Skip to content

Commit

Permalink
Add some more null guards in the OSSL crypto PAL
Browse files Browse the repository at this point in the history
  • Loading branch information
@bartonjs
bartonjs authored Feb 14, 2024
1 parent be5694d commit 49fe3b0
Show file tree
Hide file tree
Showing 5 changed files with 39 additions and 1 deletion.
6 changes: 6 additions & 0 deletions src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -591,6 +591,12 @@ public static void UseAfterDispose()
}
}

[Fact]
public static void EmptyPkcs7ThrowsException()
{
Assert.ThrowsAny<CryptographicException>(() => new X509Certificate2(TestData.EmptyPkcs7));
}

[Fact]
public static void ExportPublicKeyAsPkcs12()
{
Expand Down
2 changes: 2 additions & 0 deletions src/libraries/System.Security.Cryptography/tests/X509Certificates/TestData.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4224,5 +4224,7 @@ internal static DSAParameters GetDSA1024Params()
"09463C6E50BCA36EB3F8BCB00D8A415D2D0DB5AE08303B301F300706052B0E03" +
"021A0414A57105D833610A6D07EBFBE51E5486CD3F8BCE0D0414DB32290CC077" +
"37E9D9446E37F104FA876C861C0102022710").HexToByteArray();

internal static readonly byte[] EmptyPkcs7 = "300B06092A864886F70D010702".HexToByteArray();
}
}
17 changes: 16 additions & 1 deletion src/native/libs/System.Security.Cryptography.Native/apibridge.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ int32_t local_X509_get_version(const X509* x509)

X509_PUBKEY* local_X509_get_X509_PUBKEY(const X509* x509)
{
if (x509)
if (x509 && x509->cert_info)
{
return x509->cert_info->key;
}
Expand All @@ -123,13 +123,28 @@ X509_PUBKEY* local_X509_get_X509_PUBKEY(const X509* x509)
int32_t local_X509_PUBKEY_get0_param(
ASN1_OBJECT** palgOid, const uint8_t** pkeyBytes, int* pkeyBytesLen, X509_ALGOR** palg, X509_PUBKEY* pubkey)
{
if (!pubkey)
{
return 0;
}

if (palgOid)
{
if (!pubkey->algor)
{
return 0;
}

*palgOid = pubkey->algor->algorithm;
}

if (pkeyBytes)
{
if (!pubkey->public_key)
{
return 0;
}

*pkeyBytes = pubkey->public_key->data;
*pkeyBytesLen = pubkey->public_key->length;
}
Expand Down
5 changes: 5 additions & 0 deletions src/native/libs/System.Security.Cryptography.Native/openssl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -669,6 +669,11 @@ BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32_t forIssue
0 == strncmp(localOid, szOidUpn, sizeof(szOidUpn)))
{
// OTHERNAME->ASN1_TYPE->union.field
if (!value->value)
{
return NULL;
}

str = value->value->value.asn1_string;
}
}
Expand Down
10 changes: 10 additions & 0 deletions src/native/libs/System.Security.Cryptography.Native/pal_pkcs7.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,19 @@ int32_t CryptoNative_GetPkcs7Certificates(PKCS7* p7, X509Stack** certs)
switch (OBJ_obj2nid(p7->type))
{
case NID_pkcs7_signed:
if (!p7->d.sign)
{
return 0;
}

*certs = p7->d.sign->cert;
return 1;
case NID_pkcs7_signedAndEnveloped:
if (!p7->d.signed_and_enveloped)
{
return 0;
}

*certs = p7->d.signed_and_enveloped->cert;
return 1;
}
Expand Down

0 comments on commit 49fe3b0

Please sign in to comment.