Upstream merge 2024 02 23 (aws#1452)

crypto/asn1/tasn_new.c

@@ -194,16 +194,9 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
 }
 
 static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) {
-  const ASN1_EXTERN_FUNCS *ef;
-
   switch (it->itype) {
     case ASN1_ITYPE_EXTERN:
-      ef = it->funcs;
-      if (ef && ef->asn1_ex_clear) {
-        ef->asn1_ex_clear(pval, it);
-      } else {
-        *pval = NULL;
-      }
+      *pval = NULL;
       break;
 
     case ASN1_ITYPE_PRIMITIVE:
@@ -285,7 +278,7 @@ static int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) {
   }
   switch (utype) {
     case V_ASN1_OBJECT:
-      *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
+      *pval = (ASN1_VALUE *)OBJ_get_undef();
       return 1;
 
     case V_ASN1_BOOLEAN:

crypto/mem.c

@@ -162,31 +162,6 @@ int CRYPTO_set_mem_functions(
   return 1;
 }
 
-// kBoringSSLBinaryTag is a distinctive byte sequence to identify binaries that
-// are linking in BoringSSL and, roughly, what version they are using.
-static const uint8_t kBoringSSLBinaryTag[18] = {
-    // 16 bytes of magic tag.
-    0x8c,
-    0x62,
-    0x20,
-    0x0b,
-    0xd2,
-    0xa0,
-    0x72,
-    0x58,
-    0x44,
-    0xa8,
-    0x96,
-    0x69,
-    0xad,
-    0x55,
-    0x7e,
-    0xec,
-    // Current source iteration. Incremented ~monthly.
-    3,
-    0,
-};
-
 void *OPENSSL_malloc(size_t size) {
   if (malloc_impl != NULL) {
     assert(OPENSSL_memory_alloc == NULL);
@@ -208,14 +183,6 @@ void *OPENSSL_malloc(size_t size) {
   }
 
   if (size + OPENSSL_MALLOC_PREFIX < size) {
-    // |OPENSSL_malloc| is a central function in BoringSSL thus a reference to
-    // |kBoringSSLBinaryTag| is created here so that the tag isn't discarded by
-    // the linker. The following is sufficient to stop GCC, Clang, and MSVC
-    // optimising away the reference at the time of writing. Since this
-    // probably results in an actual memory reference, it is put in this very
-    // rare code path.
-    uint8_t unused = *(volatile uint8_t *)kBoringSSLBinaryTag;
-    (void) unused;
     goto err;
   }
 

crypto/obj/obj.c

@@ -187,12 +187,19 @@ size_t OBJ_length(const ASN1_OBJECT *obj) {
   return (size_t)obj->length;
 }
 
+static const ASN1_OBJECT *get_builtin_object(int nid) {
+  // |NID_undef| is stored separately, so all the indices are off by one. The
+  // caller of this function must have a valid built-in, non-undef NID.
+  BSSL_CHECK(nid > 0 && nid < NUM_NID);
+  return &kObjects[nid - 1];
+}
+
 // obj_cmp is called to search the kNIDsInOIDOrder array. The |key| argument is
 // an |ASN1_OBJECT|* that we're looking for and |element| is a pointer to an
 // unsigned int in the array.
 static int obj_cmp(const void *key, const void *element) {
   uint16_t nid = *((const uint16_t *)element);
-  return OBJ_cmp(key, &kObjects[nid]);
+  return OBJ_cmp(key, get_builtin_object(nid));
 }
 
 int OBJ_obj2nid(const ASN1_OBJECT *obj) {
@@ -223,7 +230,7 @@ int OBJ_obj2nid(const ASN1_OBJECT *obj) {
     return NID_undef;
   }
 
-  return kObjects[*nid_ptr].nid;
+  return get_builtin_object(*nid_ptr)->nid;
 }
 
 int OBJ_cbs2nid(const CBS *cbs) {
@@ -246,7 +253,7 @@ static int short_name_cmp(const void *key, const void *element) {
   const char *name = (const char *)key;
   uint16_t nid = *((const uint16_t *)element);
 
-  return strcmp(name, kObjects[nid].sn);
+  return strcmp(name, get_builtin_object(nid)->sn);
 }
 
 int OBJ_sn2nid(const char *short_name) {
@@ -271,7 +278,7 @@ int OBJ_sn2nid(const char *short_name) {
     return NID_undef;
   }
 
-  return kObjects[*nid_ptr].nid;
+  return get_builtin_object(*nid_ptr)->nid;
 }
 
 // long_name_cmp is called to search the kNIDsInLongNameOrder array. The
@@ -281,7 +288,7 @@ static int long_name_cmp(const void *key, const void *element) {
   const char *name = (const char *)key;
   uint16_t nid = *((const uint16_t *)element);
 
-  return strcmp(name, kObjects[nid].ln);
+  return strcmp(name, get_builtin_object(nid)->ln);
 }
 
 int OBJ_ln2nid(const char *long_name) {
@@ -305,7 +312,7 @@ int OBJ_ln2nid(const char *long_name) {
     return NID_undef;
   }
 
-  return kObjects[*nid_ptr].nid;
+  return get_builtin_object(*nid_ptr)->nid;
 }
 
 int OBJ_txt2nid(const char *s) {
@@ -332,12 +339,29 @@ OPENSSL_EXPORT int OBJ_nid2cbb(CBB *out, int nid) {
   return 1;
 }
 
+const ASN1_OBJECT *OBJ_get_undef(void) {
+  static const ASN1_OBJECT kUndef = {
+      /*sn=*/SN_undef,
+      /*ln=*/LN_undef,
+      /*nid=*/NID_undef,
+      /*length=*/0,
+      /*data=*/NULL,
+      /*flags=*/0,
+  };
+  return &kUndef;
+}
+
 ASN1_OBJECT *OBJ_nid2obj(int nid) {
-  if (nid >= 0 && nid < NUM_NID) {
-    if (nid != NID_undef && kObjects[nid].nid == NID_undef) {
+  if (nid == NID_undef) {
+    return (ASN1_OBJECT *)OBJ_get_undef();
+  }
+
+  if (nid > 0 && nid < NUM_NID) {
+    const ASN1_OBJECT *obj = get_builtin_object(nid);
+    if (nid != NID_undef && obj->nid == NID_undef) {
       goto err;
     }
-    return (ASN1_OBJECT *)&kObjects[nid];
+    return (ASN1_OBJECT *)obj;
   }
 
   CRYPTO_STATIC_MUTEX_lock_read(&global_added_lock);

crypto/obj/obj_dat.h

@@ -7221,7 +7221,6 @@ static const uint8_t kObjectData[] = {
 };
 
 static const ASN1_OBJECT kObjects[NUM_NID] = {
-    {"UNDEF", "undefined", NID_undef, 0, NULL, 0},
     {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &kObjectData[0], 0},
     {"pkcs", "RSA Data Security, Inc. PKCS", NID_pkcs, 7, &kObjectData[6], 0},
     {"MD2", "md2", NID_md2, 8, &kObjectData[13], 0},
@@ -9101,7 +9100,6 @@ static const uint16_t kNIDsInShortNameOrder[] = {
     143 /* SXNetID */,
     981 /* SecP256r1Kyber768Draft00 */,
     458 /* UID */,
-    0 /* UNDEF */,
     948 /* X25519 */,
     982 /* X25519Kyber768Draft00 */,
     961 /* X448 */,
@@ -10815,7 +10813,6 @@ static const uint16_t kNIDsInLongNameOrder[] = {
     106 /* title */,
     682 /* tpBasis */,
     436 /* ucl */,
-    0 /* undefined */,
     888 /* uniqueMember */,
     55 /* unstructuredAddress */,
     49 /* unstructuredName */,

