diff options
| author | Chun-Yi Lee <jlee@suse.com> | 2013-04-21 21:26:55 -0400 |
|---|---|---|
| committer | Rusty Russell <rusty@rustcorp.com.au> | 2013-04-21 22:02:19 -0400 |
| commit | 04b00bdb41d0fd8d9cf3b146e334369cc2b0acdc (patch) | |
| tree | 9461c5a4a47493ffa85c418ee6bdef1f8925d437 /crypto/asymmetric_keys/x509_cert_parser.c | |
| parent | 944a1fa01266aa9ace607f29551b73c41e9440e9 (diff) | |
X.509: Support parse long form of length octets in Authority Key Identifier
Per X.509 spec in 4.2.1.1 section, the structure of Authority Key
Identifier Extension is:
AuthorityKeyIdentifier ::= SEQUENCE {
keyIdentifier [0] KeyIdentifier OPTIONAL,
authorityCertIssuer [1] GeneralNames OPTIONAL,
authorityCertSerialNumber [2] CertificateSerialNumber OPTIONAL }
KeyIdentifier ::= OCTET STRING
When a certificate also provides
authorityCertIssuer and authorityCertSerialNumber then the length of
AuthorityKeyIdentifier SEQUENCE is likely to long form format.
e.g.
The example certificate demos/tunala/A-server.pem in openssl source:
X509v3 Authority Key Identifier:
keyid:49:FB:45:72:12:C4:CC:E1:45:A1:D3:08:9E:95:C4:2C:6D:55:3F:17
DirName:/C=NZ/L=Wellington/O=Really Irresponsible Authorisation Authority (RIAA)/OU=Cert-stamping/CN=Jackov al-Trades/emailAddress=none@fake.domain
serial:00
Current parsing rule of OID_authorityKeyIdentifier only take care the
short form format, it causes load certificate to modsign_keyring fail:
[ 12.061147] X.509: Extension: 47
[ 12.075121] MODSIGN: Problem loading in-kernel X.509 certificate (-74)
So, this patch add the parsing rule for support long form format against
Authority Key Identifier.
v3:
Changed the size check in "Short Form length" case, we allow v[3] smaller
then (vlen - 4) because authorityCertIssuer and authorityCertSerialNumber
are also possible attach in AuthorityKeyIdentifier sequence.
v2:
- Removed comma from author's name.
- Moved 'Short Form length' comment inside the if-body.
- Changed the type of sub to size_t.
- Use ASN1_INDEFINITE_LENGTH rather than writing 0x80 and 127.
- Moved the key_len's value assignment before alter v.
- Fixed the typo of octets.
- Add 2 to v before entering the loop for calculate the length.
- Removed the comment of check vlen.
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Josh Boyer <jwboyer@redhat.com>
Cc: Randy Dunlap <rdunlap@xenotime.net>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Acked-by: David Howells <dhowells@redhat.com>
Signed-off-by: Chun-Yi Lee <jlee@suse.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Diffstat (limited to 'crypto/asymmetric_keys/x509_cert_parser.c')
| -rw-r--r-- | crypto/asymmetric_keys/x509_cert_parser.c | 55 |
1 files changed, 47 insertions, 8 deletions
diff --git a/crypto/asymmetric_keys/x509_cert_parser.c b/crypto/asymmetric_keys/x509_cert_parser.c index 7fabc4c01993..facbf26bc6bb 100644 --- a/crypto/asymmetric_keys/x509_cert_parser.c +++ b/crypto/asymmetric_keys/x509_cert_parser.c | |||
| @@ -373,6 +373,9 @@ int rsa_extract_mpi(void *context, size_t hdrlen, | |||
