You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Renato Tegon Forti <re...@acm.org> on 2012/06/27 19:28:44 UTC
C++ Santuario crash on load() with wrong X.509. Help to fix!
Hi All,
I have this usual code:
bool check(const std::vector<char>& file_data, const std::string &file_name)
{
std::string data(file_data.begin(), file_data.end());
MemBufInputSource* memIS = new MemBufInputSource (
(const XMLByte*) data.c_str(),
(unsigned int) strlen(data.c_str()),
"XSECMem");
// Create and set up the parser
std::string err;
XercesDOMParser * parser = new XercesDOMParser;
Janitor<XercesDOMParser> j_parser(parser);
parser->setDoNamespaces(true);
parser->setCreateEntityReferenceNodes(true);
// Now parse out file
bool errorsOccured = false;
xsecsize_t errorCount = 0;
try
{
parser->parse(*memIS);
errorCount = parser->getErrorCount();
if (errorCount > 0)
errorsOccured = true;
}
catch (const XMLException& e)
{
err += "An error occured during parsing |
Message: ";
char *pMsg =
XMLString::transcode(e.getMessage());
err += std::string(pMsg);
XSEC_RELEASE_XMLCH(pMsg);
errorsOccured = true;
}
catch (const DOMException& e)
{
err += "A DOM error occured during parsing |
DOMException code: ";
err += e.code;
errorsOccured = true;
}
if (errorsOccured)
{
throw xmldsig_parse_exception(err);
}
// Now that we have the parsed file, get the DOM document and start
looking at it
DOMNode *doc; // The document that we parsed
doc = parser->getDocument();
DOMDocument *theDOM = parser->getDocument();
// Find the signature node
DOMNode *sigNode = findDSIGNode(doc, "Signature");
// Create the signature checker
if (sigNode == 0)
{
throw xmldsig_signature_exception("Could not
find <Signature> node in file: " + file_name);
}
XSECProvider prov;
XSECKeyInfoResolverDefault theKeyInfoResolver;
DSIGSignature * sig = prov.newSignatureFromDOM(theDOM, sigNode);
// The only way we can verify is using keys read directly from the
KeyInfo list,
// so we add a KeyInfoResolverDefault to the Signature.
sig->setKeyInfoResolver(&theKeyInfoResolver);
sig->registerIdAttributeName(MAKE_UNICODE_STRING("ID"));
bool result;
try
{
sig->load(); // <-- HERE IT CRASH
result = sig->verify();
}
catch (XSECException &e)
{
char * msg = XMLString::transcode(e.getMsg());
err += "An error occured during signature
verification | Message: ";
err += std::string(msg);
XSEC_RELEASE_XMLCH(msg);
throw xmldsig_signature_exception(err);
}
catch (XSECCryptoException &e)
{
err += "An error occured during signature
verification | Message: ";
err += e.getMsg();
#if defined (XSEC_HAVE_OPENSSL)
ERR_load_crypto_strings();
BIO * bio_err;
if ((bio_err=BIO_new(BIO_s_file())) != NULL)
BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
ERR_print_errors(bio_err);
#endif
throw xmldsig_signature_exception(err);
}
catch (...)
{
err += "Unknown Exception type occured.";
throw xmldsig_signature_exception(err);
}
int retResult;
if (result)
{
// Signature verified OK!
