Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp2351598imm; Mon, 28 May 2018 06:33:22 -0700 (PDT) X-Google-Smtp-Source: AB8JxZoOHacQPM9vDGzPnR2loBTZvbxKQvr6S1ybzx/UBQiPiflRP2DMvesYqCZMkXqsm2Je2Ot/ X-Received: by 2002:a62:211c:: with SMTP id h28-v6mr13229915pfh.249.1527514402168; Mon, 28 May 2018 06:33:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527514402; cv=none; d=google.com; s=arc-20160816; b=xHIOGm4GSVlyIJF4QpqghLLI1T4cjT/7SfPeUTY87wMq8ok1+Prx+2BeyQhNNQ6NJm 50FktrHLoTIhcNCrz2J7mypf+C/NJqo+IcbACy+v9pC5ohBpu2pooz4ULjp53Sh1Shq0 6VG6O9D4pS6I5Dp26QCPR7kdDj5Qku49Zz/XgrmNaPzCoKGB3+zDfo3ACor6QyqWXVzp BCKuUJUhiI9C2msbXgP4kZGPJas5PlTyhxUGq/UmIOv3okLvTbzLX5nHstHxFcCExZdz R8m8IRDEXDGmCPfzUPQkPOYFezXW0LuH6/SuW1+st7U98z6Wbl7T18TX+/rc4uYcgNoE gpGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from:dkim-signature :arc-authentication-results; bh=Ir5Pqkm3Nf7OIowz2yelQhx2zVEvl4vAXjA57Yb9DT4=; b=HgtelTk1MwqL9EFn6aV4FpEVNdCtSr2mDLAvQO8Bh/GW38pQ2OAo79Vubj2dODE5Db 6iKk9ZPbxB05YHC5O31g4L6YRBsw+WG9j5UVRVFZ7J1I/PNsfYg5WEmrR5tVccv62OS7 rOc/obXhm+sROHomDBl85K0JeKCVaQEmJx2RW25zgtrq3y33wUAJn0nnwQRCnNAsKS1J WTLgmxd4dGHDykj372uH/XcNxyimM/1kXgUnu5cW5rOAoTFM1X9LhozKxJxGNFCosw4Y 2DGdvHPCvVdiG3zsCC2XnSk3Ri8F0i4lgzw/yNj4nYK0Wq0bKKpG6EJpLxjkWvp7WS9X PnWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=h9Txp7ml; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id l186-v6si31354894pfl.155.2018.05.28.06.33.06; Mon, 28 May 2018 06:33:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=h9Txp7ml; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1163146AbeE1Kqh (ORCPT + 99 others); Mon, 28 May 2018 06:46:37 -0400 Received: from mail.kernel.org ([198.145.29.99]:36810 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1163133AbeE1Kqd (ORCPT ); Mon, 28 May 2018 06:46:33 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 6821620660; Mon, 28 May 2018 10:46:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1527504393; bh=+JxbOVko5ejFx+t0/3Bxfds9MgHi+PLr//GCo/dJQ2I=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=h9Txp7mlMGs4znG90+cgG31QAwyMj9YX1XS1l4k/nC3XaTC7aQcYhPA7VN6TxD6Xp XcYZysBInFa2guBybllaRGJTFMvFSi88+qSZsP2FtaFnh9QltUFFW7AgBVreTczr6r FiGuVgrWSGqxk4/YpM+E7og1xRn5Sl+ht84c1FGU= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Eric Biggers , David Howells , Sasha Levin Subject: [PATCH 4.14 122/496] PKCS#7: fix direct verification of SignerInfo signature Date: Mon, 28 May 2018 11:58:27 +0200 Message-Id: <20180528100325.070271045@linuxfoundation.org> X-Mailer: git-send-email 2.17.0 In-Reply-To: <20180528100319.498712256@linuxfoundation.org> References: <20180528100319.498712256@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.14-stable review patch. If anyone has any objections, please let me know. ------------------ From: Eric Biggers [ Upstream commit 6459ae386699a5fe0dc52cf30255f75274fa43a4 ] If none of the certificates in a SignerInfo's certificate chain match a trusted key, nor is the last certificate signed by a trusted key, then pkcs7_validate_trust_one() tries to check whether the SignerInfo's signature was made directly by a trusted key. But, it actually fails to set the 'sig' variable correctly, so it actually verifies the last signature seen. That will only be the SignerInfo's signature if the certificate chain is empty; otherwise it will actually be the last certificate's signature. This is not by itself a security problem, since verifying any of the certificates in the chain should be sufficient to verify the SignerInfo. Still, it's not working as intended so it should be fixed. Fix it by setting 'sig' correctly for the direct verification case. Fixes: 757932e6da6d ("PKCS#7: Handle PKCS#7 messages that contain no X.509 certs") Signed-off-by: Eric Biggers Signed-off-by: David Howells Signed-off-by: Sasha Levin Signed-off-by: Greg Kroah-Hartman --- crypto/asymmetric_keys/pkcs7_trust.c | 1 + 1 file changed, 1 insertion(+) --- a/crypto/asymmetric_keys/pkcs7_trust.c +++ b/crypto/asymmetric_keys/pkcs7_trust.c @@ -106,6 +106,7 @@ static int pkcs7_validate_trust_one(stru pr_devel("sinfo %u: Direct signer is key %x\n", sinfo->index, key_serial(key)); x509 = NULL; + sig = sinfo->sig; goto matched; } if (PTR_ERR(key) != -ENOKEY)