Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp3059689imm; Sun, 1 Jul 2018 11:17:38 -0700 (PDT) X-Google-Smtp-Source: AAOMgpehGareUSzys9BKkvOdsDuI3IqoTIqwpO0EztR+8StE6o9vSFOT0k+ozueMRtMpb+vra8kZ X-Received: by 2002:a62:6c42:: with SMTP id h63-v6mr22717497pfc.240.1530469058650; Sun, 01 Jul 2018 11:17:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1530469058; cv=none; d=google.com; s=arc-20160816; b=0Nq6YaFK75Fz5S1g95Jx36EpLUW2uccp+Y5vkzJ+gqlaGtrs9rvh2WsXCX4sh0K2JP mVz6rsH3DKAQrbB9Xo5zo6wmAbNHYBMTNrgWrDFHTvF4rM6sweQgtdJ7jwWgavhygdJ3 s9ME3rOSFdfLTdhsYjzcObn0vxZxHJwDLTwZfvzWVsi3PVBsodg31Q6H//YgxYQbvg7H rEnqRZYnf2EzeLAXFoxLsrgR6ULS0ljria0dinpU3ePecT6wJzIrWmMsDzIIwAsLieRg N570yMxUiTKj+Ynbf2zosFWefb0/435NkYKao/cAV01wyJNA2iJShQk7zpuGZjHa85kp 0XCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=lXSIuB2CjcDoxrAfTB/U7e5en0YNdRlbZsVTdlq01dE=; b=YIYf9zpXgcS9HAz3CjjGKPlz5rA0EnMutELJkxO0Hx9nLhSanPU0UX47iXLFWhVAUc MgHZotq11/P4M9zcdYHv887RVTGT9TfhQAIP8zVzYaCA1o3mbuS5DkRAnF8wVHIR4hMv ZC5TY8W9/q/1GJbA4wNLeug91EdTHSd0KfonO1mzrlKBTXb/pBSu3/oRVWx4eD7cz82/ ogNO/Nmi28U2dLu1242DDBKkPUEpsDK2P+35gSZS1Xd2QtNXOX/gyNcT0iJonk9Ptc/Z IIVn2nAzh1nXOiiq+plouFZF9GlUm/WBpKH2AXA60jf1YdfPU4Q2ubPyxJxK6AodsLNc kKrg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v4-v6si11850411pgf.488.2018.07.01.11.17.24; Sun, 01 Jul 2018 11:17:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753509AbeGASQE (ORCPT + 99 others); Sun, 1 Jul 2018 14:16:04 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:33902 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S965335AbeGAQ03 (ORCPT ); Sun, 1 Jul 2018 12:26:29 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 3B8A1B14; Sun, 1 Jul 2018 16:26:29 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Maciej S. Szmigiero" , James Morris Subject: [PATCH 4.9 052/101] X.509: unpack RSA signatureValue field from BIT STRING Date: Sun, 1 Jul 2018 18:21:38 +0200 Message-Id: <20180701160759.228980051@linuxfoundation.org> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180701160757.138608453@linuxfoundation.org> References: <20180701160757.138608453@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: Maciej S. Szmigiero commit b65c32ec5a942ab3ada93a048089a938918aba7f upstream. The signatureValue field of a X.509 certificate is encoded as a BIT STRING. For RSA signatures this BIT STRING is of so-called primitive subtype, which contains a u8 prefix indicating a count of unused bits in the encoding. We have to strip this prefix from signature data, just as we already do for key data in x509_extract_key_data() function. This wasn't noticed earlier because this prefix byte is zero for RSA key sizes divisible by 8. Since BIT STRING is a big-endian encoding adding zero prefixes has no bearing on its value. The signature length, however was incorrect, which is a problem for RSA implementations that need it to be exactly correct (like AMD CCP). Signed-off-by: Maciej S. Szmigiero Fixes: c26fd69fa009 ("X.509: Add a crypto key parser for binary (DER) X.509 certificates") Cc: stable@vger.kernel.org Signed-off-by: James Morris Signed-off-by: Greg Kroah-Hartman --- crypto/asymmetric_keys/x509_cert_parser.c | 9 +++++++++ 1 file changed, 9 insertions(+) --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c @@ -249,6 +249,15 @@ int x509_note_signature(void *context, s return -EINVAL; } + if (strcmp(ctx->cert->sig->pkey_algo, "rsa") == 0) { + /* Discard the BIT STRING metadata */ + if (vlen < 1 || *(const u8 *)value != 0) + return -EBADMSG; + + value++; + vlen--; + } + ctx->cert->raw_sig = value; ctx->cert->raw_sig_size = vlen; return 0;