Accepting request 592071 from home:vitezslav_cizek:branches:security:tls

- Tolerate a Certificate using a non-supported group on server side (boo#1084651) * https://github.com/openssl/openssl/pull/5607 * add 0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch OBS-URL: https://build.opensuse.org/request/show/592071 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=8
2018-03-28 14:56:27 +00:00 · 2018-03-28 14:56:27 +00:00 · 54892abfae
commit 54892abfae
parent d99d49a007
3 changed files with 114 additions and 0 deletions
--- a/0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
+++ b/0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
@ -0,0 +1,104 @@
+From e9d26dc85238c071117d911704f5f769e79b46a1 Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Tue, 13 Mar 2018 17:23:10 +0000
+Subject: [PATCH] Tolerate a Certificate using a non-supported group on server
+ side
+
+If a server has been configured to use an ECDSA certificate, we should
+allow it regardless of whether the server's own supported groups list
+includes the certificate's group.
+
+Fixes #2033
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+(Merged from https://github.com/openssl/openssl/pull/5607)
+---
+ ssl/t1_lib.c | 30 +++++++++++++++++++++---------
+ 1 file changed, 21 insertions(+), 9 deletions(-)
+
+diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
+index 7a5721a1e2..dc4e6526d6 100644
+--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
+@@ -490,13 +490,16 @@ static int tls1_set_ec_id(unsigned char *curve_id, unsigned char *comp_id,
+     return 1;
+ }
+ 
+# define DONT_CHECK_OWN_GROUPS  0
+# define CHECK_OWN_GROUPS       1
+ /* Check an EC key is compatible with extensions */
+-static int tls1_check_ec_key(SSL *s,
+-                             unsigned char *curve_id, unsigned char *comp_id)
+static int tls1_check_ec_key(SSL *s, unsigned char *curve_id,
+                             unsigned char *comp_id, int check_own_groups)
+ {
+     const unsigned char *pformats, *pcurves;
+     size_t num_formats, num_curves, i;
+     int j;
+
+     /*
+      * If point formats extension present check it, otherwise everything is
+      * supported (see RFC4492).
+@@ -513,8 +516,12 @@ static int tls1_check_ec_key(SSL *s,
+     }
+     if (!curve_id)
+         return 1;
+
+    if (!s->server && !check_own_groups)
+        return 1;
+
+     /* Check curve is consistent with client and server preferences */
+-    for (j = 0; j <= 1; j++) {
+    for (j = check_own_groups ? 0 : 1; j <= 1; j++) {
+         if (!tls1_get_curvelist(s, j, &pcurves, &num_curves))
+             return 0;
+         if (j == 1 && num_curves == 0) {
+@@ -579,9 +586,12 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int set_ee_md)
+         return 0;
+     /*
+      * Can't check curve_id for client certs as we don't have a supported
+-     * curves extension.
+     * curves extension. For server certs we will tolerate certificates that
+     * aren't in our own list of curves. If we've been configured to use an EC
+     * cert then we should use it - therefore we use DONT_CHECK_OWN_GROUPS here.
+      */
+-    rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id);
+    rv = tls1_check_ec_key(s, s->server ? curve_id : NULL, &comp_id,
+                           DONT_CHECK_OWN_GROUPS);
+     if (!rv)
+         return 0;
+     /*
+@@ -644,7 +654,7 @@ int tls1_check_ec_tmp_key(SSL *s, unsigned long cid)
+             return 0;
+         curve_id[0] = 0;
+         /* Check this curve is acceptable */
+-        if (!tls1_check_ec_key(s, curve_id, NULL))
+        if (!tls1_check_ec_key(s, curve_id, NULL, CHECK_OWN_GROUPS))
+             return 0;
+         return 1;
+     }
+@@ -746,8 +756,9 @@ size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned char **psigs)
+ }
+ 
+ /*
+- * Check signature algorithm is consistent with sent supported signature
+- * algorithms and if so return relevant digest.
+ * Check signature algorithm received from the peer with a signature is
+ * consistent with the sent supported signature algorithms and if so return
+ * relevant digest.
+  */
+ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
+                             const unsigned char *sig, EVP_PKEY *pkey)
+@@ -769,7 +780,8 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s,
+         /* Check compression and curve matches extensions */
+         if (!tls1_set_ec_id(curve_id, &comp_id, EVP_PKEY_get0_EC_KEY(pkey)))
+             return 0;
+-        if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id)) {
+        if (!s->server && !tls1_check_ec_key(s, curve_id, &comp_id,
+                                             CHECK_OWN_GROUPS)) {
+             SSLerr(SSL_F_TLS12_CHECK_PEER_SIGALG, SSL_R_WRONG_CURVE);
+             return 0;
+         }
+-- 
+2.16.2
+
--- a/openssl-1_1.changes
+++ b/openssl-1_1.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Mar 28 14:34:49 UTC 2018 - vcizek@suse.com
+
+- Tolerate a Certificate using a non-supported group on server side
+  (boo#1084651)
+  * https://github.com/openssl/openssl/pull/5607
+  * add 0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
+
 -------------------------------------------------------------------
 Tue Mar 27 14:42:36 UTC 2018 - vcizek@suse.com

--- a/openssl-1_1.spec
+++ b/openssl-1_1.spec
@ -74,6 +74,8 @@ Patch69:        0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
 Patch70:        0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
 Patch71:        0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
 Patch72:        0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
+# PATCH-FIX-UPSTREAM (boo#1084651)
+Patch73:        0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch
 BuildRequires:  bc
 BuildRequires:  ed
 BuildRequires:  pkgconfig