Import OpenSSL 1.1.1g

test/certs/ee-pathlen.pem

@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICszCCAZugAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg
+Fw0yMDA0MDMwODA0MTVaGA8yMTIwMDQwNDA4MDQxNVowGTEXMBUGA1UEAwwOc2Vy
+dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY
+YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT
+5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l
+Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1
+U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5
+ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn
+iIQPYf55NB9KiR+3AgMBAAGjEDAOMAwGA1UdEwQFMAMCAQAwDQYJKoZIhvcNAQEL
+BQADggEBAApOUnWWd09I0ts3xa1oK7eakc+fKTF4d7pbGznFNONaCR3KFRgnBVlG
+Bm8/oehrrQ28Ad3XPSug34DQQ5kM6JIuaddx50/n4Xkgj8/fgXVA0HXizOJ3QpKC
+IojLVajXlQHhpo72VUQuNOha0UxG9daYjS20iXRhanTm9rUz7qQZEugVQCiR0z/f
+9NgM7FU9UaSidzH3gZu/Ufc4Ggn6nZV7LM9sf4IUV+KszS1VpcK+9phAmsB6BaAi
+cFXvVXZjTNualQgPyPwOD8c+vVCIfIemfF5TZ6fyqpOjprWQAphwrTtfNDSmqRTz
+FRhDf+vJERQclgUtg37EgWGKtnNQeRY=
+-----END CERTIFICATE-----

test/certs/setup.sh

@@ -154,7 +154,7 @@ openssl x509 -in sca-cert.pem -trustout \
     -addtrust anyExtendedKeyUsage -out sca+anyEKU.pem
 
 # Primary leaf cert: ee-cert
-# ee variants: expired, issuer-key2, issuer-name2
+# ee variants: expired, issuer-key2, issuer-name2, bad-pathlen
 # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth
 # purpose variants: client
 #
@@ -163,6 +163,8 @@ openssl x509 -in sca-cert.pem -trustout \
 ./mkcert.sh genee server.example ee-key ee-cert2 ca-key2 ca-cert2
 ./mkcert.sh genee server.example ee-key ee-name2 ca-key ca-name2
 ./mkcert.sh genee -p clientAuth server.example ee-key ee-client ca-key ca-cert
+./mkcert.sh genee server.example ee-key ee-pathlen ca-key ca-cert \
+    -extfile <(echo "basicConstraints=CA:FALSE,pathlen:0")
 #
 openssl x509 -in ee-cert.pem -trustout \
     -addtrust serverAuth -out ee+serverAuth.pem

test/recipes/25-test_verify.t

@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -27,7 +27,7 @@ sub verify {
     run(app([@args]));
 }
 
-plan tests => 135;
+plan tests => 137;
 
 # Canonical success
 ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
@@ -222,6 +222,10 @@ ok(verify("ee-client", "sslclient", [qw(ee+clientAuth)], [], "-partial_chain"),
    "accept direct match with client trust");
 ok(!verify("ee-client", "sslclient", [qw(ee-clientAuth)], [], "-partial_chain"),
    "reject direct match with client mistrust");
+ok(verify("ee-pathlen", "sslserver", [qw(root-cert)], [qw(ca-cert)]),
+   "accept non-ca with pathlen:0 by default");
+ok(!verify("ee-pathlen", "sslserver", [qw(root-cert)], [qw(ca-cert)], "-x509_strict"),
+   "reject non-ca with pathlen:0 with strict flag");
 
 # Proxy certificates
 ok(!verify("pc1-cert", "sslclient", [qw(root-cert)], [qw(ee-client ca-cert)]),

test/recipes/70-test_sslsigalgs.t

@@ -44,7 +44,9 @@ use constant {
     COMPAT_SIGALGS => 6,
     SIGALGS_CERT_ALL => 7,
     SIGALGS_CERT_PKCS => 8,
-    SIGALGS_CERT_INVALID => 9
+    SIGALGS_CERT_INVALID => 9,
+    UNRECOGNIZED_SIGALGS_CERT => 10,
+    UNRECOGNIZED_SIGALG => 11
 };
 
 #Note: Throughout this test we override the default ciphersuites where TLSv1.2
@@ -53,7 +55,7 @@ use constant {
 
 #Test 1: Default sig algs should succeed
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
-plan tests => 24;
+plan tests => 26;
 ok(TLSProxy::Message->success, "Default sigalgs");
 my $testtype;
 
@@ -282,6 +284,39 @@ SKIP: {
     ok(TLSProxy::Message->fail, "No matching certificate for sigalgs_cert");
 }
 
