openssl/0063-CVE-2026-34181.patch
2026-06-11 13:21:23 -04:00

209 lines
11 KiB
Diff

From 5a9e9489f9e5f7f7eb2f65c9b9fc75566cdcbc01 Mon Sep 17 00:00:00 2001
From: Alicja Kario <hkario@redhat.com>
Date: Wed, 29 Apr 2026 16:29:35 +0200
Subject: [PATCH] pkcs12: verify that the pbmac1 key length is safe
Short mac keys (as short as 1 byte) can be used to probe the
system under attack to accept a PKCS#12 file created by an attacker
even if the attacker doesn't know the password used for MAC protection.
Fixes CVE-2026-34181
(also update the reference to the PBMAC1 PKCS#12 RFC)
Signed-off-by: Alicja Kario <hkario@redhat.com>
---
crypto/pkcs12/p12_mutl.c | 8 +++++---
test/recipes/80-test_pkcs12.t | 13 ++++++++-----
.../pbmac1_256_256.bad-key-len.p12 | Bin 0 -> 2803 bytes
.../pbmac1_256_256.good-shorter-key-len.p12 | Bin 0 -> 2803 bytes
4 files changed, 13 insertions(+), 8 deletions(-)
create mode 100644 test/recipes/80-test_pkcs12_data/pbmac1_256_256.bad-key-len.p12
create mode 100644 test/recipes/80-test_pkcs12_data/pbmac1_256_256.good-shorter-key-len.p12
diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
index 01956252df7..15072e12f26 100644
--- a/crypto/pkcs12/p12_mutl.c
+++ b/crypto/pkcs12/p12_mutl.c
@@ -144,11 +144,13 @@ static int PBMAC1_PBKDF2_HMAC(OSSL_LIB_CTX *ctx, const char *propq,
}
pbkdf2_salt = pbkdf2_param->salt->value.octet_string;
- /* RFC 9579 specifies missing key length as invalid */
+ /* RFC 9879 specifies missing key length as invalid */
if (pbkdf2_param->keylength != NULL)
keylen = ASN1_INTEGER_get(pbkdf2_param->keylength);
- if (keylen <= 0 || keylen > EVP_MAX_MD_SIZE) {
- ERR_raise(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR);
+ /* RFC 9879 specifies too short key length as untrustworthy too */
+ if (keylen < 20 || keylen > EVP_MAX_MD_SIZE) {
+ ERR_raise_data(ERR_LIB_PKCS12, PKCS12_R_PARSE_ERROR,
+ "Invalid Key length (%d is not in the range 20..64)", keylen);
goto err;
}
diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t
index d258b7eb0e4..56ab93803e7 100644
--- a/test/recipes/80-test_pkcs12.t
+++ b/test/recipes/80-test_pkcs12.t
@@ -56,7 +56,7 @@ $ENV{OPENSSL_WIN32_UTF8}=1;
my $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0);
-plan tests => $no_fips ? 53 : 59;
