mirror of
https://github.com/curl/curl.git
synced 2026-05-17 05:06:20 +03:00
61d59c9e39
The dh(g) parameter was read from param->beg instead of from the cursor p returned by parsing dh(p). This caused dh(g) to always report the same value as dh(p) when inspecting DH certificates via CURLOPT_CERTINFO on non-OpenSSL backends. The DSA branch correctly advances the cursor; the DH branch lost this during what appears to be a copy-paste. Add unit1676 to verify that dh(p) and dh(g) report distinct values using a hand-crafted minimal DER certificate. Assisted by: Claude Opus 4.6 Signed-off-by: Sergio Correia <scorreia@redhat.com> Closes #21595
120 lines
4.5 KiB
C
120 lines
4.5 KiB
C
/***************************************************************************
|
|
* _ _ ____ _
|
|
* Project ___| | | | _ \| |
|
|
* / __| | | | |_) | |
|
|
* | (__| |_| | _ <| |___
|
|
* \___|\___/|_| \_\_____|
|
|
*
|
|
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
*
|
|
* This software is licensed as described in the file COPYING, which
|
|
* you should have received as part of this distribution. The terms
|
|
* are also available at https://curl.se/docs/copyright.html.
|
|
*
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
*
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
* KIND, either express or implied.
|
|
*
|
|
* SPDX-License-Identifier: curl
|
|
*
|
|
***************************************************************************/
|
|
#include "unitcheck.h"
|
|
#include "vtls/x509asn1.h"
|
|
#include "vtls/vtls.h"
|
|
|
|
static CURLcode test_unit1676(const char *arg)
|
|
{
|
|
UNITTEST_BEGIN_SIMPLE
|
|
|
|
#if defined(USE_GNUTLS) || defined(USE_MBEDTLS) || defined(USE_RUSTLS) || \
|
|
defined(USE_SCHANNEL)
|
|
|
|
/*
|
|
* Minimal DER-encoded X.509 certificate with a DH public key.
|
|
* Hand-crafted to exercise the do_pubkey() dhpublicnumber branch.
|
|
*
|
|
* The DH parameters contain two distinct INTEGER values:
|
|
* p = 0x11 (renders as "17" via int2str decimal format)
|
|
* g = 0x22 (renders as "34")
|
|
* The public key value is:
|
|
* pub_key = 0x33 (renders as "51")
|
|
*
|
|
* OID 1.2.840.10046.2.1 = dhpublicnumber
|
|
*/
|
|
static const unsigned char cert[] = {
|
|
0x30, 0x81, 0x85, 0x30, 0x72, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01,
|
|
0x01, 0x30, 0x0B, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01,
|
|
0x01, 0x0B, 0x30, 0x0F, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55, 0x04,
|
|
0x03, 0x0C, 0x04, 0x74, 0x65, 0x73, 0x74, 0x30, 0x1E, 0x17, 0x0D, 0x32,
|
|
0x35, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30, 0x30, 0x30, 0x5A,
|
|
0x17, 0x0D, 0x32, 0x36, 0x30, 0x31, 0x30, 0x31, 0x30, 0x30, 0x30, 0x30,
|
|
0x30, 0x30, 0x5A, 0x30, 0x0F, 0x31, 0x0D, 0x30, 0x0B, 0x06, 0x03, 0x55,
|
|
0x04, 0x03, 0x0C, 0x04, 0x74, 0x65, 0x73, 0x74, 0x30, 0x19, 0x30, 0x11,
|
|
0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x02, 0x01, 0x30, 0x06, 0x02,
|
|
0x01, 0x11, 0x02, 0x01, 0x22, 0x03, 0x04, 0x00, 0x02, 0x01, 0x33, 0x30,
|
|
0x0B, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x0B,
|
|
0x03, 0x02, 0x00, 0xFF
|
|
};
|
|
|
|
CURLcode result;
|
|
const char *beg = (const char *)&cert[0];
|
|
const char *end = (const char *)&cert[sizeof(cert)];
|
|
struct Curl_easy *data;
|
|
struct curl_slist *slist;
|
|
const char *dhp_value = NULL;
|
|
const char *dhg_value = NULL;
|
|
const char *dhpk_value = NULL;
|
|
|
|
if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
|
|
curl_mfprintf(stderr, "curl_global_init() failed\n");
|
|
return TEST_ERR_MAJOR_BAD;
|
|
}
|
|
|
|
data = curl_easy_init();
|
|
if(!data) {
|
|
curl_global_cleanup();
|
|
return TEST_ERR_MAJOR_BAD;
|
|
}
|
|
|
|
data->set.ssl.certinfo = 1;
|
|
result = Curl_ssl_init_certinfo(data, 1);
|
|
if(result) {
|
|
curl_easy_cleanup(data);
|
|
curl_global_cleanup();
|
|
return TEST_ERR_MAJOR_BAD;
|
|
}
|
|
|
|
result = Curl_extract_certinfo(data, 0, beg, end);
|
|
fail_unless(result == CURLE_OK, "Curl_extract_certinfo returned error");
|
|
if(result == CURLE_OK) {
|
|
/* Walk certinfo entries to find dh(p), dh(g), and dh(pub_key) */
|
|
for(slist = data->info.certs.certinfo[0]; slist; slist = slist->next) {
|
|
if(strncmp(slist->data, "dh(p):", 6) == 0)
|
|
dhp_value = slist->data + 6;
|
|
else if(strncmp(slist->data, "dh(g):", 6) == 0)
|
|
dhg_value = slist->data + 6;
|
|
else if(strncmp(slist->data, "dh(pub_key):", 12) == 0)
|
|
dhpk_value = slist->data + 12;
|
|
}
|
|
|
|
abort_unless(dhp_value != NULL, "dh(p) not found in certinfo");
|
|
abort_unless(dhg_value != NULL, "dh(g) not found in certinfo");
|
|
abort_unless(dhpk_value != NULL, "dh(pub_key) not found in certinfo");
|
|
fail_if(strcmp(dhp_value, dhg_value) == 0,
|
|
"dh(p) and dh(g) have the same value (bug: g re-reads p)");
|
|
fail_unless(strcmp(dhp_value, "17") == 0, "dh(p) expected 17 (0x11)");
|
|
fail_unless(strcmp(dhg_value, "34") == 0, "dh(g) expected 34 (0x22)");
|
|
fail_unless(strcmp(dhpk_value, "51") == 0,
|
|
"dh(pub_key) expected 51 (0x33)");
|
|
}
|
|
|
|
curl_easy_cleanup(data);
|
|
curl_global_cleanup();
|
|
#else
|
|
puts("not tested since Curl_extract_certinfo() is not built in");
|
|
#endif
|
|
UNITTEST_END_SIMPLE
|
|
}
|