Received: by 10.223.185.116 with SMTP id b49csp4195168wrg; Mon, 26 Feb 2018 12:59:32 -0800 (PST) X-Google-Smtp-Source: AH8x225Km4ZtFwxiEZwz2TXEWCH62HgIiShPoy/KWemYkDvVlUN1lkEF+nvIJSb1FGaycNogW0Ag X-Received: by 2002:a17:902:aa8e:: with SMTP id d14-v6mr11470495plr.94.1519678772749; Mon, 26 Feb 2018 12:59:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519678772; cv=none; d=google.com; s=arc-20160816; b=oyaKQMlM6G7hGE9m2SJcspPoSRlPTLi7/FnXqCMv/HpYAAGoyOUhT9aB68KOesvZzf RsEDSndf2imv4HHRswFiY1ykThFFPtPOvmlFZdTD+Srlza++Hz8QtIIhMZAHtGhkhijR KRM0X2vIC2Ab+K4dx2kaNL3CroEqNcQLyr9LrUbKPEN7KtNI7NWbV3OQ7ga80qO8w68a CXNxByVl0xN19hA1hSQ6oIxE/54lu05ir85PEcx5Wx9gKNMWBCg8D608tGDhkUn+1As9 73c40Qa+E1aqzCTGUViAIoUauMLdaahxWg8nA/3c05QgAI2ZPSR6aKtMfHFb3GDzl/FK o5Zw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=Ci883YQ318n9H0+R8zlzgxh8LJYyQ2c0aQ3jgtuCmU0=; b=t8vrz94+Lr/mFtk8CXZvKWRuELj+muJ3HE5lyOeS57rg0xivV2p6NhF+gXbNFIDnNS aBibn/nXF4pgewW0jSrG90U3XjsAByMOfsCpsk8vETB7t9o1aWQYnFrWSJGFgbAeGFwz wvD0IKkXmQ/4cH+AN9lqEfcA8NoHxqw/rOMsRRTmvy+pIIeDHk74E+RWCwD8WN2vJJMk CX20wQHsdSL/PXs8foR37LB3JdEpwFpXUZXuR7ABl7Y/DeWq+L3/5Mon0VwxHjD9LAKs R1wGCo/l1UI6UTp6eYzaWJ/4go9dhOnRe0ykYotO4s587YqeNlGQmQIlE7G6orva95Y4 yHZw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b63-v6si2250926plb.12.2018.02.26.12.59.16; Mon, 26 Feb 2018 12:59:32 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752562AbeBZU6h (ORCPT + 99 others); Mon, 26 Feb 2018 15:58:37 -0500 Received: from mail.linuxfoundation.org ([140.211.169.12]:34194 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751824AbeBZUWi (ORCPT ); Mon, 26 Feb 2018 15:22:38 -0500 Received: from localhost (clnet-b04-243.ikbnet.co.at [83.175.124.243]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 3824BECB; Mon, 26 Feb 2018 20:22:37 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Paolo Valente , Eric Biggers , David Howells Subject: [PATCH 4.9 05/39] X.509: fix BUG_ON() when hash algorithm is unsupported Date: Mon, 26 Feb 2018 21:20:26 +0100 Message-Id: <20180226201643.899108793@linuxfoundation.org> X-Mailer: git-send-email 2.16.2 In-Reply-To: <20180226201643.660109883@linuxfoundation.org> References: <20180226201643.660109883@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: Eric Biggers commit 437499eea4291ae9621e8763a41df027c110a1ef upstream. The X.509 parser mishandles the case where the certificate's signature's hash algorithm is not available in the crypto API. In this case, x509_get_sig_params() doesn't allocate the cert->sig->digest buffer; this part seems to be intentional. However, public_key_verify_signature() is still called via x509_check_for_self_signed(), which triggers the 'BUG_ON(!sig->digest)'. Fix this by making public_key_verify_signature() return -ENOPKG if the hash buffer has not been allocated. Reproducer when all the CONFIG_CRYPTO_SHA512* options are disabled: openssl req -new -sha512 -x509 -batch -nodes -outform der \ | keyctl padd asymmetric desc @s Fixes: 6c2dc5ae4ab7 ("X.509: Extract signature digest and make self-signed cert checks earlier") Reported-by: Paolo Valente Cc: Paolo Valente Cc: # v4.7+ Signed-off-by: Eric Biggers Signed-off-by: David Howells Signed-off-by: Greg Kroah-Hartman --- crypto/asymmetric_keys/public_key.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -93,9 +93,11 @@ int public_key_verify_signature(const st BUG_ON(!pkey); BUG_ON(!sig); - BUG_ON(!sig->digest); BUG_ON(!sig->s); + if (!sig->digest) + return -ENOPKG; + alg_name = sig->pkey_algo; if (strcmp(sig->pkey_algo, "rsa") == 0) { /* The data wangled by the RSA algorithm is typically padded