diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2013-01-24 13:30:42 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2013-02-05 16:50:31 +0000 |
commit | 66e8211c0b1347970096e04b18aa52567c325200 (patch) | |
tree | b466e3e26ccd1601ab5f45f79ba8d7256086eba8 /crypto | |
parent | dd2dee60f343a28cd93e065c7dae7619885515ff (diff) |
Don't try and verify signatures if key is NULL (CVE-2013-0166)
Add additional check to catch this in ASN1_item_verify too.
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/asn1/a_verify.c | 6 | ||||
-rw-r--r-- | crypto/ocsp/ocsp_vfy.c | 9 |
2 files changed, 12 insertions, 3 deletions
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index da3efaaf8d..7ded69b170 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -138,6 +138,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat unsigned char *buf_in=NULL; int ret= -1,i,inl; + if (!pkey) + { + ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); + return -1; + } + EVP_MD_CTX_init(&ctx); i=OBJ_obj2nid(a->algorithm); type=EVP_get_digestbyname(OBJ_nid2sn(i)); diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c index d3b446c5f9..f24080fa0e 100644 --- a/crypto/ocsp/ocsp_vfy.c +++ b/crypto/ocsp/ocsp_vfy.c @@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs, { EVP_PKEY *skey; skey = X509_get_pubkey(signer); - ret = OCSP_BASICRESP_verify(bs, skey, 0); - EVP_PKEY_free(skey); - if(ret <= 0) + if (skey) + { + ret = OCSP_BASICRESP_verify(bs, skey, 0); + EVP_PKEY_free(skey); + } + if(!skey || ret <= 0) { OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE); goto end; |