crypto/x509: restrict CRL number to <=20 octets

Similar to certificate serial numbers, RFC 5280 restricts the length of
the CRL number field to no more than 20 octets. Enforce this in
CreateRevocationList.

Fixes #53543

Change-Id: If392ef6b0844db716ae9ee6ef317135fceab039c
Reviewed-on: https://go-review.googlesource.com/c/go/+/415134
Auto-Submit: Roland Shoemaker <roland@golang.org>
Reviewed-by: Tatiana Bradley <tatiana@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Roland Shoemaker <roland@golang.org>

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index 7dcebfa5f10313681dd339bf6ca6e876bb16d303..950f6d08c8fff9ac70be105b70b3eb5d3f7efd83 100644 (file)
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -2196,6 +2196,10 @@ func CreateRevocationList(rand io.Reader, template *RevocationList, issuer *Cert
        if err != nil {
                return nil, err
        }
+
+       if numBytes := template.Number.Bytes(); len(numBytes) > 20 || (len(numBytes) == 20 && numBytes[0]&0x80 != 0) {
+               return nil, errors.New("x509: CRL number exceeds 20 octets")
+       }
        crlNum, err := asn1.Marshal(template.Number)
        if err != nil {
                return nil, err

diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index cddad1e246c299d182f7de052ab6a3629398b574..cba44f6f8c0f50168db9016329b9be2d68ebea3a 100644 (file)
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -2478,6 +2478,40 @@ func TestCreateRevocationList(t *testing.T) {
                        },
                        expectedError: "x509: template contains nil Number field",
                },
+               {
+                       name: "long Number",
+                       key:  ec256Priv,
+                       issuer: &Certificate{
+                               KeyUsage: KeyUsageCRLSign,
+                               Subject: pkix.Name{
+                                       CommonName: "testing",
+                               },
+                               SubjectKeyId: []byte{1, 2, 3},
+                       },
+                       template: &RevocationList{
+                               ThisUpdate: time.Time{}.Add(time.Hour * 24),
+                               NextUpdate: time.Time{}.Add(time.Hour * 48),
+                               Number:     big.NewInt(0).SetBytes(append([]byte{1}, make([]byte, 20)...)),
+                       },
+                       expectedError: "x509: CRL number exceeds 20 octets",
+               },
+               {
+                       name: "long Number (20 bytes, MSB set)",
+                       key:  ec256Priv,
+                       issuer: &Certificate{
+                               KeyUsage: KeyUsageCRLSign,
+                               Subject: pkix.Name{
+                                       CommonName: "testing",
+                               },
+                               SubjectKeyId: []byte{1, 2, 3},
+                       },
+                       template: &RevocationList{
+                               ThisUpdate: time.Time{}.Add(time.Hour * 24),
+                               NextUpdate: time.Time{}.Add(time.Hour * 48),
+                               Number:     big.NewInt(0).SetBytes(append([]byte{255}, make([]byte, 19)...)),
+                       },
+                       expectedError: "x509: CRL number exceeds 20 octets",
+               },
                {
                        name: "invalid signature algorithm",
                        key:  ec256Priv,