return true;
}
else
{
// Signature failed verification
char * e =
XMLString::transcode(sig->getErrMsgs());
signature_failed_verification_msg_ =
std::string(e);
XSEC_RELEASE_XMLCH(e);
}
// Signature failed verification (invalid)
return false;
// Janitor will clean up the parser
std::cout << "6s" << std::endl;
delete memIS; std::cout << "7s" << std::endl;
return false;
}
And this 509 on xml keyInfo
<X509Certificate>MIIGrzCCBZegAwIBAgIQfYjbXtPDr38ECkF622MsszANBgkqhkiG9w0BAQU
FADCBgzELMAkGA1UEBhMCQlIxEzARBgNVBAoTCklDUC1CcmFzaWwxSDBGBgNVBAsTP1NJTkNPUi1
TUCAtIFNpbmRpY2F0byBkb3MgQ29ycmV0b3JlcyBkZSBTZWd1cm9zIG5vIEVzdGFkbyBkZSBTUDE
VMBMGA1UEAxMMQUMgU0lOQ09SIEcyMB4XDTEwMDMxOTAwMDAwMFoXDTExMDMxODIzNTk1OVowggE
EMQswCQYDVQQGEwJCUjETMBEGA1UEChQKSUNQLUJyYXNpbDEkMCIGA1UECxQbQXV0ZW50aWNhZG8
gcG9yIEFSIEF0cmlidXRvMRswGQYDVQQLFBJBc3NpbmF0dXJhIFRpcG8gQTExFDASBgNVBAsUCyh
FTSBCUkFOQ08pMRQwEgYDVQQLFAsoRU0gQlJBTkNPKTEUMBIGA1UECxQLSUQgLSA3MzMxNjcxMjA
wBgNVBAMTKUthbHVuZ2EgQ29tZXJjaW8gZSBJbmR1c3RyaWEgR3JhZmljYSBMdGRhMScwJQYJKoZ
IhvcNAQkBFhhhbGV4bHlyaW9Aa2FsdW5nYS5jb20uYnIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIG
JAoGBAKxg/CFoMXB74Z8fGYmLtiioceFsf6nExfNTNmx87NXws9B+MHhiTxX9qZi3GrL8hfhi+cN
7YAIBp3698JmtxZbGa7GNcxrSzzrMizRP6NLZcFUxkSO3Aon5eNysBooYU6kZRhVPoWXKOZYCO9i
b9EkPqLht1DFRav0JJjYj81fvAgMBAAGjggMdMIIDGTCBvgYDVR0RBIG2MIGzoD0GBWBMAQMEoDQ
EMjMxMDMxOTc1MjgxMDg5MDM4MjMwMDAwMDAwMDAwMDAwMDAwMDI0NTc4NjcxNVNTUFNQoCQGBWB
MAQMCoBsEGUFsZXhzYW5kcm8gR3JhbWlsaXMgTHlyaW+gGQYFYEwBAwOgEAQONDMyODM4MTEwMDU
5NzagFwYFYEwBAwegDgQMMDAwMDAwMDAwMDAwgRhhbGV4bHlyaW9Aa2FsdW5nYS5jb20uYnIwCQY
DVR0TBAIwADAfBgNVHSMEGDAWgBRkcIsehk6DS5CSDzKqQadYF8rEBTAOBgNVHQ8BAf8EBAMCBeA
wggECBgNVHR8EgfowgfcwUaBPoE2GS2h0dHA6Ly9pY3AtYnJhc2lsLmNlcnRpc2lnbi5jb20uYnI
vcmVwb3NpdG9yaW8vbGNyL0FDU0lOQ09SRzIvTGF0ZXN0Q1JMLmNybDBQoE6gTIZKaHR0cDovL2l
jcC1icmFzaWwub3V0cmFsY3IuY29tLmJyL3JlcG9zaXRvcmlvL2xjci9BQ1NJTkNPUkcyL0xhdGV
zdENSTC5jcmwwUKBOoEyGSmh0dHA6Ly9yZXBvc2l0b3Jpby5pY3BicmFzaWwuZ292LmJyL2xjci9
DZXJ0aXNpZ24vQUNTSU5DT1JHMi9MYXRlc3RDUkwuY3JsMFUGA1UdIAROMEswSQYGYEwBAgESMD8
wPQYIKwYBBQUHAgEWMWh0dHA6Ly9pY3AtYnJhc2lsLmFjc2luY29yLmNvbS5ici9yZXBvc2l0b3J
pby9kcGMAMB0GA1UdJQQWMBQGCCsGAQUFBwMEBggrBgEFBQcDAjCBnQYIKwYBBQUHAQEEgZAwgY0
wKAYIKwYBBQUHMAGGHGh0dHA6Ly9vY3NwLmNlcnRpc2lnbi5jb20uYnIwYQYIKwYBBQUHMAKGVWh
0dHA6Ly9pY3AtYnJhc2lsLmFjc2luY29yLmNlcnRpc2lnbi5jb20uYnIvcmVwb3NpdG9yaW8vY2V
ydGlmaWNhZG9zL0FDX1NJTkNPUl9HMi5wN2MwDQYJKoZIhvcNAQEFBQADggEBANANrF3NVZ4BNMh
PiIBn6ohX8XFAAWZ3C5mBg+U3rlYMBkWVfVenNLTs+wTdJENqLr43P7gRKglLCyVTUevCJbCFHWe
IQMvuQC3CsZnpRYIeEpBkqywWRjTfPBfNZNAzC3fBTyLejzSkCBDI+H660RaaZad1LOCd9Qdpkeq
r9XWViTmubYE/kCx+G8nMVJOnTq1WpvP/AFMG6qRg9VFAbML/o2wI4bYpcO9waFjFDnEbgR8H7kh
yRQSe7Me3Ee2DePHpl80IetGzDHTkJ2DaiYB7a9MfXQdTnj9fSYH10/qbcoNVmmeYpF19Utsx6ew
