* [PATCH v2 1/1] digsig: add hash size comparision on signature verification
@ 2012-09-12 10:26 Dmitry Kasatkin
0 siblings, 0 replies; only message in thread
From: Dmitry Kasatkin @ 2012-09-12 10:26 UTC (permalink / raw)
To: torvalds, linux-kernel, zohar, jmorris, linux-security-module, stable
Commit b35e286a640f31d619a637332972498b51f3fd90 introduced the bug.
When pkcs_1_v1_5_decode_emsa() returns without error and hash sizes do not
match, hash comparision is not done and digsig_verify_rsa() returns no error.
This is a bug and this patch fixes it.
Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
---
lib/digsig.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/digsig.c b/lib/digsig.c
index 286d558..8c0e629 100644
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -163,9 +163,11 @@ static int digsig_verify_rsa(struct key *key,
memcpy(out1 + head, p, l);
err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
+ if (err)
+ goto err;
- if (!err && len == hlen)
- err = memcmp(out2, h, hlen);
+ if (len != hlen || memcmp(out2, h, hlen))
+ err = -EINVAL;
err:
mpi_free(in);
--
1.7.9.5
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2012-09-12 10:27 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-09-12 10:26 [PATCH v2 1/1] digsig: add hash size comparision on signature verification Dmitry Kasatkin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).