digsig: add hash size comparision on signature verification

When pkcs_1_v1_5_decode_emsa() returns without error and hash sizes do not match, hash comparision is not done and digsig_verify_rsa() returns no error. This is a bug and this patch fixes it. The bug was introduced in v3.3 by commit b35e286a ("lib/digsig: pkcs_1_v1_5_decode_emsa cleanup"). Cc: stable@vger.kernel.org Signed-off-by: N Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org>

digsig: add hash size comparision on signature verification
When pkcs_1_v1_5_decode_emsa() returns without error and hash sizes do not match, hash comparision is not done and digsig_verify_rsa() returns no error. This is a bug and this patch fixes it. The bug was introduced in v3.3 by commit b35e286a ("lib/digsig: pkcs_1_v1_5_decode_emsa cleanup"). Cc: stable@vger.kernel.org Signed-off-by: N Dmitry Kasatkin <dmitry.kasatkin@intel.com> Signed-off-by: N Linus Torvalds <torvalds@linux-foundation.org>
bc01637a · Dmitry Kasatkin · Linus Torvalds · 8507876a · bc01637a
隐藏空白更改
内联并排

Showing with 4 addition and 2 deletion

lib/digsig.c lib/digsig.c +4 -2

未找到文件。
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -163,9 +163,11 @@ static int digsig_verify_rsa(struct key *key,
 	memcpy(out1 + head, p, l);

 	err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
+	if (err)
+		goto err;

-	if (!err && len == hlen)
-		err = memcmp(out2, h, hlen);
+	if (len != hlen || memcmp(out2, h, hlen))
+		err = -EINVAL;

 err:
 	mpi_free(in);