search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
openssl-1.1: fix CVE-2023-5678 and CVE-2024-9143
[oi-userland.git] / components / library / openssl / openssl-1.1 / patches / CVE-2023-5678-and-CVE-2024-0727.patch
blob1e18aedcebc2da2788fdacde16d0cff1bfd021a6
1 From 01ca0bbbe65215f6ae72bba7d63ea67fb53c4f9a Mon Sep 17 00:00:00 2001
2 From: Ken Zalewski <ken.zalewski@gmail.com>
3 Date: Sat, 13 Jul 2024 11:00:49 -0400
4 Subject: [PATCH] Patch to openssl-1.1.1x. This version addresses two
5 vulnerabilities: CVE-2023-5678 and CVE-2024-0727
6
7 ---
8 crypto/dh/dh_check.c | 13 +++++++++++++
9 crypto/dh/dh_err.c | 2 ++
10 crypto/dh/dh_key.c | 10 ++++++++++
11 crypto/err/openssl.txt | 2 ++
12 crypto/pkcs12/p12_add.c | 18 ++++++++++++++++++
13 crypto/pkcs12/p12_mutl.c | 5 +++++
14 crypto/pkcs12/p12_npas.c | 5 +++--
15 crypto/pkcs12/pk12err.c | 2 ++
16 crypto/pkcs7/pk7_mime.c | 9 +++++++--
17 include/openssl/dh.h | 6 ++++--
18 include/openssl/dherr.h | 2 ++
19 include/openssl/opensslv.h | 4 ++--
20 include/openssl/pkcs12err.h | 1 +
21 13 files changed, 71 insertions(+), 8 deletions(-)
22
23 diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
24 index ae1b03b..40dfc57 100644
25 --- a/crypto/dh/dh_check.c
26 +++ b/crypto/dh/dh_check.c
27 @@ -198,6 +198,19 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
28 BN_CTX *ctx = NULL;
29
30 *ret = 0;
31 +
32 + /* Don't do any checks at all with an excessively large modulus */
33 + if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
34 + DHerr(DH_F_DH_CHECK_PUB_KEY, DH_R_MODULUS_TOO_LARGE);
35 + *ret = DH_CHECK_P_NOT_PRIME | DH_CHECK_PUBKEY_INVALID;
36 + return 0;
37 + }
38 +
39 + if (dh->q != NULL && BN_ucmp(dh->p, dh->q) < 0) {
40 + *ret |= DH_CHECK_INVALID_Q_VALUE | DH_CHECK_PUBKEY_INVALID;
41 + return 1;
42 + }
43 +
44 ctx = BN_CTX_new();
45 if (ctx == NULL)
46 goto err;
47 diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
48 index 92800d3..048ba66 100644
49 --- a/crypto/dh/dh_err.c
50 +++ b/crypto/dh/dh_err.c
51 @@ -21,6 +21,7 @@ static const ERR_STRING_DATA DH_str_functs[] = {
52 {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK, 0), "DH_check"},
53 {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_EX, 0), "DH_check_ex"},
54 {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PARAMS_EX, 0), "DH_check_params_ex"},
55 + {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY, 0), "DH_check_pub_key"},
56 {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY_EX, 0), "DH_check_pub_key_ex"},
57 {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_DECRYPT, 0), "dh_cms_decrypt"},
58 {ERR_PACK(ERR_LIB_DH, DH_F_DH_CMS_SET_PEERKEY, 0), "dh_cms_set_peerkey"},
59 @@ -82,6 +83,7 @@ static const ERR_STRING_DATA DH_str_reasons[] = {
60 {ERR_PACK(ERR_LIB_DH, 0, DH_R_PARAMETER_ENCODING_ERROR),
61 "parameter encoding error"},
62 {ERR_PACK(ERR_LIB_DH, 0, DH_R_PEER_KEY_ERROR), "peer key error"},