+plan tests => $no_fips ? 55 : 61;
# Test different PKCS#12 formats
ok(run(test(["pkcs12_format_test"])), "test pkcs12 formats");
@@ -205,8 +205,11 @@ for my $instance (sort keys %pbmac1_tests) {
}
}
-# Test pbmac1 pkcs12 good files, RFC 9579
-for my $file ("pbmac1_256_256.good.p12", "pbmac1_512_256.good.p12", "pbmac1_512_512.good.p12")
+# Test pbmac1 pkcs12 good files, RFC 9579, and one extra with shorter key
+# length
+for my $file ("pbmac1_256_256.good.p12", "pbmac1_512_256.good.p12",
+ "pbmac1_512_512.good.p12",
+ "pbmac1_256_256.good-shorter-key-len.p12")
{
my $path = srctop_file("test", "recipes", "80-test_pkcs12_data", $file);
ok(run(app(["openssl", "pkcs12", "-in", $path, "-password", "pass:1234", "-noenc"])),
@@ -235,12 +238,12 @@ unless ($no_fips) {
}
}
-# Test pbmac1 pkcs12 bad files, RFC 9579 and CVE-2025-11187
+# Test pbmac1 pkcs12 bad files, RFC 9579, CVE-2025-11187 and CVE-2026-34181
for my $file ("pbmac1_256_256.bad-iter.p12", "pbmac1_256_256.bad-salt.p12",
"pbmac1_256_256.no-len.p12", "pbmac1_256_256.bad-len.p12",
"pbmac1_256_256.bad-salt-type.p12", "pbmac1_256_256.negative-len.p12",
"pbmac1_256_256.no-salt.p12", "pbmac1_256_256.very-big-len.p12",
- "pbmac1_256_256.zero-len.p12")
+ "pbmac1_256_256.zero-len.p12", "pbmac1_256_256.bad-key-len.p12")
{
my $path = srctop_file("test", "recipes", "80-test_pkcs12_data", $file);
with({ exit_checker => sub { return shift == 1; } },
diff --git a/test/recipes/80-test_pkcs12_data/pbmac1_256_256.bad-key-len.p12 b/test/recipes/80-test_pkcs12_data/pbmac1_256_256.bad-key-len.p12
new file mode 100644
index 0000000000000000000000000000000000000000..7162fd1871790e3ab9cbc4e00fb73cdf63d5e64b
GIT binary patch
literal 2803
zcmai$c{J4j8pj7S7+D6R$Pyux<vWZuSq4!k+1G4^3_@gUG{!Q>_CuDoVPuU#vj4`K
zrOhb6nPiOySwfgH64&qCd+OYK?m53dp7T8K_xm}Y&wsD;064BSRu(n@$K}WlJ(*;d
z^qq%=gQW<^bq<W<GC8mf0US8>cf?+V1IHX#5v(krgBJWdVFBEK2?!5h4Iq9?Za@YM
z^Wii0br`!Ggequ;YZ{@XSXnti05?15zkg+gLO_5xJJch|jO8jDnB^oGR^g?cgEne4
zl#mJ8=oQ6AV{u?m%k~t4Ew}NVWar5_U5=ge+lx9QYm}<dHg;Sftaj*P<o(eSec?`H
zU2mymJ?DUiSa`vT*s7r}FM|}E)^ld3Oy$ACxieq#T6brnY{pIvT<}X2xhZkT7SF%<
zPz>&}CFACR(%&P|)_f&6#ox(3INg_3?z5>ssUB-tL!RtNV(&KePwl0m`q6R&m{~6}
z4{YPaTkY<M(k`o{xXYCZeWZLnvEzX%y(gxG7r@v$ma5Zx78~ogne1@fd8q)zW#?h3
