| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Dec 2022 09:49:29 +0100
From: Roberto Sassu <roberto.sassu@...weicloud.com>
To: Herbert Xu <herbert@...dor.apana.org.au>
Cc: Eric Biggers <ebiggers@...nel.org>, dhowells@...hat.com,
davem@...emloft.net, zohar@...ux.ibm.com,
dmitry.kasatkin@...il.com, paul@...l-moore.com, jmorris@...ei.org,
serge@...lyn.com, linux-integrity@...r.kernel.org,
linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
Roberto Sassu <roberto.sassu@...wei.com>,
stable@...r.kernel.org
Subject: Re: [PATCH v2] KEYS: asymmetric: Copy sig and digest in
public_key_verify_signature()
On Mon, 2022-12-12 at 17:15 +0800, Herbert Xu wrote:
> On Mon, Dec 12, 2022 at 10:07:38AM +0100, Roberto Sassu wrote:
> > The problem is a misalignment between req->src_len (set to sig->s_size
> > by akcipher_request_set_crypt()) and the length of the scatterlist (if
> > we set the latter to sig->s_size + sig->digest_size).
> >
> > When rsa_enc() calls mpi_read_raw_from_sgl(), it passes req->src_len as
> > argument, and the latter allocates the MPI according to that. However,
> > it does parsing depending on the length of the scatterlist.
> >
> > If there are two scatterlists, it is not a problem, there is no
> > misalignment. mpi_read_raw_from_sgl() picks the first. If there is just
> > one, mpi_read_raw_from_sgl() parses all data there.
>
> Thanks for the explanation. That's definitely a bug which should
> be fixed either in the RSA code or in MPI.
>
> I'll look into it.
Hi Herbert
do you have any news on this bug?
Thanks
Roberto
Powered by blists - more mailing lists