J1WG90AIWnQwewHELSHzKwlg=</X509Certificate>
If I add (for sample) one "2" on X509Certificate,
Like this:
<X509Certificate>2MIIGrzCCBZ .
my program crash!!! I can't get any "XMLException"!!!
the output show:
140042442831536:error:0D07207B:asn1 encoding routines:ASN1_get_object:header
too long:asn1_lib.c:150:
140042442831536:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad
object header:tasn_dec.c:1306:
140042442831536:error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509
APPLICATION TERMINATED WITH THE EXIT STRING: Segmentation fault (signal 11)
Why? How to fix it!
Thanks!
RES: C++ Santuario crash on load() with wrong X.509. Help to fix!
Posted by Renato Tegon Forti <re...@acm.org>.
Ok, thanks a lot! I will check! I let you know...
-----Mensagem original-----
De: Cantor, Scott [mailto:cantor.2@osu.edu]
Enviada em: quarta-feira, 27 de junho de 2012 15:31
Para: dev@santuario.apache.org
Assunto: Re: C++ Santuario crash on load() with wrong X.509. Help to fix!
FWIW, in my test bed, that X.509 content throws an XSECCryptoException
indicating the DER translation failed inside OpenSSL, which is what I'd
expect.
I don't know why your code wouldn't be catching that, but if it's doing
something different, the bug is either fixed already, or was only in older
OpenSSL versions (I'm testing against the latest).
You should trace into the OpenSSLCryptoX509.cpp routine that's loading the
cert and see where the crash happens.
-- Scott
Re: C++ Santuario crash on load() with wrong X.509. Help to fix!
Posted by "Cantor, Scott" <ca...@osu.edu>.
On 6/27/12 1:28 PM, "Renato Tegon Forti" <re...@acm.org> wrote:
>If I add (for sample) one ³2² on X509Certificate,
>
>Like this:
><X509Certificate>2MIIGrzCCBZ Š
>my program crash!!! I can¹t get any ³XMLException²!!!
This library doesn't throw that exception, it throws two other unrelated
types. If you're not catching them, then I suggest trying that before
assuming it's crashing. If it's still crashing then, please create a bug
report in Jira with a stack trace and a copy of the certificate content
that's failing.
-- Scott
Re: C++ Santuario crash on load() with wrong X.509. Help to fix!
Posted by "Cantor, Scott" <ca...@osu.edu>.
FWIW, in my test bed, that X.509 content throws an XSECCryptoException
indicating the DER translation failed inside OpenSSL, which is what I'd
expect.
I don't know why your code wouldn't be catching that, but if it's doing
something different, the bug is either fixed already, or was only in older
OpenSSL versions (I'm testing against the latest).
You should trace into the OpenSSLCryptoX509.cpp routine that's loading the
cert and see where the crash happens.
-- Scott