Commit bc01637a authored Sep 12, 2012 by Dmitry Kasatkin Committed by Linus Torvalds Sep 13, 2012

digsig: add hash size comparision on signature verification



When pkcs_1_v1_5_decode_emsa() returns without error and hash sizes do
not match, hash comparision is not done and digsig_verify_rsa() returns
no error.  This is a bug and this patch fixes it.

The bug was introduced in v3.3 by commit b35e286a ("lib/digsig:
pkcs_1_v1_5_decode_emsa cleanup").

Cc: stable@vger.kernel.org
Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent 8507876a

lib/digsig.c

+4 −2

Original line number	Diff line number	Diff line
		@@ -163,9 +163,11 @@ static int digsig_verify_rsa(struct key *key,
		memcpy(out1 + head, p, l);

		err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
		if (err)
		goto err;

		if (!err && len == hlen)
		err = memcmp(out2, h, hlen);
		if (len != hlen \|\| memcmp(out2, h, hlen))
		err = -EINVAL;

		err:
		mpi_free(in);