63 + {ERR_PACK(ERR_LIB_DH, 0, DH_R_Q_TOO_LARGE), "q too large"},
64 {ERR_PACK(ERR_LIB_DH, 0, DH_R_SHARED_INFO_ERROR), "shared info error"},
65 {ERR_PACK(ERR_LIB_DH, 0, DH_R_UNABLE_TO_CHECK_GENERATOR),
66 "unable to check generator"},
67 diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
68 index 117f2fa..9f5e6f6 100644
69 --- a/crypto/dh/dh_key.c
70 +++ b/crypto/dh/dh_key.c
71 @@ -114,6 +114,11 @@ static int generate_key(DH *dh)
72 return 0;
73 }
74
75 + if (dh->q != NULL && BN_num_bits(dh->q) > OPENSSL_DH_MAX_MODULUS_BITS) {
76 + DHerr(DH_F_GENERATE_KEY, DH_R_Q_TOO_LARGE);
77 + return 0;
78 + }
79 +
80 ctx = BN_CTX_new();
81 if (ctx == NULL)
82 goto err;
83 @@ -207,6 +212,11 @@ static int compute_key(unsigned char *key, const BIGNUM *pub_key, DH *dh)
84 goto err;
85 }
86
87 + if (dh->q != NULL && BN_num_bits(dh->q) > OPENSSL_DH_MAX_MODULUS_BITS) {
88 + DHerr(DH_F_COMPUTE_KEY, DH_R_Q_TOO_LARGE);
89 + goto err;
90 + }
91 +
92 ctx = BN_CTX_new();
93 if (ctx == NULL)
94 goto err;
95 diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
96 index c0a3cd7..ec3823e 100644
97 --- a/crypto/err/openssl.txt
98 +++ b/crypto/err/openssl.txt
99 @@ -969,6 +969,7 @@ PKCS12_F_PKCS12_SETUP_MAC:122:PKCS12_setup_mac
100 PKCS12_F_PKCS12_SET_MAC:123:PKCS12_set_mac
101 PKCS12_F_PKCS12_UNPACK_AUTHSAFES:130:PKCS12_unpack_authsafes
102 PKCS12_F_PKCS12_UNPACK_P7DATA:131:PKCS12_unpack_p7data
103 +PKCS12_F_PKCS12_UNPACK_P7ENCDATA:134:PKCS12_unpack_p7encdata
104 PKCS12_F_PKCS12_VERIFY_MAC:126:PKCS12_verify_mac
105 PKCS12_F_PKCS8_ENCRYPT:125:PKCS8_encrypt
106 PKCS12_F_PKCS8_SET0_PBE:132:PKCS8_set0_pbe
107 @@ -2106,6 +2107,7 @@ DH_R_NO_PARAMETERS_SET:107:no parameters set
108 DH_R_NO_PRIVATE_VALUE:100:no private value
109 DH_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
110 DH_R_PEER_KEY_ERROR:111:peer key error
111 +DH_R_Q_TOO_LARGE:130:q too large
112 DH_R_SHARED_INFO_ERROR:113:shared info error
113 DH_R_UNABLE_TO_CHECK_GENERATOR:121:unable to check generator
114 DSA_R_BAD_Q_VALUE:102:bad q value
115 diff --git a/crypto/pkcs12/p12_add.c b/crypto/pkcs12/p12_add.c
116 index af184c8..6549691 100644
117 --- a/crypto/pkcs12/p12_add.c
118 +++ b/crypto/pkcs12/p12_add.c
119 @@ -76,6 +76,12 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7data(PKCS7 *p7)
120 PKCS12_R_CONTENT_TYPE_NOT_DATA);
121 return NULL;
122 }
123 +
124 + if (p7->d.data == NULL) {
125 + PKCS12err(PKCS12_F_PKCS12_UNPACK_P7DATA, PKCS12_R_DECODE_ERROR);
126 + return NULL;
127 + }
128 +
129 return ASN1_item_unpack(p7->d.data, ASN1_ITEM_rptr(PKCS12_SAFEBAGS));
130 }
131
132 @@ -132,6 +138,12 @@ STACK_OF(PKCS12_SAFEBAG) *PKCS12_unpack_p7encdata(PKCS7 *p7, const char *pass,
133 {
134 if (!PKCS7_type_is_encrypted(p7))
135 return NULL;
136 +
137 + if (p7->d.encrypted == NULL) {
138 + PKCS12err(PKCS12_F_PKCS12_UNPACK_P7ENCDATA, PKCS12_R_DECODE_ERROR);
139 + return NULL;
140 + }
141 +
142 return PKCS12_item_decrypt_d2i(p7->d.encrypted->enc_data->algorithm,