+SKIP: {
+    skip "TLS 1.3 disabled", 2 if disabled("tls1_3");
+    #Test 25: Send an unrecognized signature_algorithms_cert
+    #        We should be able to skip over the unrecognized value and use a
+    #        valid one that appears later in the list.
+    $proxy->clear();
+    $proxy->filter(\&inject_unrecognized_sigalg);
+    $proxy->clientflags("-tls1_3");
+    # Use -xcert to get SSL_check_chain() to run in the cert_cb.  This is
+    # needed to trigger (e.g.) CVE-2020-1967
+    $proxy->serverflags("" .
+            " -xcert " . srctop_file("test", "certs", "servercert.pem") .
+            " -xkey " . srctop_file("test", "certs", "serverkey.pem") .
+            " -xchain " . srctop_file("test", "certs", "rootcert.pem"));
+    $testtype = UNRECOGNIZED_SIGALGS_CERT;
+    $proxy->start();
+    ok(TLSProxy::Message->success(), "Unrecognized sigalg_cert in ClientHello");
+
+    #Test 26: Send an unrecognized signature_algorithms
+    #        We should be able to skip over the unrecognized value and use a
+    #        valid one that appears later in the list.
+    $proxy->clear();
+    $proxy->filter(\&inject_unrecognized_sigalg);
+    $proxy->clientflags("-tls1_3");
+    $proxy->serverflags("" .
+            " -xcert " . srctop_file("test", "certs", "servercert.pem") .
+            " -xkey " . srctop_file("test", "certs", "serverkey.pem") .
+            " -xchain " . srctop_file("test", "certs", "rootcert.pem"));
+    $testtype = UNRECOGNIZED_SIGALG;
+    $proxy->start();
+    ok(TLSProxy::Message->success(), "Unrecognized sigalg in ClientHello");
+}
+
 
 
 sub sigalgs_filter
@@ -427,3 +462,30 @@ sub modify_cert_verify_sigalg
         }
     }
 }
+
+sub inject_unrecognized_sigalg
+{
+    my $proxy = shift;
+    my $type;
+
+    # We're only interested in the initial ClientHello
+    if ($proxy->flight != 0) {
+        return;
+    }
+    if ($testtype == UNRECOGNIZED_SIGALGS_CERT) {
+        $type = TLSProxy::Message::EXT_SIG_ALGS_CERT;
+    } elsif ($testtype == UNRECOGNIZED_SIGALG) {
+        $type = TLSProxy::Message::EXT_SIG_ALGS;
+    } else {
+        return;
+    }
+
+    my $ext = pack "C8",
+        0x00, 0x06, #Extension length
+        0xfe, 0x18, #private use
+        0x04, 0x01, #rsa_pkcs1_sha256
+        0x08, 0x04; #rsa_pss_rsae_sha256;
+    my $message = ${$proxy->message_list}[0];
+    $message->set_extension($type, $ext);
+    $message->repack;
+}

test/sm2_internal_test.c

@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -32,17 +32,18 @@ static size_t fake_rand_size = 0;
 
 static int get_faked_bytes(unsigned char *buf, int num)
 {
-    int i;
-
     if (fake_rand_bytes == NULL)
         return saved_rand->bytes(buf, num);
 
-    if (!TEST_size_t_le(fake_rand_bytes_offset + num, fake_rand_size))
+    if (!TEST_size_t_gt(fake_rand_size, 0))
         return 0;
 
-    for (i = 0; i != num; ++i)
-        buf[i] = fake_rand_bytes[fake_rand_bytes_offset + i];
-    fake_rand_bytes_offset += num;
+    while (num-- > 0) {
+        if (fake_rand_bytes_offset >= fake_rand_size)
+            fake_rand_bytes_offset = 0;
+        *buf++ = fake_rand_bytes[fake_rand_bytes_offset++];
+    }
+
     return 1;
 }
 
@@ -175,8 +176,7 @@ static int test_sm2_crypt(const EC_GROUP *group,
 
     start_fake_rand(k_hex);
     if (!TEST_true(sm2_encrypt(key, digest, (const uint8_t *)message, msg_len,
-                               ctext, &ctext_len))
-            || !TEST_size_t_eq(fake_rand_bytes_offset, fake_rand_size)) {
+                               ctext, &ctext_len))) {
         restore_rand();
         goto done;
     }
@@ -296,8 +296,7 @@ static int test_sm2_sign(const EC_GROUP *group,
     start_fake_rand(k_hex);
     sig = sm2_do_sign(key, EVP_sm3(), (const uint8_t *)userid, strlen(userid),
                       (const uint8_t *)message, msg_len);
-    if (!TEST_ptr(sig)
-            || !TEST_size_t_eq(fake_rand_bytes_offset, fake_rand_size)) {
+    if (!TEST_ptr(sig)) {
         restore_rand();
         goto done;
     }