From a70538b3b3cd61480ada86e41dc3496c44762f50 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Mon, 16 Oct 2023 09:31:13 +0000 Subject: [PATCH] import CS cjose-0.6.1-4.module_el8+568+35aaaaa0 --- SOURCES/0002-check-cjose_get_alloc.patch | 25 +++++++ SOURCES/0003-CVE-2023-37464.patch | 91 ++++++++++++++++++++++++ SPECS/cjose.spec | 13 +++- 3 files changed, 128 insertions(+), 1 deletion(-) create mode 100644 SOURCES/0002-check-cjose_get_alloc.patch create mode 100644 SOURCES/0003-CVE-2023-37464.patch diff --git a/SOURCES/0002-check-cjose_get_alloc.patch b/SOURCES/0002-check-cjose_get_alloc.patch new file mode 100644 index 0000000..bcf02f5 --- /dev/null +++ b/SOURCES/0002-check-cjose_get_alloc.patch @@ -0,0 +1,25 @@ +commit 54d449473b21e93805070264791e80f84f601b4d +Author: Hans Zandbelt +Date: Tue Apr 5 20:51:20 2022 +0200 + + check result of cek = cjose_get_alloc()(cek_len) in jwe.c + + see: https://github.com/cisco/cjose/issues/110 + + Signed-off-by: Hans Zandbelt + +diff --git a/src/jwe.c b/src/jwe.c +index 4285097..157ddec 100644 +--- a/src/jwe.c ++++ b/src/jwe.c +@@ -2064,6 +2064,10 @@ uint8_t *cjose_jwe_decrypt_multi(cjose_jwe_t *jwe, cjose_key_locator key_locator + { + cek_len = jwe->cek_len; + cek = cjose_get_alloc()(cek_len); ++ if (!cek) { ++ CJOSE_ERROR(err, CJOSE_ERR_NO_MEMORY); ++ return NULL; ++ } + memcpy(cek, jwe->cek, cek_len); + } + else diff --git a/SOURCES/0003-CVE-2023-37464.patch b/SOURCES/0003-CVE-2023-37464.patch new file mode 100644 index 0000000..0b77cba --- /dev/null +++ b/SOURCES/0003-CVE-2023-37464.patch @@ -0,0 +1,91 @@ +diff -up cjose-0.6.1/src/jwe.c.orig cjose-0.6.1/src/jwe.c +--- cjose-0.6.1/src/jwe.c.orig 2023-07-19 16:23:44.658712950 +0200 ++++ cjose-0.6.1/src/jwe.c 2023-07-19 16:55:02.173914437 +0200 +@@ -1227,6 +1227,12 @@ static bool _cjose_jwe_decrypt_dat_a256g + goto _cjose_jwe_decrypt_dat_a256gcm_fail; + } + ++ if (jwe->enc_auth_tag.raw_len != 16) ++ { ++ CJOSE_ERROR(err, CJOSE_ERR_CRYPTO); ++ goto _cjose_jwe_decrypt_dat_a256gcm_fail; ++ } ++ + // set the expected GCM-mode authentication tag + if (EVP_CIPHER_CTX_ctrl(ctx, CJOSE_EVP_CTRL_GCM_SET_TAG, jwe->enc_auth_tag.raw_len, jwe->enc_auth_tag.raw) != 1) + { +diff -up cjose-0.6.1/test/check_jwe.c.orig cjose-0.6.1/test/check_jwe.c +--- cjose-0.6.1/test/check_jwe.c.orig 2018-04-12 00:39:58.000000000 +0200 ++++ cjose-0.6.1/test/check_jwe.c 2023-07-19 16:38:45.412336742 +0200 +@@ -809,6 +809,63 @@ START_TEST(test_cjose_jwe_decrypt_aes) + } + END_TEST + ++START_TEST(test_cjose_jwe_decrypt_aes_gcm) ++{ ++ cjose_err err; ++ ++ const char *key = JWK_OCT_32; ++ const char *plain1 = "Live long and prosper."; ++ char *compact1 = "eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..Du_9fxxV-zrReaWC.aS_rpokeuxkaPc2sykcQDCQuJCYoww.GpeKGEqd8KQ0v6JNea5aSA"; ++ char *compact2 = "eyJhbGciOiAiZGlyIiwgImVuYyI6ICJBMjU2R0NNIn0..Du_9fxxV-zrReaWC.aS_rpokeuxkaPc2sykcQDCQuJCYoww.Gp"; ++ ++ cjose_jwk_t *jwk = cjose_jwk_import(key, strlen(key), &err); ++ ck_assert_msg(NULL != jwk, ++ "cjose_jwk_import failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ cjose_jwe_t *jwe1 = cjose_jwe_import(compact1, strlen(compact1), &err); ++ ck_assert_msg(NULL != jwe1, ++ "cjose_jwe_import failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ uint8_t *plain2 = NULL; ++ size_t plain2_len = 0; ++ plain2 = cjose_jwe_decrypt(jwe1, jwk, &plain2_len, &err); ++ ck_assert_msg(NULL != plain2, ++ "cjose_jwe_decrypt failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ ck_assert_msg(plain2_len == strlen(plain1), ++ "length of decrypted plaintext does not match length of original, " ++ "expected: %lu, found: %lu", ++ strlen(plain1), plain2_len); ++ ck_assert_msg(strncmp(plain1, plain2, plain2_len) == 0, "decrypted plaintext does not match encrypted plaintext"); ++ ++ cjose_get_dealloc()(plain2); ++ cjose_jwe_release(jwe1); ++ ++ cjose_jwe_t *jwe2 = cjose_jwe_import(compact2, strlen(compact2), &err); ++ ck_assert_msg(NULL != jwe2, ++ "cjose_jwe_import failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ uint8_t *plain3 = NULL; ++ size_t plain3_len = 0; ++ plain3 = cjose_jwe_decrypt(jwe2, jwk, &plain3_len, &err); ++ ck_assert_msg(NULL == plain3, ++ "cjose_jwe_decrypt succeeded where it should have failed: " ++ "%s, file: %s, function: %s, line: %ld", ++ err.message, err.file, err.function, err.line); ++ ++ cjose_jwe_release(jwe2); ++ cjose_jwk_release(jwk); ++} ++END_TEST ++ + START_TEST(test_cjose_jwe_decrypt_rsa) + { + struct cjose_jwe_decrypt_rsa +@@ -1210,6 +1267,7 @@ Suite *cjose_jwe_suite() + tcase_add_test(tc_jwe, test_cjose_jwe_self_encrypt_self_decrypt_large); + tcase_add_test(tc_jwe, test_cjose_jwe_self_encrypt_self_decrypt_many); + tcase_add_test(tc_jwe, test_cjose_jwe_decrypt_aes); ++ tcase_add_test(tc_jwe, test_cjose_jwe_decrypt_aes_gcm); + tcase_add_test(tc_jwe, test_cjose_jwe_decrypt_rsa); + tcase_add_test(tc_jwe, test_cjose_jwe_encrypt_with_bad_header); + tcase_add_test(tc_jwe, test_cjose_jwe_encrypt_with_bad_key); diff --git a/SPECS/cjose.spec b/SPECS/cjose.spec index 876dad7..aa46140 100644 --- a/SPECS/cjose.spec +++ b/SPECS/cjose.spec @@ -1,6 +1,6 @@ Name: cjose Version: 0.6.1 -Release: 2%{?dist} +Release: 4%{?dist} Summary: C library implementing the Javascript Object Signing and Encryption (JOSE) License: MIT @@ -8,6 +8,8 @@ URL: https://github.com/cisco/cjose Source0: https://github.com/cisco/%{name}/archive/%{version}/%{name}-%{version}.tar.gz Patch1: concatkdf.patch +Patch2: 0002-check-cjose_get_alloc.patch +Patch3: 0003-CVE-2023-37464.patch BuildRequires: gcc BuildRequires: doxygen @@ -64,6 +66,15 @@ make check || (cat test/test-suite.log; exit 1) %changelog +* Wed Jul 19 2023 - 0.6.1-4 +- CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual + Authentication Tag provided in the JWE + Resolves: rhbz#2223308 + +* Fri Mar 17 2023 - 0.6.1-3 +- Random memory override + Resolves: rhbz#2072469 + * Thu Aug 2 2018 - 0.6.1-2 - fix concatkdf big endian architecture problem. Upstream issue #77.