Resolves: RHEL-190146 Resolves: RHEL-190140 Resolves: RHEL-190132 Signed-off-by: Daiki Ueno <dueno@redhat.com>
97 lines
3.2 KiB
Diff
97 lines
3.2 KiB
Diff
From 26382ee5fd03ab850c01ba96055636743bbe9c2f Mon Sep 17 00:00:00 2001
|
|
From: Andrew Cagney <cagney@gnu.org>
|
|
Date: Thu, 9 Jul 2026 14:46:51 +0900
|
|
Subject: [PATCH 2/3] crypto: in
|
|
RSA_authenticate_hash_signature_pkcs1_1_5_rsa() use VFY_VerifyDigestDirect()
|
|
|
|
---
|
|
lib/libswan/pubkey_rsa.c | 58 +++++++++-------------------------------
|
|
1 file changed, 12 insertions(+), 46 deletions(-)
|
|
|
|
diff --git a/lib/libswan/pubkey_rsa.c b/lib/libswan/pubkey_rsa.c
|
|
index d2f36cb3da..0c5a1c91e3 100644
|
|
--- a/lib/libswan/pubkey_rsa.c
|
|
+++ b/lib/libswan/pubkey_rsa.c
|
|
@@ -491,7 +491,7 @@ static struct hash_signature RSA_sign_hash_pkcs1_1_5_rsa(const struct secret_stu
|
|
static bool RSA_authenticate_signature_pkcs1_1_5_rsa(const struct crypt_mac *expected_hash,
|
|
shunk_t signature,
|
|
struct pubkey *pubkey,
|
|
- const struct hash_desc *unused_hash_algo UNUSED,
|
|
+ const struct hash_desc *hash_alg,
|
|
diag_t *fatal_diag,
|
|
struct logger *logger)
|
|
{
|
|
@@ -509,58 +509,24 @@ static bool RSA_authenticate_signature_pkcs1_1_5_rsa(const struct crypt_mac *exp
|
|
*expected_hash);
|
|
}
|
|
|
|
- /*
|
|
- * Use the same space used by the out going hash.
|
|
- */
|
|
-
|
|
- SECItem decrypted_signature = {
|
|
- .type = siBuffer,
|
|
- };
|
|
-
|
|
- if (SECITEM_AllocItem(NULL, &decrypted_signature, signature.len) == NULL) {
|
|
- llog_nss_error(RC_LOG, logger, "allocating space for decrypted RSA signature");
|
|
- return false;
|
|
- }
|
|
+ SECItem hash_item =
|
|
+ same_shunk_as_secitem(HUNK_AS_SHUNK(*expected_hash), siBuffer);
|
|
|
|
/* NSS doesn't do const */
|
|
- const SECItem encrypted_signature = {
|
|
- .type = siBuffer,
|
|
- .data = DISCARD_CONST(unsigned char *, signature.ptr),
|
|
- .len = signature.len,
|
|
- };
|
|
-
|
|
- if (PK11_VerifyRecover(seckey_public, &encrypted_signature, &decrypted_signature,
|
|
- lsw_nss_get_password_context(logger)) != SECSuccess) {
|
|
- SECITEM_FreeItem(&decrypted_signature, PR_FALSE/*not-pointer*/);
|
|
- dbg("NSS RSA verify: decrypting signature is failed");
|
|
- *fatal_diag = NULL;
|
|
- return false;
|
|
- }
|
|
-
|
|
- if (DBGP(DBG_CRYPT)) {
|
|
- LLOG_JAMBUF(DEBUG_STREAM, logger, buf) {
|
|
- jam_string(buf, "NSS RSA verify: decrypted sig: ");
|
|
- jam_nss_secitem(buf, &decrypted_signature);
|
|
- }
|
|
- }
|
|
+ SECItem signature_item =
|
|
+ same_shunk_as_secitem(signature, siBuffer);
|
|
|
|
- /*
|
|
- * Expect the matching hash to appear at the end. See above
|
|
- * for length check. It may, or may not, be prefixed by a
|
|
- * PKCS#1 1.5 RSA ASN.1 blob.
|
|
- */
|
|
- passert(decrypted_signature.len >= expected_hash->len);
|
|
- uint8_t *start = (decrypted_signature.data
|
|
- + decrypted_signature.len
|
|
- - expected_hash->len);
|
|
- if (!memeq(start, expected_hash->ptr, expected_hash->len)) {
|
|
- dbg("RSA Signature NOT verified");
|
|
- SECITEM_FreeItem(&decrypted_signature, PR_FALSE/*not-pointer*/);
|
|
+ if (VFY_VerifyDigestDirect(&hash_item,
|
|
+ seckey_public,
|
|
+ &signature_item,
|
|
+ /*pubkey algorithm*/SEC_OID_PKCS1_RSA_ENCRYPTION,
|
|
+ /*hash algorithm*/hash_alg->nss.oid_tag,
|
|
+ lsw_nss_get_password_context(logger)) != SECSuccess) {
|
|
+ ldbg_nss_error(logger, "NSS VFY_VerifyDigest() failed");
|
|
*fatal_diag = NULL;
|
|
return false;
|
|
}
|
|
|
|
- SECITEM_FreeItem(&decrypted_signature, PR_FALSE/*not-pointer*/);
|
|
*fatal_diag = NULL;
|
|
return true;
|
|
}
|
|
--
|
|
2.54.0
|
|
|