pool/hostapd
SHA256
6
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 883455 from Base:System

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/883455
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/hostapd?expand=0&rev=41
This commit is contained in:
Richard Brown 2021-04-08 19:31:47 +00:00 committed by Git OBS Bridge
commit 05090c587f
3 changed files with 122 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
CVE-2021-30004.patch Normal file
View File

@ -0,0 +1,115 @@
From a0541334a6394f8237a4393b7372693cd7e96f15 Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Sat, 13 Mar 2021 18:19:31 +0200
Subject: ASN.1: Validate DigestAlgorithmIdentifier parameters
The supported hash algorithms do not use AlgorithmIdentifier parameters.
However, there are implementations that include NULL parameters in
addition to ones that omit the parameters. Previous implementation did
not check the parameters value at all which supported both these cases,
but did not reject any other unexpected information.
Use strict validation of digest algorithm parameters and reject any
unexpected value when validating a signature. This is needed to prevent
potential forging attacks.
Signed-off-by: Jouni Malinen <j@w1.fi>
---
src/tls/pkcs1.c | 21 +++++++++++++++++++++
src/tls/x509v3.c | 20 ++++++++++++++++++++
2 files changed, 41 insertions(+)
diff --git a/src/tls/pkcs1.c b/src/tls/pkcs1.c
index bbdb0d7..5761dfe 100644
--- a/src/tls/pkcs1.c
+++ b/src/tls/pkcs1.c
@@ -244,6 +244,8 @@ int pkcs1_v15_sig_ver(struct crypto_public_key *pk,
os_free(decrypted);
return -1;
}
+ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: DigestInfo",
+ hdr.payload, hdr.length);
pos = hdr.payload;
end = pos + hdr.length;
@@ -265,6 +267,8 @@ int pkcs1_v15_sig_ver(struct crypto_public_key *pk,
os_free(decrypted);
return -1;
}
+ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: DigestAlgorithmIdentifier",
+ hdr.payload, hdr.length);
da_end = hdr.payload + hdr.length;
if (asn1_get_oid(hdr.payload, hdr.length, &oid, &next)) {
@@ -273,6 +277,23 @@ int pkcs1_v15_sig_ver(struct crypto_public_key *pk,
os_free(decrypted);
return -1;
}
+ wpa_hexdump(MSG_MSGDUMP, "PKCS #1: Digest algorithm parameters",
+ next, da_end - next);
+
+ /*
+ * RFC 5754: The correct encoding for the SHA2 algorithms would be to
+ * omit the parameters, but there are implementation that encode these
+ * as a NULL element. Allow these two cases and reject anything else.
+ */
+ if (da_end > next &&
+ (asn1_get_next(next, da_end - next, &hdr) < 0 ||
+ !asn1_is_null(&hdr) ||
+ hdr.payload + hdr.length != da_end)) {
+ wpa_printf(MSG_DEBUG,
+ "PKCS #1: Unexpected digest algorithm parameters");
+ os_free(decrypted);
+ return -1;
+ }
if (!asn1_oid_equal(&oid, hash_alg)) {
char txt[100], txt2[100];
diff --git a/src/tls/x509v3.c b/src/tls/x509v3.c
index a8944dd..df337ec 100644
--- a/src/tls/x509v3.c
+++ b/src/tls/x509v3.c
@@ -1964,6 +1964,7 @@ int x509_check_signature(struct x509_certificate *issuer,
os_free(data);
return -1;
}
+ wpa_hexdump(MSG_MSGDUMP, "X509: DigestInfo", hdr.payload, hdr.length);
pos = hdr.payload;
end = pos + hdr.length;
@@ -1985,6 +1986,8 @@ int x509_check_signature(struct x509_certificate *issuer,
os_free(data);
return -1;
}
+ wpa_hexdump(MSG_MSGDUMP, "X509: DigestAlgorithmIdentifier",
+ hdr.payload, hdr.length);
da_end = hdr.payload + hdr.length;
if (asn1_get_oid(hdr.payload, hdr.length, &oid, &next)) {
@@ -1992,6 +1995,23 @@ int x509_check_signature(struct x509_certificate *issuer,
os_free(data);
return -1;
}
+ wpa_hexdump(MSG_MSGDUMP, "X509: Digest algorithm parameters",
+ next, da_end - next);
+
+ /*
+ * RFC 5754: The correct encoding for the SHA2 algorithms would be to
+ * omit the parameters, but there are implementation that encode these
+ * as a NULL element. Allow these two cases and reject anything else.
+ */
+ if (da_end > next &&
+ (asn1_get_next(next, da_end - next, &hdr) < 0 ||
+ !asn1_is_null(&hdr) ||
+ hdr.payload + hdr.length != da_end)) {
+ wpa_printf(MSG_DEBUG,
+ "X509: Unexpected digest algorithm parameters");
+ os_free(data);
+ return -1;
+ }
if (x509_sha1_oid(&oid)) {
if (signature->oid.oid[6] != 5 /* sha-1WithRSAEncryption */) {
--
cgit v0.12

6
hostapd.changes
View File

@ -1,4 +1,10 @@
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Apr 6 14:51:18 UTC 2021 - Clemens Famulla-Conrad <cfamullaconrad@suse.com>
- Add CVE-2021-30004.patch -- forging attacks may occur because
AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c
(bsc#1184348)
-------------------------------------------------------------------
Tue Feb 23 19:33:56 UTC 2021 - Michael Ströder <michael@stroeder.com> Tue Feb 23 19:33:56 UTC 2021 - Michael Ströder <michael@stroeder.com>
- added AppArmor profile (source apparmor-usr.sbin.hostapd) - added AppArmor profile (source apparmor-usr.sbin.hostapd)

2
hostapd.spec
View File

@ -17,7 +17,6 @@
%bcond_without apparmor %bcond_without apparmor
Name: hostapd Name: hostapd
Version: 2.9 Version: 2.9
Release: 0 Release: 0
@ -34,6 +33,7 @@ Source4: hostapd.service
Source5: apparmor-usr.sbin.hostapd Source5: apparmor-usr.sbin.hostapd
Patch1: CVE-2019-16275.patch Patch1: CVE-2019-16275.patch
Patch2: CVE-2020-12695.patch Patch2: CVE-2020-12695.patch
Patch3: CVE-2021-30004.patch
BuildRequires: libnl3-devel BuildRequires: libnl3-devel
BuildRequires: openssl-devel BuildRequires: openssl-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig