Received: by 10.223.185.116 with SMTP id b49csp4192686wrg; Mon, 26 Feb 2018 12:56:16 -0800 (PST) X-Google-Smtp-Source: AH8x227BGT/DgnGbvgI3nl2i9hQb+hk5SFeV5SUVBKxxH7yoVPhtDfB+6ECraxQI6EPJJ3HDAFek X-Received: by 10.98.228.3 with SMTP id r3mr10299067pfh.77.1519678576324; Mon, 26 Feb 2018 12:56:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519678576; cv=none; d=google.com; s=arc-20160816; b=xBufRFkcXy/m3Sr+2L0W5nWfNruCAVBvVLnJXkdAUrw2VvTrSH5hO+VAKDRjhcATaB bKkc6VZpeNyDRLuU3H9DiE3pc6nPbB5rzW2HFqlbBxC8n90o5Bna98rEXt4gNBoUh9J8 dWv7rIrG5H9YXxCo76eTvUPevjGNTAUiEzNfa00CaLokbATvg0lbH8MHQ38sOLLaS5gm oSIKW1UyuqJIYypcrz/WGx/011o+fEKzm5kOQnErrdpWSNFGArk01f5uAaQLJ58EwUmA xBFFxjUF2WlvgGS/etodVDI2hCvfFRaMc64+zd6U152sbmZosmcCW8zqHw3uwKkbbhNC /COg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=7hdIvQ5hrPwEHx6PkZ2JBBxAbK++vm2FKhD2Mu86VLQ=; b=hiTrgMxQQ5AgBmsUu/vZIHymcBm+2Kjha1pqKMO9WURW1ZDFUAQWmHBWguanaclZHD n1PQfaNbVeMaaljrMfMlkFJf1vVpB839mGAxAJTAvKCUhhmEOAzoLpq9vQjMxItLBD+w ejYG2KKxVlK4+MWQUDMkrCVFU1Ark7codXRoIsZdRCmirXrVATaUuq0TKaMstQfohyXX Qf6MqdtgtfdYQxVWP2XXN6Qq83mx9lljCeJKUfiv83mdGo1VD8arr/Fy8JgNX/QslQcC CiEaBLglzJJAkmtTLIOjvhqnIAunvmuPF3USsvcGSXNJVuukd3CjKLvOSyYAuws+WXhI xf6Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k75si5984420pgc.134.2018.02.26.12.55.59; Mon, 26 Feb 2018 12:56:16 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752656AbeBZUXX (ORCPT + 99 others); Mon, 26 Feb 2018 15:23:23 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:34764 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752638AbeBZUXU (ORCPT ); Mon, 26 Feb 2018 15:23:20 -0500 Received: from localhost (clnet-b04-243.ikbnet.co.at [83.175.124.243]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 85AA2EC2; Mon, 26 Feb 2018 20:23:19 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Paolo Valente , Eric Biggers , David Howells Subject: [PATCH 4.14 11/54] X.509: fix BUG_ON() when hash algorithm is unsupported Date: Mon, 26 Feb 2018 21:21:48 +0100 Message-Id: <20180226202144.931709445@linuxfoundation.org> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180226202144.375869933@linuxfoundation.org> References: <20180226202144.375869933@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Eric Biggers commit 437499eea4291ae9621e8763a41df027c110a1ef upstream. The X.509 parser mishandles the case where the certificate's signature's hash algorithm is not available in the crypto API. In this case, x509_get_sig_params() doesn't allocate the cert->sig->digest buffer; this part seems to be intentional. However, public_key_verify_signature() is still called via x509_check_for_self_signed(), which triggers the 'BUG_ON(!sig->digest)'. Fix this by making public_key_verify_signature() return -ENOPKG if the hash buffer has not been allocated. Reproducer when all the CONFIG_CRYPTO_SHA512* options are disabled: openssl req -new -sha512 -x509 -batch -nodes -outform der \ | keyctl padd asymmetric desc @s Fixes: 6c2dc5ae4ab7 ("X.509: Extract signature digest and make self-signed cert checks earlier") Reported-by: Paolo Valente Cc: Paolo Valente Cc: # v4.7+ Signed-off-by: Eric Biggers Signed-off-by: David Howells Signed-off-by: Greg Kroah-Hartman --- crypto/asymmetric_keys/public_key.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -93,9 +93,11 @@ int public_key_verify_signature(const st BUG_ON(!pkey); BUG_ON(!sig); - BUG_ON(!sig->digest); BUG_ON(!sig->s); + if (!sig->digest) + return -ENOPKG; + alg_name = sig->pkey_algo; if (strcmp(sig->pkey_algo, "rsa") == 0) { /* The data wangled by the RSA algorithm is typically padded