zM&Bz%bJ!zKjugm#wj&#?-}^ufjTP)wlQ+yyPcxBg;RK;mvbvG8SD?H)K_qr)CLX8*
zB|H|IVCKBlmOvZ*z_gJ{ynkrb%<;l=_qR+$-R9+#seM%fm)1r&M~NNE&+P{?)!oQN
zXMII471qQn!7gY&9WS(EmyLj=gpbTU<`9=ZzV~AByp}_6v<GZMd&n^@*ea&YvzV^6
zz*Z|{Utv|8vA->*zyE=@#w<r(04-@ox!kSMVPg#I4A-|$KZD8_@*97%8I3cWQjTWW
zho0z5oeUCCz~&Hug{w5Z?2Zn#3mg8lJICz`+xdcz5(rsWKTGuoOUjC?z9;bD5&W(6
z0t(M&9;>vmdJNX=Ps%k7`mk&2TiZ|z-IjaYDcoDj@l6}0+j$1OAH_46$v(lD^b1*m
zHG|TuS370~5tU~Z^(W_iuA}0F-4bl(hkWbbeIE^~t|&LXItR@iQAIgOZ-p|+4buxc
zq6JGqbW9g;5gO;Ab2>_fj5eI0oBBATyW(cGYVpG>Cvd4sZQMwg=sTH<Pq!^mZDXmK
z3Kg^WlzjD6MVr_zb_~?Beqw~)UI$s^i=Yg0^>)G0{r$E^TcIcE(He>AOe*)b^|+#a
zPuC)Avt)nDJmSev@QaupE~2g+uyCpL`wIW*Ui9tArpx#{3$+OWMytIN(0ok%6b@}c
zb-e%M{0Cx5?>n!`edT6!Yt_#JjZ>+onzXjwKf3-NpH80$$s|Y&FeRH4qU6xk*3QiG
zr{kUl`C-jFGq*Ia9LAR}@X#5tn6lY!`mF0D--D98$f6rc?`^^l8^7+@X|0jD#i8&r
zpgLM#UU$45I*n|)sPu_*mGcw-K=tB@LPLiQ+)I=vC@w4=8+Hm8)E0U7{jt@3jVk;3
z%KhG`W+XFy)UQvbu};`p<Yt}<bEey!Z?kA$eb%aj+<x~>adp{%j-w?eL7ekZcbvBR
z!idUT&JbYHyt<sm1vh~=Z{M42N>?syvBA~f{~FqY&(JgTK7|*1bgp|jB=$w7a2%Vc
zm>uyczrs50skoi0&aTsOcZ~VB%7k*)O8CCs4hC6?gJdq{vhmheFps9uwDSNQr1lqA
z{stAK2#kX~IIs&2DwqAxe;CHi#lm_JY9E;D{{$vkr>;B##UN?0gx>G)Dy#4x!PNN0
zL{h{2*dNSe3DcCSS{*PBJRF`Sm}Pc0a$+K^hOL)qFYzWvv@zuHU-t@r!WxubxDjq~
zwPi#a1J@}ML+&=2qS5-^PMBnL^lrqfH^f8XvG6@efM2*)D)k9tR8B1?$4pE0Xw%^W
zj-Gj{;?9)RpwTH^2JOdC+SJIpYR{sY;?kXmZnNY*3B;xySK^CURBXodmbOB;9Cy7}
zBf(_Gh9a0CmWGX?hEkpM@$U0C#3N{yD!$!N|8kdkfmq|cjJQ>uTD7Vhck;o|YUh>l
zcha&%##owt=1ZD)lO!)Q+V6wHQUa~8)Poqbp)~-ZX(7$}iAj&ikWN`3n4r1YhrV4a
z#rAnHQN3@ycxkMvd2*hbVSeQNiJz4G2X)yED|bWVp3Q@a#v`4+yzShS<A$@!e>_6S
zx)gQpu}iHWn0(nX`)iTP8_Pck;pbd8zC_M%TAOPNRYy76OCr4kQ7z6glZfS*XS+#m
z*(JJM7sTD;Mne4R<b(5{HNX_DU?XgSm@@viD$_!WZC1m8NYMTD5UUZnz$#UK)Ws=!
zX_KUGy@-8io8g=S`BgW}4??`p`-<c|`?i{yJzO+5hq%>rY}mxsdU^qlHQ+Is{j=cF
z(}_rQ(X!XwVw8L9+7${pr4<ZZlI2n^AvfMSJLn?#t|mRU%2QsRo^E=mOOrCdpfcgR
zhfG)9ndA}2=L&;semgEPHyCu_MraFCf!r=k!ux^p6|7xq+{{zHs#<AmR$3fxQ5pw4
z>7~0RTVrxYu<M#T`9}$iuPdn)p0rh`&c!(i+YY5qW&E9E0~dWb&^e!m>*B}s9C?;l
zPC)7feZDy_R=|gLEY^`OizwiGs!nyX=oi#$mtq0`F`<d)RDCk%xZ^#SHAC2XWro$z
z=%j9yc2pomw75~XF^AVXo#}k#RZrpM&pfZIqXQo}mnujwLwm;OCZRt+=D!T=5nrrL
zuMctMQj56mWy$v9%eDfcfidG|PRVVnf9RQH(eh~1^w9mF3c+;-CyC?~p61rK({*ks
zAr$J<X`uH^+H3WtpwiRR2Jt^;#Xid2p%C_^jTJ?xwb`*@&b~^m5wFz(&E!445tKR$
za+>F3X8Thwg2!wt1yqPLT92;<iR>BQEM(<-LOn9#y%ciore+uj$kmZjbxxMOTwX?+
z3W(R`aNUI+`)nHb_}WAERLrtwMAl^|Hf-~go255dFcFX=@zPlP>dacq>FL%rd#)`U
z(Cgv<aMFI?GgK~L9=rP`BU!8#Y-FtD>f=Jhw^2WyIrVv+{(f}o;W|}A&Gn>qhPbGu
z*~0Wrpyrtj4elMRhAHl$=cvtsexbxS_mGf`_FNnJJq}B&ZM++lCDHxC*Dh&J+xG>x
zNI{P^bJcG}2<+mKXHmxjYjULSAL;FRDXwTE+@<M7Wq8baD4lx^&dKiee^dBr!&_WH
zH2nKtNXs=gf_1o1$LipfFit|UQHRqvpBcx1xkmr|0JDnzZ>E{VDVs8LUO?E%;nm=r
zqcCRD*DPNnq@RSg`(#CxZCFo(UaqB$W;~a-_xBVv<c-obN(|(0=l4F(mr!5hUS>XA
zXP07<Tq;RqDqepgCl+ebqQmrc!TahTIwRIrt8r5EsM6V_tdPO4X~<Cu?T3&1YY#_)
z2Eq)G`UP4j908XQ00n@qgS<hW2i@;rx&aCUq<^mnAr6D#-QKOdscUvVkO`sO0&ZlD
z;n8$CATAvU2QK~Egzy5!0P?rw2IRo7pNaG1juN9xl?Gm7QSl#|e>0esMeu*_!~eP#
p!IEkKDV_8&u%4!IcN?uKd-cjZ4l9KP8|r=hepF<b$L9Y(`!C3!5kvq0
literal 0
HcmV?d00001
diff --git a/test/recipes/80-test_pkcs12_data/pbmac1_256_256.good-shorter-key-len.p12 b/test/recipes/80-test_pkcs12_data/pbmac1_256_256.good-shorter-key-len.p12
new file mode 100644
index 0000000000000000000000000000000000000000..3c202dd58d7fa1d3cd4f9d7252565aff2145ec96
GIT binary patch
literal 2803
zcmai$c{CLK8pp?&nK0JLlC5l$C25AS3xi5zEfIyREi~3J_OX<;O!jq5gVCVWt0FRy
zLWn5D*v7uhFcgYh@45HXx%b?2-anr6Jm2s4Ilte3pYtGaTudMvI|9e$0O3?hG)>&(
zVLQM^z;T@g;kZui+h_z1l>8@x5OARIeJcdW2H0<Ye-bu?%WnbZLD(XYe<U|T4#eNc
zZkYZVaoabG)&SyW-JAykIRFT52*<yF1#*G`2uTR1YoaNeCp(Bu3B>=#i@ZtdDg);p
z%`{Byl19hiKmh!0K}_kzGN8k|+XslKKKI34RXPr4L}`&Qw9J`wViIGn?w~WHP?WKv
zwIyG_$tyLX0`kX>uOYL2Qi;p`P2bm3yy4~N$~l}%Hz1V)^Br&xMlJ*6Z@$YjIK%5J
zB%yUB_vxi$Z&l=c_u_6IpE{;|AmYfSyaGN++tx3aFv2axcRoG`KmTeR6+Nh~WWbql
zIWFhK#;FjDWlGQcW*_oo9Fi)d+&^sT7|v&iG?HLtdmgQI7R8f!ySnn~b84^ab<9$U
zdz$n|zBOJgeVycNIUyJ`KcqkO?4B9Jd>UTKqrKo>zE&_3Y5YjkZKh0gE|)`Xiu1tW
z;e0ZKs?1-ofU-_yjW};o;f0JFs2FG?p$={tqS<RzKU84a;viwM*;-JAl#rVo;UVmu
zb?p|_Dzq8Zuy+K%05ckKo(Y_7!XOk6m~?_#<M_R1*il+%zVIm<iu(A&z-R0HhCqg}
zYJ}qJ<U+|G#sajLr}U3vL};<@u@B-8Qt7Y4odadvB-2EGDWLn;=^s((Uc~OMLNM0T
z!=D-&r{=Vb(@#uPNb1|P+WRrp+R~IkVh@`}>&e^AnnaIgH<b!L==Am0KeHrYs*g%J
zm^SYd<M8ax4VI#P^l^W^_b$@D3%lFs-ivXrJ4AbD%dg8~se=$lFGB!XZd>A1q5t*n
zA7vds25OsI`P~t;2l~&MH-?K!-bU$!+!EJRAvwcY8+Xgf%_`};$!@a;dhGQIH^oxO
zBr8SFLI*1bGq(RecC^oCiCOgu|Ba$@37~wHJL8?&Y#uhTOYY<uF*%5YnRBy;Y3Rwf
zThs7rhAPlU@vqmmz6YS;iRyL5g{tm$iwzG^l2#~zfL%)Qy@D;xuA_Lz)2Fk^5rA^(
z7%_ti7UpfiiM<lYz|)MoN?>S+>KB`kG&_I>It8pKEf7%(uvCzL0+_(!KmV)`pHJ{{
z)LtCeDL<5z+Ri152Jx0SE`V0$USY!*S<6};`eHvmRq2M^IMOLQHxx2L=IPT1p6y!H
