)]}' { "commit": "0a2c9938a512bef20e990e6b9180c3eb2a7dffd7", "tree": "cc93b67c2a6b6edf552d06134b04514cc0ad62b1", "parents": [ "f6094e05efd294e15fe7f2e430f391445ee546bb" ], "author": { "name": "David Benjamin", "email": "davidben@chromium.org", "time": "Thu Dec 24 19:38:03 2015 -0500" }, "committer": { "name": "Adam Langley", "email": "alangley@gmail.com", "time": "Thu Jan 28 00:51:14 2016 +0000" }, "message": "Don\u0027t allow the specifiedCurve form of ECParameters in SPKIs.\n\nAlthough RFC 3279 allows both, per RFC 5912, keys must use a named curve\nrather than spelling out the curve parameters. Although we do not allow\narbitrary curves, we do have to (pretty hackishly) recognize built-in\ncurves in ECPrivateKeys.\n\nIt seems the cause of this was that OpenSSL, unless you set asn1_flag on\nthe EC_GROUP, likes to encode keys by spelling out the parameters. This\nis in violation of RFC 5915, though probably not in violation of one of\nthe other redundant ECC specifications. For more fun, it appears\nasn1_flag defaults to *off* in the API and *on* in the command-line\ntools.\n\nI think the original cause was these defaults meant the pre-BoringSSL\nAndroid/OpenSSL Chromium port wrote out Channel ID keys in this format.\nBy now this should no longer by an issue, but it\u0027ll warrant a bit more\ninvestigation to be sure we can drop it.\n\nFor now, keep this logic out of SPKIs by not calling d2i_ECParameters.\nd2i_ECParameters is a fairly pointless function when only named curves\nare allowed. In testing other implementations, none of Firefox, Safari,\nor IE11/Win will parse such certificates (i.e. the error is fatal and\nunbypassable). Likewise, because Mac and Windows\u0027 underlying libraries\nreject this, Chrome on Mac and Windows already rejects such things. Thus\nthis change should be compatible.\n\nThe following is the certificate and key I constructed to test with:\n\n-----BEGIN CERTIFICATE-----\nMIICwjCCAmqgAwIBAgIJANlMBNpJfb/rMAkGByqGSM49BAEwRTELMAkGA1UEBhMC\nQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdp\ndHMgUHR5IEx0ZDAeFw0xNDA0MjMyMzIxNTdaFw0xNDA1MjMyMzIxNTdaMEUxCzAJ\nBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5l\ndCBXaWRnaXRzIFB0eSBMdGQwggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjO\nPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAA\nAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQaw\nzFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i8\n5uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2\nQGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAE\n5itp4r9ln5e+Lx4NlIpM1Zdrt6keDUb73ampHp3culoB59aXqAoY+cPEox5W4nyD\nSNsWGhz1HX7xlC1Lz3IiwaNQME4wHQYDVR0OBBYEFKuE0qyrlfCCThZ4B1VXX+Qm\njYLRMB8GA1UdIwQYMBaAFKuE0qyrlfCCThZ4B1VXX+QmjYLRMAwGA1UdEwQFMAMB\nAf8wCQYHKoZIzj0EAQNHADBEAiBATB6aVJxDD6YAxEM4vf6Sbg2Ty334ldXpkNwc\nTF+SngIgZ/f59kgDLf6YA04iLw1fUv5Wf1nLYJWwgrRFON5+zvw\u003d\n-----END CERTIFICATE-----\n-----BEGIN EC PARAMETERS-----\nMIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP//////////\n/////zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6\nk+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+\nkARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK\nfA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz\nucrC/GMlUQIBAQ\u003d\u003d\n-----END EC PARAMETERS-----\n-----BEGIN EC PRIVATE KEY-----\nMHcCAQEEIAcPCHJ61KBKnN1ZyU2JaHcItW/JXTB3DujRyc4Ki7RqoAoGCCqGSM49\nAwEHoUQDQgAE5itp4r9ln5e+Lx4NlIpM1Zdrt6keDUb73ampHp3culoB59aXqAoY\n+cPEox5W4nyDSNsWGhz1HX7xlC1Lz3IiwQ\u003d\u003d\n-----END EC PRIVATE KEY-----\n\nBUG\u003d522228\n\nChange-Id: I3723411a633dc07c4640027de07500293f8f7913\nReviewed-on: https://boringssl-review.googlesource.com/6853\nReviewed-by: Adam Langley \u003calangley@gmail.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "f40b976495b01727c832392c123bc7a430e59d47", "old_mode": 33188, "old_path": "crypto/evp/p_ec_asn1.c", "new_id": "eeecc3337fa8daf75a7d0b1663eb8f09494ac830", "new_mode": 33188, "new_path": "crypto/evp/p_ec_asn1.c" } ] }