KeySize > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c index b183ae562e..881d26cf8e 100644 --- a/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c +++ b/CryptoPkg/Library/BaseCryptLib/Hmac/CryptHmacSha1.c @@ -58,7 +58,7 @@ HmacSha1Init ( // // Check input parameters. // - if (HmacSha1Context == NULL) { + if (HmacSha1Context == NULL || KeySize > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h index b04762691b..5587652714 100644 --- a/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h +++ b/CryptoPkg/Library/BaseCryptLib/InternalCryptLib.h @@ -21,6 +21,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include +#include "OpenSslSupport.h" + // // Environment Setting for OpenSSL-based UEFI Crypto Library. // diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c index 319ad59ecc..078a960d58 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c +++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c @@ -86,17 +86,24 @@ RsaGetPrivateKeyFromPem ( return FALSE; } - Status = FALSE; - PemBio = NULL; - // // Add possible block-cipher descriptor for PEM data decryption. // NOTE: Only support most popular ciphers (3DES, AES) for the encrypted PEM. // - EVP_add_cipher (EVP_des_ede3_cbc ()); - EVP_add_cipher (EVP_aes_128_cbc ()); - EVP_add_cipher (EVP_aes_192_cbc ()); - EVP_add_cipher (EVP_aes_256_cbc ()); + if (EVP_add_cipher (EVP_des_ede3_cbc ()) == 0) { + return FALSE; + } + if (EVP_add_cipher (EVP_aes_128_cbc ()) == 0) { + return FALSE; + } + if (EVP_add_cipher (EVP_aes_192_cbc ()) == 0) { + return FALSE; + } + if (EVP_add_cipher (EVP_aes_256_cbc ()) == 0) { + return FALSE; + } + + Status = FALSE; // // Read encrypted PEM Data. diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c index 30792d27ca..942b3d103e 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c @@ -91,7 +91,7 @@ DhGenerateParameter ( // // Check input parameters. // - if (DhContext == NULL || Prime == NULL) { + if (DhContext == NULL || Prime == NULL || PrimeLength > INT_MAX) { return FALSE; } @@ -139,12 +139,13 @@ DhSetParameter ( IN CONST UINT8 *Prime ) { - DH *Dh; + DH *Dh; + BIGNUM *Bn; // // Check input parameters. // - if (DhContext == NULL || Prime == NULL) { + if (DhContext == NULL || Prime == NULL || PrimeLength > INT_MAX) { return FALSE; } @@ -152,14 +153,46 @@ DhSetParameter ( return FALSE; } + Bn = NULL; + Dh = (DH *) DhContext; - Dh->p = BN_new(); - Dh->g = BN_new(); + Dh->g = NULL; + Dh->p = BN_new (); + if (Dh->p == NULL) { + goto Error; + } + + Dh->g = BN_new (); + if (Dh->g == NULL) { + goto Error; + } - BN_bin2bn (Prime, (UINT32) (PrimeLength / 8), Dh->p); - BN_set_word (Dh->g, (UINT32) Generator); + Bn = BN_bin2bn (Prime, (UINT32) (PrimeLength / 8), Dh->p); + if (Bn == NULL) { + goto Error; + } + + if (BN_set_word (Dh->g, (UINT32) Generator) == 0) { + goto Error; + } return TRUE; + +Error: + + if (Dh->p != NULL) { + BN_free (Dh->p); + } + + if (Dh->g != NULL) { + BN_free (Dh->g); + } + + if (Bn != NULL) { + BN_free (Bn); + } + + return FALSE; } /** @@ -194,6 +227,7 @@ DhGenerateKey ( { BOOLEAN RetVal; DH *Dh; + INTN Size; // // Check input parameters. @@ -207,12 +241,17 @@ DhGenerateKey ( } Dh = (DH *) DhContext; - *PublicKeySize = 0; RetVal = (BOOLEAN) DH_generate_key (DhContext); if (RetVal) { + Size = BN_num_bytes (Dh->pub_key); + if ((Size > 0) && (*PublicKeySize < (UINTN) Size)) { + *PublicKeySize = Size; + return FALSE; + } + BN_bn2bin (Dh->pub_key, PublicKey); - *PublicKeySize = BN_num_bytes (Dh->pub_key); + *PublicKeySize = Size; } return RetVal; @@ -227,7 +266,8 @@ DhGenerateKey ( If DhContext is NULL, then return FALSE. If PeerPublicKey is NULL, then return FALSE. If KeySize is NULL, then return FALSE. - If KeySize is large enough but Key is NULL, then return FALSE. + If Key is NULL, then return FALSE. + If KeySize is not large enough, then return FALSE. @param[in, out] DhContext Pointer to the DH context. @param[in] PeerPublicKey Pointer to the peer's public key. @@ -252,23 +292,37 @@ DhComputeKey ( ) { BIGNUM *Bn; + INTN Size; // // Check input parameters. // - if (DhContext == NULL || PeerPublicKey == NULL || KeySize == NULL) { + if (DhContext == NULL || PeerPublicKey == NULL || KeySize == NULL || Key == NULL) { return FALSE; } - if (Key == NULL && *KeySize != 0) { + if (PeerPublicKeySize > INT_MAX) { return FALSE; } Bn = BN_bin2bn (PeerPublicKey, (UINT32) PeerPublicKeySize, NULL); + if (Bn == NULL) { + return FALSE; + } - *KeySize = (BOOLEAN) DH_compute_key (Key, Bn, DhContext); + Size = DH_compute_key (Key, Bn, DhContext); + if (Size < 0) { + BN_free (Bn); + return FALSE; + } - BN_free (Bn); + if (*KeySize < (UINTN) Size) { + *KeySize = Size; + BN_free (Bn); + return FALSE; + } + *KeySize = Size; + BN_free (Bn); return TRUE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c index 11472ebf3b..25865910f6 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Sign.c @@ -92,12 +92,21 @@ Pkcs7Sign ( return Status; } + Status = FALSE; + // // Register & Initialize necessary digest algorithms and PRNG for PKCS#7 Handling // - EVP_add_digest (EVP_md5()); - EVP_add_digest (EVP_sha1()); - EVP_add_digest (EVP_sha256()); + if (EVP_add_digest (EVP_md5 ()) == 0) { + goto _Exit; + } + if (EVP_add_digest (EVP_sha1 ()) == 0) { + goto _Exit; + } + if (EVP_add_digest (EVP_sha256 ()) == 0) { + goto _Exit; + } + RandomSeed (NULL, 0); // @@ -105,7 +114,6 @@ Pkcs7Sign ( // Key = EVP_PKEY_new (); if (Key == NULL) { - Status = FALSE; goto _Exit; } Key->save_type = EVP_PKEY_RSA; @@ -129,7 +137,6 @@ Pkcs7Sign ( PKCS7_BINARY | PKCS7_NOATTR | PKCS7_DETACHED ); if (Pkcs7 == NULL) { - Status = FALSE; goto _Exit; } @@ -138,13 +145,11 @@ Pkcs7Sign ( // P7DataSize = i2d_PKCS7 (Pkcs7, NULL); if (P7DataSize <= 19) { - Status = FALSE; goto _Exit; } P7Data = malloc (P7DataSize); if (P7Data == NULL) { - Status = FALSE; goto _Exit; } @@ -158,7 +163,6 @@ Pkcs7Sign ( *SignedDataSize = P7DataSize - 19; *SignedData = malloc (*SignedDataSize); if (*SignedData == NULL) { - Status = FALSE; OPENSSL_free (P7Data); goto _Exit; } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c index 24f4c031d5..2e72f892cb 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c @@ -485,10 +485,19 @@ Pkcs7Verify ( // // Register & Initialize necessary digest algorithms for PKCS#7 Handling // - EVP_add_digest (EVP_md5()); - EVP_add_digest (EVP_sha1()); - EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA); - EVP_add_digest (EVP_sha256()); + if (EVP_add_digest (EVP_md5 ()) == 0) { + return FALSE; + } + if (EVP_add_digest (EVP_sha1 ()) == 0) { + return FALSE; + } + if (EVP_add_digest (EVP_sha256 ()) == 0) { + return FALSE; + } + if (EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA) == 0) { + return FALSE; + } + Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize); if (!Status) { diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c index d828cb4b3f..76754b4a72 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaBasic.c @@ -97,7 +97,7 @@ RsaSetKey ( // // Check input parameters. // - if (RsaContext == NULL) { + if (RsaContext == NULL || BnSize > INT_MAX) { return FALSE; } @@ -121,6 +121,10 @@ RsaSetKey ( break; } RsaKey->n = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->n); + if (RsaKey->n == NULL) { + return FALSE; + } + break; // @@ -135,6 +139,10 @@ RsaSetKey ( break; } RsaKey->e = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->e); + if (RsaKey->e == NULL) { + return FALSE; + } + break; // @@ -149,6 +157,10 @@ RsaSetKey ( break; } RsaKey->d = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->d); + if (RsaKey->d == NULL) { + return FALSE; + } + break; // @@ -163,6 +175,10 @@ RsaSetKey ( break; } RsaKey->p = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->p); + if (RsaKey->p == NULL) { + return FALSE; + } + break; // @@ -177,6 +193,10 @@ RsaSetKey ( break; } RsaKey->q = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->q); + if (RsaKey->q == NULL) { + return FALSE; + } + break; // @@ -191,6 +211,10 @@ RsaSetKey ( break; } RsaKey->dmp1 = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->dmp1); + if (RsaKey->dmp1 == NULL) { + return FALSE; + } + break; // @@ -205,6 +229,10 @@ RsaSetKey ( break; } RsaKey->dmq1 = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->dmq1); + if (RsaKey->dmq1 == NULL) { + return FALSE; + } + break; // @@ -219,6 +247,10 @@ RsaSetKey ( break; } RsaKey->iqmp = BN_bin2bn (BigNumber, (UINT32) BnSize, RsaKey->iqmp); + if (RsaKey->iqmp == NULL) { + return FALSE; + } + break; default: @@ -262,7 +294,7 @@ RsaPkcs1Verify ( // // Check input parameters. // - if (RsaContext == NULL || MessageHash == NULL || Signature == NULL) { + if (RsaContext == NULL || MessageHash == NULL || Signature == NULL || SigSize > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c index 67d8826e6c..b4faafa0c3 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptRsaExt.c @@ -231,22 +231,32 @@ RsaGenerateKey ( // // Check input parameters. // - if (RsaContext == NULL) { + if (RsaContext == NULL || ModulusLength > INT_MAX || PublicExponentSize > INT_MAX) { return FALSE; } KeyE = BN_new (); + if (KeyE == NULL) { + return FALSE; + } + + RetVal = FALSE; + if (PublicExponent == NULL) { - BN_set_word (KeyE, 0x10001); + if (BN_set_word (KeyE, 0x10001) == 0) { + goto _Exit; + } } else { - BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE); + if (BN_bin2bn (PublicExponent, (UINT32) PublicExponentSize, KeyE) == NULL) { + goto _Exit; + } } - RetVal = FALSE; if (RSA_generate_key_ex ((RSA *) RsaContext, (UINT32) ModulusLength, KeyE, NULL) == 1) { RetVal = TRUE; } +_Exit: BN_free (KeyE); return RetVal; } @@ -299,18 +309,24 @@ RsaCheckKey ( /** Performs the PKCS1-v1_5 encoding methods defined in RSA PKCS #1. - @param Message Message buffer to be encoded. - @param MessageSize Size of message buffer in bytes. - @param DigestInfo Pointer to buffer of digest info for output. + @param[in] Message Message buffer to be encoded. + @param[in] MessageSize Size of message buffer in bytes. + @param[out] DigestInfo Pointer to buffer of digest info for output. + @param[in,out] DigestInfoSize On input, the size of DigestInfo buffer in bytes. + On output, the