diff options
| -rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c | 4 | ||||
| -rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c | 4 | ||||
| -rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c | 119 | ||||
| -rw-r--r-- | CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 6 | ||||
| -rw-r--r-- | CryptoPkg/Library/OpensslLib/OpensslLib.inf | 6 |
5 files changed, 126 insertions, 13 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c index bc5c93ff98..ed53b2dcbf 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c +++ b/CryptoPkg/Library/BaseCryptLib/Pem/CryptPem.c @@ -85,6 +85,10 @@ RsaGetPrivateKeyFromPem ( ASSERT (PemData != NULL);
ASSERT (RsaContext != NULL);
+ if (PemSize > INT_MAX) {
+ return FALSE;
+ }
+
Status = FALSE;
PemBio = NULL;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c index 5f93e4af93..0370fd77a5 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptAuthenticode.c @@ -65,6 +65,10 @@ AuthenticodeVerify ( ASSERT (AuthData != NULL);
ASSERT (ImageHash != NULL);
+ if (DataSize > INT_MAX) {
+ return FALSE;
+ }
+
Status = FALSE;
Pkcs7 = NULL;
OrigAuthData = AuthData;
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c index e866284f17..433175bbf1 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7.c @@ -18,6 +18,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <openssl/x509.h>
#include <openssl/pkcs7.h>
+UINT8 mOidValue[9] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x07, 0x02 };
/**
Verification callback function to override any existing callbacks in OpenSSL
@@ -143,6 +144,8 @@ Pkcs7Sign ( PKCS7 *Pkcs7;
UINT8 *RsaContext;
UINT8 *P7Data;
+ UINTN P7DataSize;
+ UINT8 *Tmp;
//
// Check input parameters.
@@ -155,6 +158,10 @@ Pkcs7Sign ( return FALSE;
}
+ if (InDataSize > INT_MAX) {
+ return FALSE;
+ }
+
RsaContext = NULL;
Key = NULL;
Pkcs7 = NULL;
@@ -216,13 +223,23 @@ Pkcs7Sign ( //
// Convert PKCS#7 signedData structure into DER-encoded buffer.
//
- *SignedDataSize = i2d_PKCS7 (Pkcs7, NULL);
- if (*SignedDataSize == 0) {
+ P7DataSize = i2d_PKCS7 (Pkcs7, NULL);
+ if (P7DataSize <= 19) {
goto _Exit;
}
+ P7Data = OPENSSL_malloc (P7DataSize);
+ Tmp = P7Data;
+ P7DataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &Tmp);
+
+ //
+ // Strip ContentInfo to content only for signeddata. The data be trimmed off
+ // is totally 19 bytes.
+ //
+ *SignedDataSize = P7DataSize - 19;
*SignedData = OPENSSL_malloc (*SignedDataSize);
- P7Data = *SignedData;
- *SignedDataSize = i2d_PKCS7 (Pkcs7, (unsigned char **) &P7Data);
+ CopyMem (*SignedData, P7Data + 19, *SignedDataSize);
+
+ OPENSSL_free (P7Data);
Status = TRUE;
@@ -253,8 +270,9 @@ _Exit: }
/**
- Verifies the validility of a PKCS#7 signed data as described in "PKCS #7: Cryptographic
- Message Syntax Standard".
+ Verifies the validility of a PKCS#7 signed data as described in "PKCS #7:
+ Cryptographic Message Syntax Standard". The input signed data could be wrapped
+ in a ContentInfo structure.
If P7Data is NULL, then ASSERT().
@@ -287,11 +305,19 @@ Pkcs7Verify ( BOOLEAN Status;
X509 *Cert;
X509_STORE *CertStore;
+ UINT8 *SignedData;
+ UINT8 *Temp;
+ UINTN SignedDataSize;
+ BOOLEAN Wrapped;
//
- // ASSERT if P7Data is NULL
+ // ASSERT if P7Data is NULL or P7Length is not larger than 19 bytes.
//
- ASSERT (P7Data != NULL);
+ ASSERT ((P7Data != NULL) || (P7Length <= 19));
+
+ if ((CertLength > INT_MAX) || (DataLength > INT_MAX)) {
+ return FALSE;
+ }
Status = FALSE;
Pkcs7 = NULL;
@@ -309,9 +335,80 @@ Pkcs7Verify ( EVP_add_digest (EVP_sha256());
//
+ // Check whether input P7Data is a wrapped ContentInfo structure or not.
+ //
+ Wrapped = FALSE;
+ if ((P7Data[4] == 0x06) && (P7Data[5] == 0x09)) {
+ if (CompareMem (P7Data + 6, mOidValue, sizeof (mOidValue)) == 0) {
+ if ((P7Data[15] == 0xA0) && (P7Data[16] == 0x82)) {
+ Wrapped = TRUE;
+ }
+ }
+ }
+
+ if (Wrapped) {
+ SignedData = (UINT8 *) P7Data;
+ SignedDataSize = P7Length;
+ } else {
+ //
+ // Wrap PKCS#7 signeddata to a ContentInfo structure - add a header in 19 bytes.
