From 5605f577187336e02b609bad906ab42478c7340a Mon Sep 17 00:00:00 2001
From: miod <>
Date: Tue, 8 Nov 2016 20:01:06 +0000
Subject: Stricter checks of ASN1_INTEGER to reject ASN1_NEG_INTEGER in places
 when they don't make sense.

ok beck@
---
 src/lib/libcrypto/evp/p5_crpt.c     |  9 ++++++---
 src/lib/libcrypto/evp/p5_crpt2.c    |  8 ++++++--
 src/lib/libcrypto/pkcs12/p12_crpt.c |  9 ++++++---
 src/lib/libcrypto/pkcs12/p12_mutl.c |  8 +++++---
 src/lib/libcrypto/x509v3/v3_purp.c  | 12 +++++++++---
 5 files changed, 32 insertions(+), 14 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/evp/p5_crpt.c b/src/lib/libcrypto/evp/p5_crpt.c
index 626910fd7a..1d02cbf4a6 100644
--- a/src/lib/libcrypto/evp/p5_crpt.c
+++ b/src/lib/libcrypto/evp/p5_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_crpt.c,v 1.16 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: p5_crpt.c,v 1.17 2016/11/08 20:01:06 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -106,8 +106,11 @@ PKCS5_PBE_keyivgen(EVP_CIPHER_CTX *cctx, const char *pass, int passlen,
 
 	if (!pbe->iter)
 		iter = 1;
-	else
-		iter = ASN1_INTEGER_get (pbe->iter);
+	else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) {
+		EVPerr(EVP_F_PKCS5_PBE_KEYIVGEN,
+		    EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
+		return 0;
+	}
 	salt = pbe->salt->data;
 	saltlen = pbe->salt->length;
 
diff --git a/src/lib/libcrypto/evp/p5_crpt2.c b/src/lib/libcrypto/evp/p5_crpt2.c
index 632c2c76ce..44e8b331fb 100644
--- a/src/lib/libcrypto/evp/p5_crpt2.c
+++ b/src/lib/libcrypto/evp/p5_crpt2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p5_crpt2.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: p5_crpt2.c,v 1.22 2016/11/08 20:01:06 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -293,7 +293,11 @@ PKCS5_v2_PBKDF2_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 	/* it seems that its all OK */
 	salt = kdf->salt->value.octet_string->data;
 	saltlen = kdf->salt->value.octet_string->length;
-	iter = ASN1_INTEGER_get(kdf->iter);
+	if ((iter = ASN1_INTEGER_get(kdf->iter)) <= 0) {
+		EVPerr(EVP_F_PKCS5_V2_PBKDF2_KEYIVGEN,
+		    EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS);
+		goto err;
+	}
 	if (!PKCS5_PBKDF2_HMAC(pass, passlen, salt, saltlen, iter, prfmd,
 	    keylen, key))
 		goto err;
diff --git a/src/lib/libcrypto/pkcs12/p12_crpt.c b/src/lib/libcrypto/pkcs12/p12_crpt.c
index 0f215d2fe2..f2d635fc62 100644
--- a/src/lib/libcrypto/pkcs12/p12_crpt.c
+++ b/src/lib/libcrypto/pkcs12/p12_crpt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_crpt.c,v 1.12 2015/09/10 15:56:25 jsing Exp $ */
+/* $OpenBSD: p12_crpt.c,v 1.13 2016/11/08 20:01:06 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -94,8 +94,11 @@ PKCS12_PBE_keyivgen(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 
 	if (!pbe->iter)
 		iter = 1;
-	else
-		iter = ASN1_INTEGER_get (pbe->iter);
+	else if ((iter = ASN1_INTEGER_get(pbe->iter)) <= 0) {
+		PKCS12err(PKCS12_F_PKCS12_PBE_KEYIVGEN, PKCS12_R_DECODE_ERROR);
+		PBEPARAM_free(pbe);
+		return 0;
+	}
 	salt = pbe->salt->data;
 	saltlen = pbe->salt->length;
 	if (!PKCS12_key_gen (pass, passlen, salt, saltlen, PKCS12_KEY_ID,
diff --git a/src/lib/libcrypto/pkcs12/p12_mutl.c b/src/lib/libcrypto/pkcs12/p12_mutl.c
index bf88c78270..56a4964a34 100644
--- a/src/lib/libcrypto/pkcs12/p12_mutl.c
+++ b/src/lib/libcrypto/pkcs12/p12_mutl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_mutl.c,v 1.21 2015/09/30 17:30:15 jsing Exp $ */
+/* $OpenBSD: p12_mutl.c,v 1.22 2016/11/08 20:01:06 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -89,8 +89,10 @@ PKCS12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
 	saltlen = p12->mac->salt->length;
 	if (!p12->mac->iter)
 		iter = 1;
-	else
-		iter = ASN1_INTEGER_get(p12->mac->iter);
+	else if ((iter = ASN1_INTEGER_get(p12->mac->iter)) <= 0) {
+		PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_DECODE_ERROR);
+		return 0;
+	}
 	if (!(md_type = EVP_get_digestbyobj(
 	    p12->mac->dinfo->algor->algorithm))) {
 		PKCS12err(PKCS12_F_PKCS12_GEN_MAC,
diff --git a/src/lib/libcrypto/x509v3/v3_purp.c b/src/lib/libcrypto/x509v3/v3_purp.c
index 69a8d05f26..a091a7f425 100644
--- a/src/lib/libcrypto/x509v3/v3_purp.c
+++ b/src/lib/libcrypto/x509v3/v3_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: v3_purp.c,v 1.26 2015/02/10 13:28:17 jsing Exp $ */
+/* $OpenBSD: v3_purp.c,v 1.27 2016/11/08 20:01:06 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -450,8 +450,14 @@ x509v3_cache_extensions(X509 *x)
 			x->ex_flags |= EXFLAG_INVALID;
 		}
 		if (pci->pcPathLengthConstraint) {
-			x->ex_pcpathlen =
-			    ASN1_INTEGER_get(pci->pcPathLengthConstraint);
+			if (pci->pcPathLengthConstraint->type ==
+			    V_ASN1_NEG_INTEGER) {
+				x->ex_flags |= EXFLAG_INVALID;
+				x->ex_pcpathlen = 0;
+			} else
+				x->ex_pcpathlen =
+				    ASN1_INTEGER_get(pci->
+				      pcPathLengthConstraint);
 		} else
 			x->ex_pcpathlen = -1;
 		PROXY_CERT_INFO_EXTENSION_free(pci);
-- 
cgit v1.2.3-55-g6feb