forked from pool/openssl-1_1
Pedro Monreal Gonzalez
18ecb7a582
- Security fix: [bsc#1227138, CVE-2024-5535] * SSL_select_next_proto buffer overread * Add openssl-CVE-2024-5535.patch - Apply "openssl-CVE-2024-4741.patch" to fix a use-after-free security vulnerability. Calling the function SSL_free_buffers() potentially caused memory to be accessed that was previously freed in some situations and a malicious attacker could attempt to engineer a stituation where this occurs to facilitate a denial-of-service attack. [CVE-2024-4741, bsc#1225551] OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=164
53 lines
2.4 KiB
Diff
53 lines
2.4 KiB
Diff
Index: openssl-1.1.1l/crypto/rsa/rsa_pmeth.c
|
|
===================================================================
|
|
--- openssl-1.1.1l.orig/crypto/rsa/rsa_pmeth.c
|
|
+++ openssl-1.1.1l/crypto/rsa/rsa_pmeth.c
|
|
@@ -140,13 +140,11 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *c
|
|
unsigned int sltmp;
|
|
if (rctx->pad_mode != RSA_PKCS1_PADDING)
|
|
return -1;
|
|
- /* PKCS1-v1.5 padding is disallowed after 2023 */
|
|
- fips_sli_disapprove_EVP_PKEY_CTX(ctx);
|
|
ret = RSA_sign_ASN1_OCTET_STRING(0,
|
|
tbs, tbslen, sig, &sltmp, rsa);
|
|
-
|
|
if (ret <= 0)
|
|
return ret;
|
|
+ fips_sli_check_hash_siggen_EVP_PKEY_CTX(ctx, rctx->md);
|
|
ret = sltmp;
|
|
} else if (rctx->pad_mode == RSA_X931_PADDING) {
|
|
if ((size_t)EVP_PKEY_size(ctx->pkey) < tbslen + 1) {
|
|
@@ -179,13 +177,12 @@ static int pkey_rsa_sign(EVP_PKEY_CTX *c
|
|
ret = RSA_private_encrypt(tbslen + 1, rctx->tbuf,
|
|
sig, rsa, RSA_X931_PADDING);
|
|
} else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
|
|
- /* PKCS1-v1.5 padding is disallowed after 2023 */
|
|
- fips_sli_disapprove_EVP_PKEY_CTX(ctx);
|
|
unsigned int sltmp;
|
|
ret = RSA_sign(EVP_MD_type(rctx->md),
|
|
tbs, tbslen, sig, &sltmp, rsa);
|
|
if (ret <= 0)
|
|
return ret;
|
|
+ fips_sli_check_hash_siggen_EVP_PKEY_CTX(ctx, rctx->md);
|
|
ret = sltmp;
|
|
} else if (rctx->pad_mode == RSA_PKCS1_PSS_PADDING) {
|
|
if (!setup_tbuf(rctx, ctx))
|
|
@@ -290,10 +287,13 @@ static int pkey_rsa_verify(EVP_PKEY_CTX
|
|
|
|
if (rctx->md) {
|
|
if (rctx->pad_mode == RSA_PKCS1_PADDING) {
|
|
- /* PKCS1-v1.5 padding is disallowed after 2023 */
|
|
- fips_sli_disapprove_EVP_PKEY_CTX(ctx);
|
|
- return RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
|
|
- sig, siglen, rsa);
|
|
+ int ret;
|
|
+ ret = RSA_verify(EVP_MD_type(rctx->md), tbs, tbslen,
|
|
+ sig, siglen, rsa);
|
|
+ if (ret <= 0)
|
|
+ return 0;
|
|
+ fips_sli_check_hash_sigver_EVP_PKEY_CTX(ctx, rctx->md);
|
|
+ return ret;
|
|
}
|
|
if (tbslen != (size_t)EVP_MD_size(rctx->md)) {
|
|
RSAerr(RSA_F_PKEY_RSA_VERIFY, RSA_R_INVALID_DIGEST_LENGTH);
|