+ //
+ SignedDataSize = P7Length + 19;
+ SignedData = OPENSSL_malloc (SignedDataSize);
+ if (SignedData == NULL) {
+ return FALSE;
+ }
+
+ //
+ // Part1: 0x30, 0x82.
+ //
+ SignedData[0] = 0x30;
+ SignedData[1] = 0x82;
+
+ //
+ // Part2: Length1 = P7Length + 19 - 4, in big endian.
+ //
+ SignedData[2] = (UINT8) (((UINT16) (SignedDataSize - 4)) >> 8);
+ SignedData[3] = (UINT8) (((UINT16) (SignedDataSize - 4)) & 0xff);
+
+ //
+ // Part3: 0x06, 0x09.
+ //
+ SignedData[4] = 0x06;
+ SignedData[5] = 0x09;
+
+ //
+ // Part4: OID value -- 0x2A 0x86 0x48 0x86 0xF7 0x0D 0x01 0x07 0x02.
+ //
+ CopyMem (SignedData + 6, mOidValue, sizeof (mOidValue));
+
+ //
+ // Part5: 0xA0, 0x82.
+ //
+ SignedData[15] = 0xA0;
+ SignedData[16] = 0x82;
+
+ //
+ // Part6: Length2 = P7Length, in big endian.
+ //
+ SignedData[17] = (UINT8) (((UINT16) P7Length) >> 8);
+ SignedData[18] = (UINT8) (((UINT16) P7Length) & 0xff);
+
+ //
+ // Part7: P7Data.
+ //
+ CopyMem (SignedData + 19, P7Data, P7Length);
+ }
+
+ //
// Retrieve PKCS#7 Data (DER encoding)
//
- Pkcs7 = d2i_PKCS7 (NULL, &P7Data, (int)P7Length);
+ if (SignedDataSize > INT_MAX) {
+ goto _Exit;
+ }
+
+ Temp = SignedData;
+ Pkcs7 = d2i_PKCS7 (NULL, &Temp, (int) SignedDataSize);
if (Pkcs7 == NULL) {
goto _Exit;
}
@@ -375,5 +472,9 @@ _Exit: X509_STORE_free (CertStore);
PKCS7_free (Pkcs7);
+ if (!Wrapped) {
+ OPENSSL_free (SignedData);
+ }
+
return Status;
}
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c index 7557399aa4..88c21369b6 100644 --- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c +++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c @@ -48,6 +48,10 @@ X509ConstructCertificate ( ASSERT (Cert != NULL);
ASSERT (SingleX509Cert != NULL);
+ if (CertSize > INT_MAX) {
+ return FALSE;
+ }
+
Status = FALSE;
//
@@ -439,6 +443,7 @@ X509VerifyCert ( // X509 Certificate Verification.
//
Status = (BOOLEAN) X509_verify_cert (&CertCtx);
+ X509_STORE_CTX_cleanup (&CertCtx);
_Exit:
//
@@ -447,7 +452,6 @@ _Exit: X509_free (X509Cert);
X509_free (X509CACert);
X509_STORE_free (CertStore);
- X509_STORE_CTX_cleanup (&CertCtx);
return Status;
}
diff --git a/CryptoPkg/Library/OpensslLib/OpensslLib.inf b/CryptoPkg/Library/OpensslLib/OpensslLib.inf index f40f36ece2..a74a0c19ed 100644 --- a/CryptoPkg/Library/OpensslLib/OpensslLib.inf +++ b/CryptoPkg/Library/OpensslLib/OpensslLib.inf @@ -597,8 +597,8 @@ MSFT:RELEASE_*_X64_CC_FLAGS == /nologo /c /WX /GS- /X /Gs32768 /D UNICODE /O1ib2s /GL /Gy /FIAutoGen.h /EHs-c- /GR- /GF -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w
MSFT:DEBUG_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /EHs-c- /GR- /Gy /Os /GL /FIAutoGen.h /QIPF_fr32 /Zi -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w
MSFT:RELEASE_*_IPF_CC_FLAGS == /nologo /c /WX /GS- /X /EHs-c- /GR- /Gy /Os /GL /FIAutoGen.h /QIPF_fr32 -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w
- INTEL:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w
- GCC:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w
+ MSFT:NOOPT_*_IA32_CC_FLAGS == /nologo /c /WX /GS- /Gs32768 /D UNICODE /Od /FIAutoGen.h /EHs-c- /GR- /GF /Gy /Zi /Gm -U_WIN32 -U_WIN64 -U_MSC_VER $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w
+ INTEL:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 -U_MSC_VER -U__ICC $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) /w
+ GCC:*_*_*_CC_FLAGS = -U_WIN32 -U_WIN64 $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) -w
RVCT:DEBUG_*_*_CC_FLAGS = $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) --library_interface=aeabi_clib99 --fpu=vfpv3
RVCT:RELEASE_*_*_CC_FLAGS = $(OPENSSL_FLAGS) $(OPENSSL_EXFLAGS) --library_interface=aeabi_clib99 --fpu=vfpv3
-
|