X.509: Check the algorithm IDs obtained from parsing an X.509 certificate

Check that the algorithm IDs obtained from the ASN.1 parse by OID lookup corresponds to algorithms that are available to us. Reported-by: Kees Cook <keescook@chromium.org> Signed-off-by: David Howells <dhowells@redhat.com>
author: David Howells <dhowells@redhat.com> 2013-08-30 11:18:15 -0400
committer: David Howells <dhowells@redhat.com> 2013-09-25 12:17:01 -0400
commit: 2ecdb23b8c545fbee95caad0f2e45082787563ee (patch)
tree: 14884783575a49feb510a7e402747c076c076792 /crypto
parent: b426beb6eeb0c81aeaa419f7444064abc9cb04ae (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c
index b7c81d8df08b..eb368d4c632c 100644
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -119,6 +119,17 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
        pr_devel("Cert Issuer: %s\n", cert->issuer);
        pr_devel("Cert Subject: %s\n", cert->subject);
+        if (cert->pub->pkey_algo >= PKEY_ALGO__LAST ||
+            cert->sig.pkey_algo >= PKEY_ALGO__LAST ||
+            cert->sig.pkey_hash_algo >= PKEY_HASH__LAST ||
+            !pkey_algo[cert->pub->pkey_algo] ||
+            !pkey_algo[cert->sig.pkey_algo] ||
+            !pkey_hash_algo_name[cert->sig.pkey_hash_algo]) {
+                ret = -ENOPKG;
+                goto error_free_cert;
+        }
        pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);
        pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
                 cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,
author	David Howells <dhowells@redhat.com>	2013-08-30 11:18:15 -0400
committer	David Howells <dhowells@redhat.com>	2013-09-25 12:17:01 -0400
commit	2ecdb23b8c545fbee95caad0f2e45082787563ee (patch)
tree	14884783575a49feb510a7e402747c076c076792 /crypto
parent	b426beb6eeb0c81aeaa419f7444064abc9cb04ae (diff)

diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index b7c81d8df08b..eb368d4c632c 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -119,6 +119,17 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)
119		119
120	pr_devel("Cert Issuer: %s\n", cert->issuer);	120	pr_devel("Cert Issuer: %s\n", cert->issuer);
121	pr_devel("Cert Subject: %s\n", cert->subject);	121	pr_devel("Cert Subject: %s\n", cert->subject);
		122
		123	if (cert->pub->pkey_algo >= PKEY_ALGO__LAST \|\|
		124	cert->sig.pkey_algo >= PKEY_ALGO__LAST \|\|
		125	cert->sig.pkey_hash_algo >= PKEY_HASH__LAST \|\|
		126	!pkey_algo[cert->pub->pkey_algo] \|\|
		127	!pkey_algo[cert->sig.pkey_algo] \|\|
		128	!pkey_hash_algo_name[cert->sig.pkey_hash_algo]) {
		129	ret = -ENOPKG;
		130	goto error_free_cert;
		131	}
		132
122	pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);	133	pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);
123	pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",	134	pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
124	cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,	135	cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,