File openssl-CVE-2023-0217-3of4.patch of Package openssl-3.27638
commit 7e0f058ef1e392945609c3922ec92b32569c1e92
Author: Tomas Mraz <tomas@openssl.org>
Date: Fri Jan 13 17:59:52 2023 +0100
Do not create DSA keys without parameters by decoder
Index: openssl-3.0.1/crypto/x509/x_pubkey.c
===================================================================
--- openssl-3.0.1.orig/crypto/x509/x_pubkey.c
+++ openssl-3.0.1/crypto/x509/x_pubkey.c
@@ -745,6 +745,30 @@ DSA *d2i_DSA_PUBKEY(DSA **a, const unsig
return key;
}
+/* Called from decoders; disallows provided DSA keys without parameters. */
+DSA *ossl_d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
+{
+ DSA *key = NULL;
+ const unsigned char *data;
+ const BIGNUM *p, *q, *g;
+
+ data = *pp;
+ key = d2i_DSA_PUBKEY(NULL, &data, length);
+ if (key == NULL)
+ return NULL;
+ DSA_get0_pqg(key, &p, &q, &g);
+ if (p == NULL || q == NULL || g == NULL) {
+ DSA_free(key);
+ return NULL;
+ }
+ *pp = data;
+ if (a != NULL) {
+ DSA_free(*a);
+ *a = key;
+ }
+ return key;
+}
+
int i2d_DSA_PUBKEY(const DSA *a, unsigned char **pp)
{
EVP_PKEY *pktmp;
Index: openssl-3.0.1/include/crypto/x509.h
===================================================================
--- openssl-3.0.1.orig/include/crypto/x509.h
+++ openssl-3.0.1/include/crypto/x509.h
@@ -339,6 +339,9 @@ void ossl_X509_PUBKEY_INTERNAL_free(X509
RSA *ossl_d2i_RSA_PSS_PUBKEY(RSA **a, const unsigned char **pp, long length);
int ossl_i2d_RSA_PSS_PUBKEY(const RSA *a, unsigned char **pp);
+# ifndef OPENSSL_NO_DSA
+DSA *ossl_d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length);
+# endif /* OPENSSL_NO_DSA */
# ifndef OPENSSL_NO_DH
DH *ossl_d2i_DH_PUBKEY(DH **a, const unsigned char **pp, long length);
int ossl_i2d_DH_PUBKEY(const DH *a, unsigned char **pp);
Index: openssl-3.0.1/providers/implementations/encode_decode/decode_der2key.c
===================================================================
--- openssl-3.0.1.orig/providers/implementations/encode_decode/decode_der2key.c
+++ openssl-3.0.1/providers/implementations/encode_decode/decode_der2key.c
@@ -361,7 +361,7 @@ static void *dsa_d2i_PKCS8(void **key, c
(key_from_pkcs8_t *)ossl_dsa_key_from_pkcs8);
}
-# define dsa_d2i_PUBKEY (d2i_of_void *)d2i_DSA_PUBKEY
+# define dsa_d2i_PUBKEY (d2i_of_void *)ossl_d2i_DSA_PUBKEY
# define dsa_free (free_key_fn *)DSA_free
# define dsa_check NULL
