X.509: Check the algorithm IDs obtained from parsing an X.509 certificate

Check that the algorithm IDs obtained from the ASN.1 parse by OID lookup corresponds to algorithms that are available to us. Reported-by: Kees Cook <keescook@chromium.org> Signed-off-by: David Howells <dhowells@redhat.com>

X.509: Check the algorithm IDs obtained from parsing an X.509 certificate
Check that the algorithm IDs obtained from the ASN.1 parse by OID lookup corresponds to algorithms that are available to us. Reported-by: Kees Cook <keescook@chromium.org> Signed-off-by: David Howells <dhowells@redhat.com>
2ecdb23b · David Howells · b426beb6 · 2ecdb23b
Commit 2ecdb23b authored Aug 30, 2013 by David Howells
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 0 deletions

crypto/asymmetric_keys/x509_public_key.c crypto/asymmetric_keys/x509_public_key.c +11 -0

No files found.
--- a/crypto/asymmetric_keys/x509_public_key.c
+++ b/crypto/asymmetric_keys/x509_public_key.c
@@ -119,6 +119,17 @@ static int x509_key_preparse(struct key_preparsed_payload *prep)

 	pr_devel("Cert Issuer: %s\n", cert->issuer);
 	pr_devel("Cert Subject: %s\n", cert->subject);
+
+	if (cert->pub->pkey_algo >= PKEY_ALGO__LAST ||
+	    cert->sig.pkey_algo >= PKEY_ALGO__LAST ||
+	    cert->sig.pkey_hash_algo >= PKEY_HASH__LAST ||
+	    !pkey_algo[cert->pub->pkey_algo] ||
+	    !pkey_algo[cert->sig.pkey_algo] ||
+	    !pkey_hash_algo_name[cert->sig.pkey_hash_algo]) {
+		ret = -ENOPKG;
+		goto error_free_cert;
+	}
+
 	pr_devel("Cert Key Algo: %s\n", pkey_algo_name[cert->pub->pkey_algo]);
 	pr_devel("Cert Valid From: %04ld-%02d-%02d %02d:%02d:%02d\n",
 		 cert->valid_from.tm_year + 1900, cert->valid_from.tm_mon + 1,