z_pPy%g4yDe9d+SPGvmp={tMROCQ8;ZwfH*QyxmJBaWA&~lB?r{9<F;Yecd>(&XF0g
zR#J=vb4Hp=Gt!uKPsHNk<&l~#Uah)(^^nuL97h931&E!&Lq#h)#(u292oD38B-dd`
zkCwcj<2mw++oEkG<7}E*DTC%cg8Oym)t*oYvOAj6H?!lJXY(wj{nQ9(!_9}lOdqhm
z>XInUr%_}U$qGU&H?hxjJfbH_O$@}7Wv!debFj!7)AxunM})WOZXcsAwkK8=+vvn5
z!=Vptc6pDWw?b!4;x~RxG^PvQ$(h(u*MI6dqQX10HWH=X9KI)~isVD!z>j}(<!?}d
z2_PJ}aNo||uS^K^KMdpMVgv4n+WV&ZKY?lKs_pZh^kW;bR*SKi+__u-2&Qt~F}Kn&
zcGaZB%Gl=>pJ*T)sMoZI@p1&#LRb#JPihOU`l;56i%b`}i0$ro@7CyI88wK*${Nd#
znVhyVFx6-v8EY7C$-O^*Fe@a?18Qx}bS+oD{4V~kMr#|<_4>0p!X41`QhLXcqk%`x
z3H7+Un!>(ohHm^s2lYqaDvujhqHn$sgYA5Ng|9v!+kE|HckSp0mDJ~^?Jm>eqfe%J
zXLXGVUP`O+4VPhsmE^Tw01Zp0NNPowxjL#J^_I!4t4Q%*{!|q*o~j^l^T#cC1z>H|
zUe#W?@`3jm^9gzeDJh!Uv=(6MUj&UPYR^B1S&W1o-wX-^Odb;{<+|Tn4V5X$AL*QR
z8JnIGd2*_IkZYcKmR{Z%xP3A=xM-wvT{0nR<4K0ic3X+<phM<PeR_k1#vXpWA!%6g
zEY{9s0XZI*BUJSr!@wv7AntUqbo;V;G<Rq;O1`8oc84Rwm_20GQ<Fwo2{p34p&R_<
zYr?(232p4R#H0^Umq!ZTO%;m)TOazhIN#V2TDupntFH3e=eJ@>1uu!GImFAoj67Xf
zZ7}Ax0e;B6a9wp)ouF8^aQyMsYqgT`cN=LWzJw_9Qf)4K(y2zu_hf;OSG-rxK_8-t
z&!%2`L*L)OE!~0-LO{tfO?i2aXX<N91~G3;qLTOpKaUNG+};Y#^BXU248Z`<W-32D
zovL%WZXzq%>d27wR|w(`I(a4d*GIdeA_e*|8~9m+hXIM+djH2~u9QW6rz&LqC&})h
z%ghLjknNz@+iMgHihNDAr<(2K37c#YZO~iY_PT=MPiu`@rZZGa>kEx^Ef-<bt;5A}
zw%6T0ZrVRd{1zOTx1uWb$y&+iwsb3tnmu36>+B&sf}80d^3j>*kEL8O*K5Ws4>y`I
zzOO%ky*cBryvojeBV6OQks;S?$bG9R^~8%7@?YEU26zqu(>6(&r3Nv$?Dy?>xF;*~
zv`#ec!3<#TuFT2`8qP_84n=C`4C*xtu~{eR=j8JASteT~sen8WX*cBb>)U$HwSm4g
zVSU7>vSd-9D|wCcZxdt$By%@E@b2_onhNW!jIB=&y26%n0bJ(PI3%j5T5+-n(|MzB
z5LAO%q^X^MhQAQsk?OP)Z1M10e+w;&i$*CtsPxxx)<Qm|FJ@0-75FmVXe=)85Vw<6
zHypt@5+*8LQ*1P$sFW3qHx1{iU6e}@`8BG(#}JE#jjMevsL1$|zMhz){LCUN3MD8G
zagt^or?}3Qyw;;h1zsrLCg{MOE{Hh>d^<$sL=`_EKK0%WlCu6aw3)AVNB@}8rly@=
zLd1Kj5u%M&ot>TC-n+}*@bK`kTw%?cnHP#0d%lDkSo2z^+0uJy-clWm?;MK9t5(n3
zyL&!%t%!)6TmgTDT#bM+*@L^ndWtgDBj$9!(>Uom3!>-3T2x9nbE&2FemC`zQJU_P
z37lfCm8*&c_LrX*J`O!J>+Y3y^W@kRVl>-^3XSXxB{k4s)?b&m)wmVvqPOBT;TG#M
z;KmsW`{RLoZUma6C=u5)(n$opw2!(pEGs#}f@ArlWs)?&sr5G|hwfrGWfHH`Kjz@P
z^BEr~I>eo8Rce*1Ej_NS?*pz?2WSS|Dqb-$H(H~c_>lsa%L5%E^~~$AXlF=EWew64
zA^jV)oPtQf!!Upk00VFbT;1>2_NPEV5JL9PiV#v5B>2X?o;R6k=LH@W%FN|PRinky
z<PouHh+u@x?@cf-!UTc(Be@asAbyDeAQbCI0FEdcPR*x`4gJkvAe-R-+=u^lErO(2
mUE)jaHCt<tS~HT9YM4|}bJO9faR32@=CJ+Zka6_?Kl?AGg&K(f
literal 0
HcmV?d00001