forked from rpms/openssl
c0667361a5
The previous state of the patch did not work correctly when used with negative salt lengths, which OpenSSL uses a magic values. Setting the saltlength to max would yield an approved state in the indicator, while it is not approved. Additionally, update the patch to change the default PSS salt length with the current state of discussion upstream (see https://github.com/openssl/openssl/pull/19724). Resolves: rhbz#2142087 Signed-off-by: Clemens Lang <cllang@redhat.com>
115 lines
3.9 KiB
Diff
115 lines
3.9 KiB
Diff
From 0879fac692cb1bff0ec4c196cb364d970ad3ecec Mon Sep 17 00:00:00 2001
|
|
From: Clemens Lang <cllang@redhat.com>
|
|
Date: Mon, 21 Nov 2022 14:33:57 +0100
|
|
Subject: [PATCH 2/3] Obtain PSS salt length from provider
|
|
|
|
Rather than computing the PSS salt length again in core using
|
|
ossl_rsa_ctx_to_pss_string, which calls rsa_ctx_to_pss and computes the
|
|
salt length, obtain it from the provider using the
|
|
OSSL_SIGNATURE_PARAM_ALGORITHM_ID param to handle the case where the
|
|
interpretation of the magic constants in the provider differs from that
|
|
of OpenSSL core.
|
|
|
|
Signed-off-by: Clemens Lang <cllang@redhat.com>
|
|
---
|
|
crypto/cms/cms_rsa.c | 19 +++++++++++++++----
|
|
crypto/rsa/rsa_ameth.c | 34 +++++++++++++++++++++-------------
|
|
2 files changed, 36 insertions(+), 17 deletions(-)
|
|
|
|
diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c
|
|
index 20ed816918..997567fdbf 100644
|
|
--- a/crypto/cms/cms_rsa.c
|
|
+++ b/crypto/cms/cms_rsa.c
|
|
@@ -10,6 +10,7 @@
|
|
#include <assert.h>
|
|
#include <openssl/cms.h>
|
|
#include <openssl/err.h>
|
|
+#include <openssl/core_names.h>
|
|
#include "crypto/asn1.h"
|
|
#include "crypto/rsa.h"
|
|
#include "cms_local.h"
|
|
@@ -191,7 +192,10 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
|
|
int pad_mode = RSA_PKCS1_PADDING;
|
|
X509_ALGOR *alg;
|
|
EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si);
|
|
- ASN1_STRING *os = NULL;
|
|
+ unsigned char aid[128];
|
|
+ const unsigned char *pp = aid;
|
|
+ size_t aid_len = 0;
|
|
+ OSSL_PARAM params[2];
|
|
|
|
CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
|
|
if (pkctx != NULL) {
|
|
@@ -205,10 +209,17 @@ static int rsa_cms_sign(CMS_SignerInfo *si)
|
|
/* We don't support it */
|
|
if (pad_mode != RSA_PKCS1_PSS_PADDING)
|
|
return 0;
|
|
- os = ossl_rsa_ctx_to_pss_string(pkctx);
|
|
- if (os == NULL)
|
|
+
|
|
+ params[0] = OSSL_PARAM_construct_octet_string(
|
|
+ OSSL_SIGNATURE_PARAM_ALGORITHM_ID, aid, sizeof(aid));
|
|
+ params[1] = OSSL_PARAM_construct_end();
|
|
+
|
|
+ if (EVP_PKEY_CTX_get_params(pkctx, params) <= 0)
|
|
+ return 0;
|
|
+ if ((aid_len = params[0].return_size) == 0)
|
|
+ return 0;
|
|
+ if (d2i_X509_ALGOR(&alg, &pp, aid_len) == NULL)
|
|
return 0;
|
|
- X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os);
|
|
return 1;
|
|
}
|
|
|
|
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
|
|
index c15554505b..61ec53d424 100644
|
|
--- a/crypto/rsa/rsa_ameth.c
|
|
+++ b/crypto/rsa/rsa_ameth.c
|
|
@@ -637,22 +637,30 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *asn,
|
|
if (pad_mode == RSA_PKCS1_PADDING)
|
|
return 2;
|
|
if (pad_mode == RSA_PKCS1_PSS_PADDING) {
|
|
- ASN1_STRING *os1 = NULL;
|
|
- os1 = ossl_rsa_ctx_to_pss_string(pkctx);
|
|
- if (!os1)
|
|
+ unsigned char aid[128];
|
|
+ size_t aid_len = 0;
|
|
+ OSSL_PARAM params[2];
|
|
+
|
|
+ params[0] = OSSL_PARAM_construct_octet_string(
|
|
+ OSSL_SIGNATURE_PARAM_ALGORITHM_ID, aid, sizeof(aid));
|
|
+ params[1] = OSSL_PARAM_construct_end();
|
|
+
|
|
+ if (EVP_PKEY_CTX_get_params(pkctx, params) <= 0)
|
|
return 0;
|
|
- /* Duplicate parameters if we have to */
|
|
- if (alg2) {
|
|
- ASN1_STRING *os2 = ASN1_STRING_dup(os1);
|
|
- if (!os2) {
|
|
- ASN1_STRING_free(os1);
|
|
+ if ((aid_len = params[0].return_size) == 0)
|
|
+ return 0;
|
|
+
|
|
+ if (alg1 != NULL) {
|
|
+ const unsigned char *pp = aid;
|
|
+ if (d2i_X509_ALGOR(&alg1, &pp, aid_len) == NULL)
|
|
+ return 0;
|
|
+ }
|
|
+ if (alg2 != NULL) {
|
|
+ const unsigned char *pp = aid;
|
|
+ if (d2i_X509_ALGOR(&alg2, &pp, aid_len) == NULL)
|
|
return 0;
|
|
- }
|
|
- X509_ALGOR_set0(alg2, OBJ_nid2obj(EVP_PKEY_RSA_PSS),
|
|
- V_ASN1_SEQUENCE, os2);
|
|
}
|
|
- X509_ALGOR_set0(alg1, OBJ_nid2obj(EVP_PKEY_RSA_PSS),
|
|
- V_ASN1_SEQUENCE, os1);
|
|
+
|
|
return 3;
|
|
}
|
|
return 2;
|
|
--
|
|
2.38.1
|
|
|