summaryrefslogtreecommitdiffstats
path: root/src/crypto/x509/x509_vfy.c
diff options
context:
space:
mode:
authorKenny Root <kroot@google.com>2015-07-24 21:02:57 +0000
committerAndroid Git Automerger <android-git-automerger@android.com>2015-07-24 21:02:57 +0000
commit3b2c60656d36f47063e972b9aa2c11ef235253a6 (patch)
tree4d210b442e8e6742e9b0ff9dca4fc158c1a6a03e /src/crypto/x509/x509_vfy.c
parentffd8e0a5b40ce124e6dce4cb7546a26680d33d16 (diff)
parent07f4f42347557420f105a72d9a93bc8ee88a3dc5 (diff)
downloadexternal_boringssl-3b2c60656d36f47063e972b9aa2c11ef235253a6.zip
external_boringssl-3b2c60656d36f47063e972b9aa2c11ef235253a6.tar.gz
external_boringssl-3b2c60656d36f47063e972b9aa2c11ef235253a6.tar.bz2
am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
* commit '07f4f42347557420f105a72d9a93bc8ee88a3dc5': Handle RDRAND failures. dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key. Fix for CVE-2015-1789. Fixes for CVE-2015-1791.
Diffstat (limited to 'src/crypto/x509/x509_vfy.c')
-rw-r--r--src/crypto/x509/x509_vfy.c54
1 files changed, 47 insertions, 7 deletions
diff --git a/src/crypto/x509/x509_vfy.c b/src/crypto/x509/x509_vfy.c
index 2ba9c84..f53f279 100644
--- a/src/crypto/x509/x509_vfy.c
+++ b/src/crypto/x509/x509_vfy.c
@@ -1829,49 +1829,89 @@ int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
ASN1_TIME atm;
long offset;
char buff1[24],buff2[24],*p;
- int i,j;
+ int i, j, remaining;
p=buff1;
- i=ctm->length;
+ remaining = ctm->length;
str=(char *)ctm->data;
+ /* Note that the following (historical) code allows much more slack in
+ * the time format than RFC5280. In RFC5280, the representation is
+ * fixed:
+ * UTCTime: YYMMDDHHMMSSZ
+ * GeneralizedTime: YYYYMMDDHHMMSSZ */
if (ctm->type == V_ASN1_UTCTIME)
{
- if ((i < 11) || (i > 17)) return 0;
+ /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */
+ int min_length = sizeof("YYMMDDHHMMZ") - 1;
+ int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1;
+ if (remaining < min_length || remaining > max_length)
+ return 0;
memcpy(p,str,10);
p+=10;
str+=10;
+ remaining -= 10;
}
else
{
- if (i < 13) return 0;
+ /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */
+ int min_length = sizeof("YYYYMMDDHHMMZ") - 1;
+ int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1;
+ if (remaining < min_length || remaining > max_length)
+ return 0;
memcpy(p,str,12);
p+=12;
str+=12;
+ remaining -= 12;
}
if ((*str == 'Z') || (*str == '-') || (*str == '+'))
{ *(p++)='0'; *(p++)='0'; }
else
{
+ /* SS (seconds) */
+ if (remaining < 2)
+ return 0;
*(p++)= *(str++);
*(p++)= *(str++);
- /* Skip any fractional seconds... */
- if (*str == '.')
+ remaining -= 2;
+ /* Skip any (up to three) fractional seconds...
+ * TODO(emilia): in RFC5280, fractional seconds are forbidden.
+ * Can we just kill them altogether? */
+ if (remaining && *str == '.')
{
str++;
- while ((*str >= '0') && (*str <= '9')) str++;
+ remaining--;
+ for (i = 0; i < 3 && remaining; i++, str++, remaining--)
+ {
+ if (*str < '0' || *str > '9')
+ break;
+ }
}
}
*(p++)='Z';
*(p++)='\0';
+ /* We now need either a terminating 'Z' or an offset. */
+ if (!remaining)
+ return 0;
if (*str == 'Z')
+ {
+ if (remaining != 1)
+ return 0;
offset=0;
+ }
else
{
+ /* (+-)HHMM */
if ((*str != '+') && (*str != '-'))
return 0;
+ /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */
+ if (remaining != 5)
+ return 0;
+ if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' ||
+ str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9')
+ return 0;
offset=((str[1]-'0')*10+(str[2]-'0'))*60;
offset+=(str[3]-'0')*10+(str[4]-'0');
if (*str == '-')