Linux Kernels

PKCS#7: fix direct verification of SignerInfo signature

This change “PKCS#7: fix direct verification of SignerInfo signature” (commit 6459ae3) in Linux kernel is authored by Eric Biggers <ebiggers [at] google.com> on Thu Feb 22 14:38:33 2018 +0000.

Description of "PKCS#7: fix direct verification of SignerInfo signature"

The change “PKCS#7: fix direct verification of SignerInfo signature” introduces changes as follows.

PKCS#7: fix direct verification of SignerInfo signature

If none of the certificates in a SignerInfo's certificate chain match a
trusted key, nor is the last certificate signed by a trusted key, then
pkcs7_validate_trust_one() tries to check whether the SignerInfo's
signature was made directly by a trusted key.  But, it actually fails to
set the 'sig' variable correctly, so it actually verifies the last
signature seen.  That will only be the SignerInfo's signature if the
certificate chain is empty; otherwise it will actually be the last
certificate's signature.

This is not by itself a security problem, since verifying any of the
certificates in the chain should be sufficient to verify the SignerInfo.
Still, it's not working as intended so it should be fixed.

Fix it by setting 'sig' correctly for the direct verification case.

Fixes: 757932e6da6d ("PKCS#7: Handle PKCS#7 messages that contain no X.509 certs")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>

Linux kernel releases containing commit 6459ae3

The Linux kernel releases containing this commit are as follows.

Linux kernel code changes from "PKCS#7: fix direct verification of SignerInfo signature"

There is one line of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 crypto/asymmetric_keys/pkcs7_trust.c | 1 +
 1 file changed, 1 insertion(+)
 
diff --git a/crypto/asymmetric_keys/pkcs7_trust.c b/crypto/asymmetric_keys/pkcs7_trust.c
index 1f4e25f10049..598906b1e28d 100644
--- a/crypto/asymmetric_keys/pkcs7_trust.c
+++ b/crypto/asymmetric_keys/pkcs7_trust.c
@@ -106,6 +106,7 @@ static int pkcs7_validate_trust_one(struct pkcs7_message *pkcs7,
 		pr_devel("sinfo %u: Direct signer is key %x\n",
 			 sinfo->index, key_serial(key));
 		x509 = NULL;
+		sig = sinfo->sig;
 		goto matched;
 	}
 	if (PTR_ERR(key) != -ENOKEY)

The commit for this change in Linux stable tree is 6459ae3 (patch).

Last modified: 2020/01/11 09:46