Commit f985911b authored by zhenwei pi's avatar zhenwei pi Committed by Jarkko Sakkinen

crypto: public_key: fix overflow during implicit conversion

Hit kernel warning like this, it can be reproduced by verifying 256
bytes datafile by keyctl command, run script:
RAWDATA=rawdata
SIGDATA=sigdata

modprobe pkcs8_key_parser

rm -rf *.der *.pem *.pfx
rm -rf $RAWDATA
dd if=/dev/random of=$RAWDATA bs=256 count=1

openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem \
  -subj "/C=CN/ST=GD/L=SZ/O=vihoo/OU=dev/CN=xx.com/emailAddress=yy@xx.com"

KEY_ID=`openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER | keyctl \
  padd asymmetric 123 @s`

keyctl pkey_sign $KEY_ID 0 $RAWDATA enc=pkcs1 hash=sha1 > $SIGDATA
keyctl pkey_verify $KEY_ID 0 $RAWDATA $SIGDATA enc=pkcs1 hash=sha1

Then the kernel reports:
 WARNING: CPU: 5 PID: 344556 at crypto/rsa-pkcs1pad.c:540
   pkcs1pad_verify+0x160/0x190
 ...
 Call Trace:
  public_key_verify_signature+0x282/0x380
  ? software_key_query+0x12d/0x180
  ? keyctl_pkey_params_get+0xd6/0x130
  asymmetric_key_verify_signature+0x66/0x80
  keyctl_pkey_verify+0xa5/0x100
  do_syscall_64+0x35/0xb0
  entry_SYSCALL_64_after_hwframe+0x44/0xae

The reason of this issue, in function 'asymmetric_key_verify_signature':
'.digest_size(u8) = params->in_len(u32)' leads overflow of an u8 value,
so use u32 instead of u8 for digest_size field. And reorder struct
public_key_signature, it saves 8 bytes on a 64-bit machine.

Cc: stable@vger.kernel.org
Signed-off-by: default avatarzhenwei pi <pizhenwei@bytedance.com>
Reviewed-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: default avatarJarkko Sakkinen <jarkko@kernel.org>
parent 047d4226
...@@ -38,9 +38,9 @@ extern void public_key_free(struct public_key *key); ...@@ -38,9 +38,9 @@ extern void public_key_free(struct public_key *key);
struct public_key_signature { struct public_key_signature {
struct asymmetric_key_id *auth_ids[2]; struct asymmetric_key_id *auth_ids[2];
u8 *s; /* Signature */ u8 *s; /* Signature */
u32 s_size; /* Number of bytes in signature */
u8 *digest; u8 *digest;
u8 digest_size; /* Number of bytes in digest */ u32 s_size; /* Number of bytes in signature */
u32 digest_size; /* Number of bytes in digest */
const char *pkey_algo; const char *pkey_algo;
const char *hash_algo; const char *hash_algo;
const char *encoding; const char *encoding;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment