Skip to content

Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces non legacy keys).#13591

Closed
slontis wants to merge 1 commit intoopenssl:masterfrom
slontis:d2i_autoprivatekey_prov
Closed

Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces non legacy keys).#13591
slontis wants to merge 1 commit intoopenssl:masterfrom
slontis:d2i_autoprivatekey_prov

Conversation

@slontis
Copy link
Member

@slontis slontis commented Dec 2, 2020

Fixes #13522

Checklist
  • documentation is added or updated
  • tests are added or updated

@slontis slontis added branch: master Applies to master branch triaged: OTC evaluated labels Dec 2, 2020
@slontis slontis added this to the 3.0.0 beta1 milestone Dec 2, 2020
@slontis
Copy link
Member Author

slontis commented Dec 2, 2020

@levitte - this produces an interesting failure in the fuzz tests..

dumpasn1 fuzz/corpora/asn1/2b5bdcbf1810066fcc04831b9b60365150e5340c
0 18: SEQUENCE {
2 9: SEQUENCE {
4 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3)
: }
13 5: BIT STRING
: '11000100000000001000000001000000'B
: }

Basically there are no domain params in this data so when it goes to cache it tries to access dsa->param and falls over..
I am not sure where we need to check for bad data during the decoding process, but this is obviously a bit of a problem.

slontis
slontis commented Dec 2, 2020
View reviewed changes
slontis
slontis commented Dec 2, 2020
View reviewed changes
@slontis slontis changed the title Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces non legay keys). Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces non legacy keys). Dec 2, 2020
levitte
levitte requested changes Dec 2, 2020
View reviewed changes
levitte
levitte reviewed Dec 2, 2020
View reviewed changes
levitte
levitte reviewed Dec 2, 2020
View reviewed changes
@kroeckx
Copy link
Member

kroeckx commented Dec 2, 2020

Why doesn't the ci fuzz target complain about the issue?

@kroeckx kroeckx mentioned this pull request Dec 2, 2020
Closed
@slontis
Copy link
Member Author

slontis commented Dec 2, 2020

Why doesn't the ci fuzz target complain about the issue?

Not sure. It was failing locally..

@kroeckx
Copy link
Member

kroeckx commented Dec 2, 2020

I've opened an issue at google/oss-fuzz#4767

@slontis slontis mentioned this pull request Dec 4, 2020
Closed
levitte
levitte reviewed Dec 4, 2020
View reviewed changes
levitte
levitte previously approved these changes Dec 4, 2020
View reviewed changes
@levitte levitte added approval: done This pull request has the required number of approvals and removed approval: done This pull request has the required number of approvals labels Dec 4, 2020
@levitte levitte dismissed their stale review December 4, 2020 06:45

I approved too soon... CIs are unhappy

@slontis
Copy link
Member Author

slontis commented Dec 4, 2020

They are unhappy because of the issue I just reported :)

@slontis slontis closed this Dec 7, 2020
@slontis slontis reopened this Dec 7, 2020
@slontis
Copy link
Member Author

slontis commented Dec 7, 2020

CI loop is happy now that the DSA_size() NULL checks have been added.

@levitte levitte added the approval: done This pull request has the required number of approvals label Dec 8, 2020
@openssl-machine openssl-machine removed the approval: done This pull request has the required number of approvals label Dec 9, 2020
@openssl-machine
Copy link
Collaborator

openssl-machine commented Dec 9, 2020

This pull request is ready to merge

@openssl-machine openssl-machine added the approval: ready to merge The 24 hour grace period has passed, ready to merge label Dec 9, 2020
@t8m t8m added the hold: discussion The community needs to establish a consensus how to move forward with the issue or PR label Dec 9, 2020
@jon-oracle
Copy link
Contributor

jon-oracle commented Jan 15, 2021

Ping

@t8m t8m added approval: review pending This pull request needs review by a committer and removed approval: ready to merge The 24 hour grace period has passed, ready to merge labels Jan 18, 2021
@slontis
Copy link
Member Author

slontis commented Jan 20, 2021

ping

@levitte levitte mentioned this pull request Jan 25, 2021
Merged
@slontis slontis closed this Feb 1, 2021
@slontis slontis reopened this Feb 1, 2021
@paulnelsontx paulnelsontx self-assigned this Feb 4, 2021
@slontis
Copy link
Member Author

slontis commented Feb 8, 2021

ping

@slontis slontis closed this Feb 8, 2021
@slontis slontis reopened this Feb 8, 2021
@slontis
Copy link
Member Author

slontis commented Feb 8, 2021

looks like this doesnt build now :)

@slontis slontis force-pushed the d2i_autoprivatekey_prov branch from 73d58d1 to b3a0fc1 Compare February 8, 2021 23:09
@slontis
Copy link
Member Author

slontis commented Feb 8, 2021

Rebase and removed duplicate function evp_pkey_type2name.

@slontis slontis force-pushed the d2i_autoprivatekey_prov branch from b3a0fc1 to 22ed598 Compare February 12, 2021 00:41
@slontis slontis closed this Feb 12, 2021
@slontis slontis reopened this Feb 12, 2021
@slontis
Copy link
Member Author

slontis commented Feb 12, 2021

Rebased again..
ping.

@jon-oracle jon-oracle mentioned this pull request Feb 16, 2021
Closed
@slontis
Copy link
Member Author

slontis commented Feb 16, 2021

ping

@paulidale paulidale added the approval: done This pull request has the required number of approvals label Feb 18, 2021
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Feb 19, 2021
@openssl-machine
Copy link
Collaborator

openssl-machine commented Feb 19, 2021

This pull request is ready to merge

@slontis slontis removed the approval: review pending This pull request needs review by a committer label Feb 19, 2021
openssl-machine pushed a commit that referenced this pull request Feb 19, 2021
@slontis
Fix d2i_AutoPrivateKey_ex so that is uses the new decoder (and produces
576892d 
non legacy keys).

Fixes #13522

Reviewed-by: Paul Dale <[email protected]>
(Merged from #13591)
@slontis
Copy link
Member Author

slontis commented Feb 19, 2021

Thanks for reviewing. Merged to master.

@slontis slontis closed this Feb 19, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@paulidale paulidale paulidale approved these changes

@levitte levitte Awaiting requested review from levitte

Assignees

@paulnelsontx paulnelsontx

Labels

approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Applies to master branch

Projects

None yet

Milestone

3.0.0 beta1

Development

Successfully merging this pull request may close these issues.

Cannot retrieve parameters from DH key created using d2i_AutoPrivateKey_ex()

8 participants

@slontis @kroeckx @openssl-machine @t8m @levitte @jon-oracle @paulidale @paulnelsontx