143 ASN1_ITEM_rptr(PKCS12_SAFEBAGS),
144 pass, passlen,
145 @@ -159,6 +171,12 @@ STACK_OF(PKCS7) *PKCS12_unpack_authsafes(const PKCS12 *p12)
146 PKCS12_R_CONTENT_TYPE_NOT_DATA);
147 return NULL;
148 }
149 +
150 + if (p12->authsafes->d.data == NULL) {
151 + PKCS12err(PKCS12_F_PKCS12_UNPACK_AUTHSAFES, PKCS12_R_DECODE_ERROR);
152 + return NULL;
153 + }
154 +
155 return ASN1_item_unpack(p12->authsafes->d.data,
156 ASN1_ITEM_rptr(PKCS12_AUTHSAFES));
157 }
158 diff --git a/crypto/pkcs12/p12_mutl.c b/crypto/pkcs12/p12_mutl.c
159 index 3658003..766c9c1 100644
160 --- a/crypto/pkcs12/p12_mutl.c
161 +++ b/crypto/pkcs12/p12_mutl.c
162 @@ -93,6 +93,11 @@ static int pkcs12_gen_mac(PKCS12 *p12, const char *pass, int passlen,
163 return 0;
164 }
165
166 + if (p12->authsafes->d.data == NULL) {
167 + PKCS12err(PKCS12_F_PKCS12_GEN_MAC, PKCS12_R_DECODE_ERROR);
168 + return 0;
169 + }
170 +
171 salt = p12->mac->salt->data;
172 saltlen = p12->mac->salt->length;
173 if (!p12->mac->iter)
174 diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c
175 index 0334289..1303376 100644
176 --- a/crypto/pkcs12/p12_npas.c
177 +++ b/crypto/pkcs12/p12_npas.c
178 @@ -78,8 +78,9 @@ static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass)
179 bags = PKCS12_unpack_p7data(p7);
180 } else if (bagnid == NID_pkcs7_encrypted) {
181 bags = PKCS12_unpack_p7encdata(p7, oldpass, -1);
182 - if (!alg_get(p7->d.encrypted->enc_data->algorithm,
183 - &pbe_nid, &pbe_iter, &pbe_saltlen))
184 + if (p7->d.encrypted == NULL
185 + || !alg_get(p7->d.encrypted->enc_data->algorithm,
186 + &pbe_nid, &pbe_iter, &pbe_saltlen))
187 goto err;
188 } else {
189 continue;
190 diff --git a/crypto/pkcs12/pk12err.c b/crypto/pkcs12/pk12err.c
191 index 38ce519..3eb7f2f 100644
192 --- a/crypto/pkcs12/pk12err.c
193 +++ b/crypto/pkcs12/pk12err.c
194 @@ -58,6 +58,8 @@ static const ERR_STRING_DATA PKCS12_str_functs[] = {
195 "PKCS12_unpack_authsafes"},
196 {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_UNPACK_P7DATA, 0),
197 "PKCS12_unpack_p7data"},
198 + {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_UNPACK_P7ENCDATA, 0),
199 + "PKCS12_unpack_p7encdata"},
200 {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS12_VERIFY_MAC, 0),
201 "PKCS12_verify_mac"},
202 {ERR_PACK(ERR_LIB_PKCS12, PKCS12_F_PKCS8_ENCRYPT, 0), "PKCS8_encrypt"},
203 diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c
204 index 19e6868..635af10 100644
205 --- a/crypto/pkcs7/pk7_mime.c
206 +++ b/crypto/pkcs7/pk7_mime.c
207 @@ -30,10 +30,15 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
208 {
209 STACK_OF(X509_ALGOR) *mdalgs;
210 int ctype_nid = OBJ_obj2nid(p7->type);
211 - if (ctype_nid == NID_pkcs7_signed)
212 + if (ctype_nid == NID_pkcs7_signed) {
213 + if (p7->d.sign == NULL) {
214 + return 0;
215 + }
216 mdalgs = p7->d.sign->md_algs;
217 - else
218 + }
219 + else {
220 mdalgs = NULL;
221 + }
222
223 flags ^= SMIME_OLDMIME;
224