| 373 | return 0; | 373 | return 0; |
| 374 | } | 374 | } |
| 375 | 375 | ||
| 376 | /* The keyIdentifier in AuthorityKeyIdentifier SEQUENCE is tag(CONT,PRIM,0) */ | ||
| 377 | #define SEQ_TAG_KEYID (ASN1_CONT << 6) | ||
| 378 | |||
| 376 | /* | 379 | /* |
| 377 | * Process certificate extensions that are used to qualify the certificate. | 380 | * Process certificate extensions that are used to qualify the certificate. |
| 378 | */ | 381 | */ |
| @@ -407,21 +410,57 @@ int x509_process_extension(void *context, size_t hdrlen, | |||
| 407 | } | 410 | } |
| 408 | 411 | ||
| 409 | if (ctx->last_oid == OID_authorityKeyIdentifier) { | 412 | if (ctx->last_oid == OID_authorityKeyIdentifier) { |
| 413 | size_t key_len; | ||
| 414 | |||
| 410 | /* Get hold of the CA key fingerprint */ | 415 | /* Get hold of the CA key fingerprint */ |
| 411 | if (vlen < 5) | 416 | if (vlen < 5) |
| 412 | return -EBADMSG; | 417 | return -EBADMSG; |
| 413 | if (v[0] != (ASN1_SEQ | (ASN1_CONS << 5)) || | 418 | |
| 414 | v[1] != vlen - 2 || | 419 | /* Authority Key Identifier must be a Constructed SEQUENCE */ |
| 415 | v[2] != (ASN1_CONT << 6) || | 420 | if (v[0] != (ASN1_SEQ | (ASN1_CONS << 5))) |
| 416 | v[3] != vlen - 4) | ||
| 417 | return -EBADMSG; | 421 | return -EBADMSG; |
| 418 | v += 4; | ||
| 419 | vlen -= 4; | ||
| 420 | 422 | ||
| 421 | f = kmalloc(vlen * 2 + 1, GFP_KERNEL); | 423 | /* Authority Key Identifier is not indefinite length */ |
| 424 | if (unlikely(vlen == ASN1_INDEFINITE_LENGTH)) | ||
| 425 | return -EBADMSG; | ||
| 426 | |||
| 427 | if (vlen < ASN1_INDEFINITE_LENGTH) { | ||
| 428 | /* Short Form length */ | ||
| 429 | if (v[1] != vlen - 2 || | ||
| 430 | v[2] != SEQ_TAG_KEYID || | ||
| 431 | v[3] > vlen - 4) | ||
| 432 | return -EBADMSG; | ||
| 433 | |||
| 434 | key_len = v[3]; | ||
| 435 | v += 4; | ||
| 436 | } else { | ||
| 437 | /* Long Form length */ | ||
| 438 | size_t seq_len = 0; | ||
| 439 | size_t sub = v[1] - ASN1_INDEFINITE_LENGTH; | ||
| 440 | |||
| 441 | if (sub > 2) | ||
| 442 | return -EBADMSG; | ||
| 443 | |||
| 444 | /* calculate the length from subsequent octets */ | ||
| 445 | v += 2; | ||
| 446 | for (i = 0; i < sub; i++) { | ||
| 447 | seq_len <<= 8; | ||
| 448 | seq_len |= v[i]; | ||
| 449 | } | ||
| 450 | |||
| 451 | if (seq_len != vlen - 2 - sub || | ||
| 452 | v[sub] != SEQ_TAG_KEYID || | ||
| 453 | v[sub + 1] > vlen - 4 - sub) | ||
| 454 | return -EBADMSG; | ||
| 455 | |||
| 456 | key_len = v[sub + 1]; | ||
| 457 | v += (sub + 2); | ||
| 458 | } | ||
| 459 | |||
| 460 | f = kmalloc(key_len * 2 + 1, GFP_KERNEL); | ||
| 422 | if (!f) | 461 | if (!f) |
| 423 | return -ENOMEM; | 462 | return -ENOMEM; |
| 424 | for (i = 0; i < vlen; i++) | 463 | for (i = 0; i < key_len; i++) |
| 425 | sprintf(f + i * 2, "%02x", v[i]); | 464 | sprintf(f + i * 2, "%02x", v[i]); |
| 426 | pr_debug("authority %s\n", f); | 465 | pr_debug("authority %s\n", f); |
| 427 | ctx->cert->authority = f; | 466 | ctx->cert->authority = f; |