bug 1009429

0005-Check-for-acceptable-certificate-parameters-when-ver.patch (also 0004) Also update tests to use > 512 bit keys.
sailfishos-mirror · Oct 2, 2015 · 425fe8e · 425fe8e
1 parent be61739
commit 425fe8e
Show file tree

Hide file tree

Showing 4 changed files with 124 additions and 3 deletions.
diff --git a/lib/certhigh/certvfy.c b/lib/certhigh/certvfy.c
@@ -23,6 +23,7 @@
 #include "pkim.h"
 #include "pki3hack.h"
 #include "base.h"
+#include "keyhi.h"
 
 /*
  * Check the validity times of a certificate
@@ -34,6 +35,94 @@ CERT_CertTimesValid(CERTCertificate *c)
     return (valid == secCertTimeValid) ? SECSuccess : SECFailure;
 }
 
+SECStatus checkKeyParams(const SECAlgorithmID *sigAlgorithm, const SECKEYPublicKey *key)
+{
+    SECStatus        rv;
+    SECOidTag sigAlg;
+    SECOidTag curve;
+    PRUint32 policyFlags = 0;
+    PRInt32 minLen, len;
+
+    sigAlg = SECOID_GetAlgorithmTag(sigAlgorithm);
+
+    switch(sigAlg) {
+        case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
+	case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
+	case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
+	case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
+	case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
+	    if (key->keyType != ecKey) {
+		PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+		return SECFailure;
+	    }
+
+            curve = SECKEY_GetECCOid(&key->u.ec.DEREncodedParams);
+	    if (curve != 0) {
+	        if (NSS_GetAlgorithmPolicy(curve, &policyFlags) == SECFailure ||
+	            !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
+	            PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+		    return SECFailure;
+		} else {
+		    return SECSuccess;
+                }
+            } else {
+		PORT_SetError(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE);
+		return SECFailure;
+	    }
+            return SECSuccess;
+	case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
+	case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
+	case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
+	case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
+	case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
+	case SEC_OID_PKCS1_RSA_PSS_SIGNATURE:
+	case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
+	case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
+	    if (key->keyType != rsaKey && key->keyType != rsaPssKey) {
+		PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+		return SECFailure;
+	    }
+
+            len = 8 * key->u.rsa.modulus.len;
+
+            rv = NSS_OptionGet(NSS_RSA_MIN_KEY_SIZE, &minLen);
+            if (rv != SECSuccess) {
+                return SECFailure;
+	    }
+
+            if (len < minLen) {
+                return SECFailure;
+	    }
+
+            return SECSuccess;
+	case SEC_OID_ANSIX9_DSA_SIGNATURE:
+	case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+	case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
+	case SEC_OID_SDN702_DSA_SIGNATURE:
+	case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST:
+	case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST:
+	    if (key->keyType != dsaKey) {
+		PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
+		return SECFailure;
+	    }
+
+            len = 8 * key->u.dsa.params.prime.len;
+
+            rv = NSS_OptionGet(NSS_DSA_MIN_KEY_SIZE, &minLen);
+            if (rv != SECSuccess) {
+                return SECFailure;
+	    }
+
+            if (len < minLen) {
+                return SECFailure;
+	    }
+
+            return SECSuccess;
+	default:
+	    return SECSuccess;
+    }
+}
+
 /*
  * verify the signature of a signed data object with the given DER publickey
  */
@@ -50,7 +139,6 @@ CERT_VerifySignedDataWithPublicKey(const CERTSignedData *sd,
 	PORT_SetError(PR_INVALID_ARGUMENT_ERROR);
 	return SECFailure;
     }
-
     /* check the signature */
     sig = sd->signature;
     /* convert sig->len from bit counts to byte count. */
@@ -61,11 +149,17 @@ CERT_VerifySignedDataWithPublicKey(const CERTSignedData *sd,
     if (rv == SECSuccess) {
         /* Are we honoring signatures for this algorithm?  */
 	PRUint32 policyFlags = 0;
+	rv = checkKeyParams(&sd->signatureAlgorithm, pubKey);
+	if (rv != SECSuccess) {
+	    PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
+	    return SECFailure;
+	}
+
 	rv = NSS_GetAlgorithmPolicy(hashAlg, &policyFlags);
 	if (rv == SECSuccess && 
 	    !(policyFlags & NSS_USE_ALG_IN_CERT_SIGNATURE)) {
 	    PORT_SetError(SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED);
-	    rv = SECFailure;
+	    return SECFailure;
 	}
     }
     return rv;

diff --git a/lib/cryptohi/keyhi.h b/lib/cryptohi/keyhi.h
@@ -260,6 +260,14 @@ extern int SECKEY_ECParamsToKeySize(const SECItem *params);
  */
 extern int SECKEY_ECParamsToBasePointOrderLen(const SECItem *params);
 
+/*
+ * Returns the object identifier of the curve, of the provided
+ * elliptic curve parameters structures.
+ *
+ * Return 0 on failure (unknown EC domain parameters).
+ */
+SECOidTag SECKEY_GetECCOid(const SECKEYECParams * params);
+
 SEC_END_PROTOS
 
 #endif /* _KEYHI_H_ */
diff --git a/lib/cryptohi/seckey.c b/lib/cryptohi/seckey.c
@@ -1904,3 +1904,22 @@ SECKEY_CacheStaticFlags(SECKEYPrivateKey* key)
     }
     return rv;
 }
+
+SECOidTag
+SECKEY_GetECCOid(const SECKEYECParams * params)
+{
+    SECItem oid = { siBuffer, NULL, 0};
+    SECOidData *oidData = NULL;
+
+    /* 
+     * params->data needs to contain the ASN encoding of an object ID (OID)
+     * representing a named curve. Here, we strip away everything
+     * before the actual OID and use the OID to look up a named curve.
+     */
+    if (params->data[0] != SEC_ASN1_OBJECT_ID) return 0;
+    oid.len = params->len - 2;
+    oid.data = params->data + 2;
+    if ((oidData = SECOID_FindOID(&oid)) == NULL) return 0;
+
+    return oidData->offset;
+}
diff --git a/tests/dbupgrade/dbupgrade.sh b/tests/dbupgrade/dbupgrade.sh
@@ -79,7 +79,7 @@ dbupgrade_main()
 
 	if [ -d fips ]; then
 		echo "upgrading db fips"
-		${BINDIR}/certutil -S -g 512 -n tmprsa -t "u,u,u" -s "CN=tmprsa, C=US" -x -d sql:fips -f ${FIPSPWFILE} -z ${NOISE_FILE} 2>&1
+		${BINDIR}/certutil -S -g 1024 -n tmprsa -t "u,u,u" -s "CN=tmprsa, C=US" -x -d sql:fips -f ${FIPSPWFILE} -z ${NOISE_FILE} 2>&1
 		html_msg $? 0 "Upgrading fips"
 		# remove our temp certificate we created in the fist token
 		${BINDIR}/certutil -F -n tmprsa -d sql:fips -f ${FIPSPWFILE} 2>&1