crypto/obj/obj_test.cc

@@ -56,6 +56,10 @@ TEST(ObjTest, TestBasic) {
   };
   CBS_init(&cbs, kUnknownDER, sizeof(kUnknownDER));
   ASSERT_EQ(NID_undef, OBJ_cbs2nid(&cbs));
+
+  EXPECT_EQ(NID_undef, OBJ_sn2nid("UNDEF"));
+  EXPECT_EQ(NID_undef, OBJ_ln2nid("undefined"));
+  EXPECT_EQ(OBJ_get_undef(), OBJ_nid2obj(NID_undef));
 }
 
 TEST(ObjTest, TestSignatureAlgorithms) {

crypto/obj/objects.go

@@ -614,6 +614,12 @@ func writeData(path string, objs *objects) error {
 	// Emit an ASN1_OBJECT for each object.
 	fmt.Fprintf(&b, "\nstatic const ASN1_OBJECT kObjects[NUM_NID] = {\n")
 	for nid, obj := range objs.byNID {
+		// Skip the entry for NID_undef. It is stored separately, so that
+		// OBJ_get_undef avoids pulling in the table.
+		if nid == 0 {
+			continue
+		}
+
 		if len(obj.name) == 0 {
 			fmt.Fprintf(&b, "{NULL, NULL, NID_undef, 0, NULL, 0},\n")
 			continue
@@ -640,7 +646,11 @@ func writeData(path string, objs *objects) error {
 
 	fmt.Fprintf(&b, "\nstatic const uint16_t kNIDsInShortNameOrder[] = {\n")
 	for _, nid := range nids {
-		fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].shortName)
+		// Including NID_undef in the table does not do anything. Whether OBJ_sn2nid
+		// finds the object or not, it will return NID_undef.
+		if nid != 0 {
+			fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].shortName)
+		}
 	}
 	fmt.Fprintf(&b, "};\n")
 
@@ -656,7 +666,11 @@ func writeData(path string, objs *objects) error {
 
 	fmt.Fprintf(&b, "\nstatic const uint16_t kNIDsInLongNameOrder[] = {\n")
 	for _, nid := range nids {
-		fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].longName)
+		// Including NID_undef in the table does not do anything. Whether OBJ_ln2nid
+		// finds the object or not, it will return NID_undef.
+		if nid != 0 {
+			fmt.Fprintf(&b, "%d /* %s */,\n", nid, objs.byNID[nid].longName)
+		}
 	}
 	fmt.Fprintf(&b, "};\n")
 

crypto/x509/algorithm.c

@@ -122,8 +122,7 @@ int x509_digest_sign_algorithm(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
   // it.
   int paramtype =
       (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) ? V_ASN1_NULL : V_ASN1_UNDEF;
-  X509_ALGOR_set0(algor, OBJ_nid2obj(sign_nid), paramtype, NULL);
-  return 1;
+  return X509_ALGOR_set0(algor, OBJ_nid2obj(sign_nid), paramtype, NULL);
 }
 
 int x509_digest_verify_init(EVP_MD_CTX *ctx, const X509_ALGOR *sigalg,

crypto/x509/rsa_pss.c

@@ -149,7 +149,9 @@ static int rsa_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md) {
   if (!*palg) {
     goto err;
   }
-  X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp);
+  if (!X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp)) {
+    goto err;
+  }
   stmp = NULL;
 
 err:
@@ -244,7 +246,9 @@ int x509_rsa_ctx_to_pss(EVP_MD_CTX *ctx, X509_ALGOR *algor) {
     goto err;
   }
 
-  X509_ALGOR_set0(algor, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os);
+  if (!X509_ALGOR_set0(algor, OBJ_nid2obj(NID_rsassaPss), V_ASN1_SEQUENCE, os)) {
+    goto err;
+  }
   os = NULL;
   ret = 1;