225 diff --git a/include/openssl/dh.h b/include/openssl/dh.h
226 index 6c6ff36..d2a9c0d 100644
227 --- a/include/openssl/dh.h
228 +++ b/include/openssl/dh.h
229 @@ -71,14 +71,16 @@ DECLARE_ASN1_ITEM(DHparams)
230 /* #define DH_GENERATOR_3 3 */
231 # define DH_GENERATOR_5 5
232
233 -/* DH_check error codes */
234 +/* DH_check error codes, some of them shared with DH_check_pub_key */
235 # define DH_CHECK_P_NOT_PRIME 0x01
236 # define DH_CHECK_P_NOT_SAFE_PRIME 0x02
237 # define DH_UNABLE_TO_CHECK_GENERATOR 0x04
238 # define DH_NOT_SUITABLE_GENERATOR 0x08
239 # define DH_CHECK_Q_NOT_PRIME 0x10
240 -# define DH_CHECK_INVALID_Q_VALUE 0x20
241 +# define DH_CHECK_INVALID_Q_VALUE 0x20 /* +DH_check_pub_key */
242 # define DH_CHECK_INVALID_J_VALUE 0x40
243 +# define DH_MODULUS_TOO_SMALL 0x80
244 +# define DH_MODULUS_TOO_LARGE 0x100 /* +DH_check_pub_key */
245
246 /* DH_check_pub_key error codes */
247 # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
248 diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
249 index 528c819..a98bb1e 100644
250 --- a/include/openssl/dherr.h
251 +++ b/include/openssl/dherr.h
252 @@ -33,6 +33,7 @@ int ERR_load_DH_strings(void);
253 # define DH_F_DH_CHECK 126
254 # define DH_F_DH_CHECK_EX 121
255 # define DH_F_DH_CHECK_PARAMS_EX 122
256 +# define DH_F_DH_CHECK_PUB_KEY 127
257 # define DH_F_DH_CHECK_PUB_KEY_EX 123
258 # define DH_F_DH_CMS_DECRYPT 114
259 # define DH_F_DH_CMS_SET_PEERKEY 115
260 @@ -82,6 +83,7 @@ int ERR_load_DH_strings(void);
261 # define DH_R_NO_PRIVATE_VALUE 100
262 # define DH_R_PARAMETER_ENCODING_ERROR 105
263 # define DH_R_PEER_KEY_ERROR 111
264 +# define DH_R_Q_TOO_LARGE 130
265 # define DH_R_SHARED_INFO_ERROR 113
266 # define DH_R_UNABLE_TO_CHECK_GENERATOR 121
267
268 diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
269 index 5667d47..c16eafd 100644
270 --- a/include/openssl/opensslv.h
271 +++ b/include/openssl/opensslv.h
272 @@ -39,8 +39,8 @@ extern "C" {
273 * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
274 * major minor fix final patch/beta)
275 */
276 -# define OPENSSL_VERSION_NUMBER 0x1010117fL
277 -# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1w 11 Sep 2023"
278 +# define OPENSSL_VERSION_NUMBER 0x1010118fL
279 +# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1x 25 Jan 2024"
280
281 /*-
282 * The macros below are to be used for shared library (.so, .dll, ...)
283 diff --git a/include/openssl/pkcs12err.h b/include/openssl/pkcs12err.h
284 index eff5eb2..0d2f15a 100644
285 --- a/include/openssl/pkcs12err.h
286 +++ b/include/openssl/pkcs12err.h
287 @@ -49,6 +49,7 @@ int ERR_load_PKCS12_strings(void);
288 # define PKCS12_F_PKCS12_SET_MAC 123
289 # define PKCS12_F_PKCS12_UNPACK_AUTHSAFES 130
290 # define PKCS12_F_PKCS12_UNPACK_P7DATA 131
291 +# define PKCS12_F_PKCS12_UNPACK_P7ENCDATA 134
292 # define PKCS12_F_PKCS12_VERIFY_MAC 126
293 # define PKCS12_F_PKCS8_ENCRYPT 125
294 # define PKCS12_F_PKCS8_SET0_PBE 132
295