size of data returned in DigestInfo + buffer in bytes. - @return Size of DigestInfo in bytes. + @retval TRUE PKCS1-v1_5 encoding finished successfully. + @retval FALSE Any input parameter is invalid. + @retval FALSE DigestInfo buffer is not large enough. **/ -UINTN +BOOLEAN DigestInfoEncoding ( - IN CONST UINT8 *Message, - IN UINTN MessageSize, - OUT UINT8 *DigestInfo + IN CONST UINT8 *Message, + IN UINTN MessageSize, + OUT UINT8 *DigestInfo, + IN OUT UINTN *DigestInfoSize ) { CONST UINT8 *HashDer; @@ -319,7 +335,7 @@ DigestInfoEncoding ( // // Check input parameters. // - if (Message == NULL || DigestInfo == NULL) { + if (Message == NULL || DigestInfo == NULL || DigestInfoSize == NULL) { return FALSE; } @@ -347,10 +363,16 @@ DigestInfoEncoding ( return FALSE; } + if (*DigestInfoSize < DerSize + MessageSize) { + *DigestInfoSize = DerSize + MessageSize; + return FALSE; + } + CopyMem (DigestInfo, HashDer, DerSize); CopyMem (DigestInfo + DerSize, Message, MessageSize); - return (DerSize + MessageSize); + *DigestInfoSize = DerSize + MessageSize; + return TRUE; } /** @@ -412,21 +434,23 @@ RsaPkcs1Sign ( return FALSE; } - Size = DigestInfoEncoding (MessageHash, HashSize, Signature); + if (!DigestInfoEncoding (MessageHash, HashSize, Signature, SigSize)) { + return FALSE; + } ReturnVal = RSA_private_encrypt ( - (UINT32) Size, + (UINT32) *SigSize, Signature, Signature, Rsa, RSA_PKCS1_PADDING ); - if (ReturnVal < (INTN) Size) { + if (ReturnVal < (INTN) *SigSize) { return FALSE; } - *SigSize = (UINTN)ReturnVal; + *SigSize = (UINTN) ReturnVal; return TRUE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index f90600473a..f0a5d0ac7f 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -346,7 +346,6 @@ X509GetSubjectName ( return FALSE; } - Status = FALSE; X509Cert = NULL; // @@ -354,13 +353,20 @@ X509GetSubjectName ( // Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); if ((X509Cert == NULL) || (!Status)) { + Status = FALSE; goto _Exit; } + Status = FALSE; + // // Retrieve subject name from certificate object. // X509Name = X509_get_subject_name (X509Cert); + if (X509Name == NULL) { + goto _Exit; + } + if (*SubjectSize < (UINTN) X509Name->bytes->length) { *SubjectSize = (UINTN) X509Name->bytes->length; goto _Exit; @@ -375,7 +381,9 @@ _Exit: // // Release Resources. // - X509_free (X509Cert); + if (X509Cert != NULL) { + X509_free (X509Cert); + } return Status; } @@ -415,7 +423,6 @@ RsaGetPublicKeyFromX509 ( return FALSE; } - Status = FALSE; Pkey = NULL; X509Cert = NULL; @@ -424,9 +431,12 @@ RsaGetPublicKeyFromX509 ( // Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); if ((X509Cert == NULL) || (!Status)) { + Status = FALSE; goto _Exit; } + Status = FALSE; + // // Retrieve and check EVP_PKEY data from X509 Certificate. // @@ -446,8 +456,13 @@ _Exit: // // Release Resources. // - X509_free (X509Cert); - EVP_PKEY_free (Pkey); + if (X509Cert != NULL) { + X509_free (X509Cert); + } + + if (Pkey != NULL) { + EVP_PKEY_free (Pkey); + } return Status; } @@ -498,15 +513,22 @@ X509VerifyCert ( // // Register & Initialize necessary digest algorithms for certificate verification. // - EVP_add_digest (EVP_md5()); - EVP_add_digest (EVP_sha1()); - EVP_add_digest (EVP_sha256()); + if (EVP_add_digest (EVP_md5 ()) == 0) { + goto _Exit; + } + if (EVP_add_digest (EVP_sha1 ()) == 0) { + goto _Exit; + } + if (EVP_add_digest (EVP_sha256 ()) == 0) { + goto _Exit; + } // // Read DER-encoded certificate to be verified and Construct X509 object. // Status = X509ConstructCertificate (Cert, CertSize, (UINT8 **) &X509Cert); if ((X509Cert == NULL) || (!Status)) { + Status = FALSE; goto _Exit; } @@ -515,9 +537,12 @@ X509VerifyCert ( // Status = X509ConstructCertificate (CACert, CACertSize, (UINT8 **) &X509CACert); if ((X509CACert == NULL) || (!Status)) { + Status = FALSE; goto _Exit; } + Status = FALSE; + // // Set up X509 Store for trusted certificate. // @@ -546,9 +571,17 @@ _Exit: // // Release Resources. // - X509_free (X509Cert); - X509_free (X509CACert); - X509_STORE_free (CertStore); + if (X509Cert != NULL) { + X509_free (X509Cert); + } + + if (X509CACert != NULL) { + X509_free (X509CACert); + } + if (CertStore != NULL) { + X509_STORE_free (CertStore); + } + return Status; } diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c index 4b275951e8..4a056e89d8 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRand.c @@ -43,6 +43,10 @@ RandomSeed ( IN UINTN SeedSize ) { + if (SeedSize > INT_MAX) { + return FALSE; + } + // // Seed the pseudorandom number generator with user-supplied value. // NOTE: A cryptographic PRNG must be seeded with unpredictable data. @@ -78,7 +82,7 @@ RandomBytes ( // // Check input parameters. // - if (Output == NULL) { + if (Output == NULL || Size > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c index 881141cd08..dcc1853f13 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandItc.c @@ -41,6 +41,10 @@ RandomSeed ( { CHAR8 DefaultSeed[128]; + if (SeedSize > INT_MAX) { + return FALSE; + } + // // Seed the pseudorandom number generator with user-supplied value. // NOTE: A cryptographic PRNG must be seeded with unpredictable data. @@ -86,7 +90,7 @@ RandomBytes ( // // Check input parameters. // - if (Output == NULL) { + if (Output == NULL || Size > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c index bb8783d354..7259ed50da 100644 --- a/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c +++ b/CryptoPkg/Library/BaseCryptLib/Rand/CryptRandTsc.c @@ -41,6 +41,10 @@ RandomSeed ( { CHAR8 DefaultSeed[128]; + if (SeedSize > INT_MAX) { + return FALSE; + } + // // Seed the pseudorandom number generator with user-supplied value. // NOTE: A cryptographic PRNG must be seeded with unpredictable data. @@ -86,7 +90,7 @@ RandomBytes ( // // Check input parameters. // - if (Output == NULL) { + if (Output == NULL || Size > INT_MAX) { return FALSE; } diff --git a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf index 2fb9074755..8bb04e9495 100644 --- a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf +++ b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf @@ -62,6 +62,8 @@ [LibraryClasses] BaseLib DebugLib + UefiBootServicesTableLib + UefiRuntimeLib [Guids] gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event diff --git a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/InternalCryptLib.h b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/InternalCryptLib.h index 998100dce8..959ad0a0f5 100644 --- a/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/InternalCryptLib.h +++ b/CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/InternalCryptLib.h @@ -16,8 +16,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define __INTERNAL_CRYPT_LIB_H__ #include -#include -#include #include #include -- 2.39.2