Skip to content

Commit 56def5a

Browse files
torben-hansentorben-hansen
authored
Verify contentinfo content is NULL is handled (#1428)
1 parent 997e2dd commit 56def5a

File tree

5 files changed

+442
-389
lines changed

5 files changed

+442
-389
lines changed

crypto/pkcs8/pkcs12_test.cc

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,17 @@ static void TestImpl(const char *name, bssl::Span<const uint8_t> der,
6868
}
6969
}
7070

71+
static void TestImplParseFail(const char *name, bssl::Span<const uint8_t> der,
72+
const char *password) {
73+
SCOPED_TRACE(name);
74+
bssl::UniquePtr<STACK_OF(X509)> certs(sk_X509_new_null());
75+
ASSERT_TRUE(certs);
76+
77+
EVP_PKEY *key = nullptr;
78+
CBS pkcs12 = der;
79+
EXPECT_FALSE(PKCS12_get_key_and_certs(&key, certs.get(), &pkcs12, password));
80+
}
81+
7182
static void TestCompat(bssl::Span<const uint8_t> der) {
7283
bssl::UniquePtr<BIO> bio(BIO_new_mem_buf(der.data(), der.size()));
7384
ASSERT_TRUE(bio);
@@ -140,6 +151,28 @@ TEST(PKCS12Test, TestNoEncryption) {
140151
TestImpl("kNoEncryption", StringToBytes(data), kPassword, nullptr);
141152
}
142153

154+
// The AuthSafe field of the PFX is of type
155+
// ContentInfo https://datatracker.ietf.org/doc/html/rfc7292#appendix-D. It's
156+
// Content field is optional per
157+
// https://datatracker.ietf.org/doc/html/rfc2315#section-7, but we do not
158+
// support that. It must not be absent. Additionally, the Content field of
159+
// AuthSafe contains the AuthenticatedSafe
160+
// https://datatracker.ietf.org/doc/html/rfc7292#section-4.1; a sequence of
161+
// ContentInfo's, where each Content field is Optional, again per RFC2315. We do
162+
// not support this case either, the field cannot be absent.
163+
// Below two test fixtures validates the above. See V1217527752.
164+
TEST(PKCS12Test, TestNULLContentInfoRoot) {
165+
// Content in AuthSafe can't be NULL.
166+
std::string data = GetTestData("crypto/pkcs8/test/null_contentinfo_root.p12");
167+
TestImplParseFail("kNoEncryption", StringToBytes(data), nullptr);
168+
}
169+
170+
TEST(PKCS12Test, TestNULLContentInfoChild) {
171+
// Content in ContentInfo from sequence contained in AuthSafe can't be NULL.
172+
std::string data = GetTestData("crypto/pkcs8/test/null_contentinfo_child.p12");
173+
TestImplParseFail("kNoEncryption", StringToBytes(data), nullptr);
174+
}
175+
143176
TEST(PKCS12Test, TestEmptyPassword) {
144177
#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
145178
return; // The MAC check always passes in fuzzer mode.

crypto/pkcs8/test/null_contentinfo_child.p12

104 Bytes
Binary file not shown.

crypto/pkcs8/test/null_contentinfo_root.p12

85 Bytes
Binary file not shown.

generated-src/crypto_test_data.cc

Lines changed: 407 additions & 389 deletions
Large diffs are not rendered by default.

sources.cmake

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -191,6 +191,8 @@ set(
191191
crypto/pkcs8/test/pbes2_sha256.p12
192192
crypto/pkcs8/test/unicode_password.p12
193193
crypto/pkcs8/test/windows.p12
194+
crypto/pkcs8/test/null_contentinfo_root.p12
195+
crypto/pkcs8/test/null_contentinfo_child.p12
194196
crypto/poly1305/poly1305_tests.txt
195197
crypto/siphash/siphash_tests.txt
196198
crypto/x509/test/basic_constraints_ca.pem

0 commit comments

Comments
 (0)