Remove X509_issuer_and_serial_hash.

Update-Note: No one uses this function. It had a NULL dereference in some error cases. See CVE-2021-23841. Change-Id: Ie1cc97615ac8b674147715d7d62e62faf218ae65 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45684 Reviewed-by: Adam Langley <[email protected]> Commit-Queue: David Benjamin <[email protected]>
aws · Feb 16, 2021 · ca2162d · ca2162d
1 parent 238a258
commit ca2162d
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 29 deletions.
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
@@ -83,34 +83,6 @@ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b)
     return (X509_NAME_cmp(ai->issuer, bi->issuer));
 }
 
-unsigned long X509_issuer_and_serial_hash(X509 *a)
-{
-    unsigned long ret = 0;
-    EVP_MD_CTX ctx;
-    unsigned char md[16];
-    char *f;
-
-    EVP_MD_CTX_init(&ctx);
-    f = X509_NAME_oneline(a->cert_info->issuer, NULL, 0);
-    if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL))
-        goto err;
-    if (!EVP_DigestUpdate(&ctx, (unsigned char *)f, strlen(f)))
-        goto err;
-    OPENSSL_free(f);
-    if (!EVP_DigestUpdate
-        (&ctx, (unsigned char *)a->cert_info->serialNumber->data,
-         (unsigned long)a->cert_info->serialNumber->length))
-        goto err;
-    if (!EVP_DigestFinal_ex(&ctx, &(md[0]), NULL))
-        goto err;
-    ret = (((unsigned long)md[0]) | ((unsigned long)md[1] << 8L) |
-           ((unsigned long)md[2] << 16L) | ((unsigned long)md[3] << 24L)
-        ) & 0xffffffffL;
- err:
-    EVP_MD_CTX_cleanup(&ctx);
-    return (ret);
-}
-
 int X509_issuer_name_cmp(const X509 *a, const X509 *b)
 {
     return (X509_NAME_cmp(a->cert_info->issuer, b->cert_info->issuer));

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
@@ -1201,7 +1201,6 @@ OPENSSL_EXPORT int X509_CRL_check_suiteb(X509_CRL *crl, EVP_PKEY *pk,
 OPENSSL_EXPORT STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);
 
 OPENSSL_EXPORT int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
-OPENSSL_EXPORT unsigned long X509_issuer_and_serial_hash(X509 *a);
 
 OPENSSL_EXPORT int X509_issuer_name_cmp(const X509 *a, const X509 *b);
 OPENSSL_EXPORT unsigned long X509_issuer_name_hash(X509 *a);