On 2021-01-29 20:35:52 [+0100], To Kurt Roeckx wrote: > On 2021-01-28 00:28:03 [+0100], Kurt Roeckx wrote: > > On Thu, Jan 14, 2021 at 07:03:37PM +0100, Kurt Roeckx wrote: > > > There are a whole bunch of other issues and pull requests related to > > > this. I hope this is the end of the regressions in the X509 code. > > > > So there is something else now: > > https://github.com/openssl/openssl/issues/13931 > > https://github.com/openssl/openssl/pull/13982 > > So what is the plan here? Upload to unstable and prepare a pu once it > migrate to testing or right away?
fed to unstable, migrated to testing. The small diff towards the previous is attached. I uploaded the whole thing (source package + amd64 binary) to https://breakpoint.cc/openssl-pu.tar in case someone wants to test. I think the ship for this pu is sailing without me but I'm ready for the next cruise :) The complete diff vs the last package is comming soon. > > Kurt Sebastian
diff --git a/debian/changelog b/debian/changelog index 56a950734f01d..89ce61e9d6be7 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,8 +5,9 @@ openssl (1.1.1i-0+deb10u1) buster; urgency=medium (Closes: #947949). * Update symbol list. * Apply two patches from upstream to address x509 related regressions. + * Cherry-pick a patch from upstream to address #13931. - -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Sun, 24 Jan 2021 11:22:16 +0100 + -- Sebastian Andrzej Siewior <sebast...@breakpoint.cc> Mon, 01 Feb 2021 23:23:03 +0100 openssl (1.1.1d-0+deb10u4) buster-security; urgency=medium diff --git a/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch b/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch new file mode 100644 index 0000000000000..2b2dfd420cb28 --- /dev/null +++ b/debian/patches/check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch @@ -0,0 +1,244 @@ +From: "Dr. David von Oheimb" <david.von.ohe...@siemens.com> +Date: Tue, 26 Jan 2021 11:53:15 +0100 +Subject: check_sig_alg_match(): weaken sig nid comparison to base alg + +This (re-)allows RSA-PSS signers + +Fixes #13931 + +Reviewed-by: Tomas Mraz <to...@openssl.org> +(Merged from https://github.com/openssl/openssl/pull/13982) +--- + crypto/x509v3/v3_purp.c | 9 ++++++--- + test/certs/ca-pss-cert.pem | 21 +++++++++++++++++++++ + test/certs/ca-pss-key.pem | 28 ++++++++++++++++++++++++++++ + test/certs/ee-pss-cert.pem | 21 +++++++++++++++++++++ + test/certs/mkcert.sh | 22 +++++++++++++++++----- + test/certs/setup.sh | 13 +++++++++---- + test/recipes/25-test_verify.t | 5 ++++- + 7 files changed, 106 insertions(+), 13 deletions(-) + create mode 100644 test/certs/ca-pss-cert.pem + create mode 100644 test/certs/ca-pss-key.pem + create mode 100644 test/certs/ee-pss-cert.pem + +diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c +index 93b5ca4d4283..3f5ce5c91c5d 100644 +--- a/crypto/x509v3/v3_purp.c ++++ b/crypto/x509v3/v3_purp.c +@@ -348,14 +348,17 @@ static int setup_crldp(X509 *x) + /* Check that issuer public key algorithm matches subject signature algorithm */ + static int check_sig_alg_match(const EVP_PKEY *pkey, const X509 *subject) + { +- int pkey_nid; ++ int pkey_sig_nid, subj_sig_nid; + + if (pkey == NULL) + return X509_V_ERR_NO_ISSUER_PUBLIC_KEY; ++ if (OBJ_find_sigid_algs(EVP_PKEY_base_id(pkey), ++ NULL, &pkey_sig_nid) == 0) ++ pkey_sig_nid = EVP_PKEY_base_id(pkey); + if (OBJ_find_sigid_algs(OBJ_obj2nid(subject->cert_info.signature.algorithm), +- NULL, &pkey_nid) == 0) ++ NULL, &subj_sig_nid) == 0) + return X509_V_ERR_UNSUPPORTED_SIGNATURE_ALGORITHM; +- if (EVP_PKEY_type(pkey_nid) != EVP_PKEY_base_id(pkey)) ++ if (pkey_sig_nid != EVP_PKEY_type(subj_sig_nid)) + return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH; + return X509_V_OK; + } +diff --git a/test/certs/ca-pss-cert.pem b/test/certs/ca-pss-cert.pem +new file mode 100644 +index 000000000000..566b63a800f7 +--- /dev/null ++++ b/test/certs/ca-pss-cert.pem +@@ -0,0 +1,21 @@ ++-----BEGIN CERTIFICATE----- ++MIIDXjCCAhagAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa ++MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDASMRAwDgYDVQQDDAdSb290 ++IENBMCAXDTIxMDEyNjEwMDUwOFoYDzIxMjEwMTI3MTAwNTA4WjARMQ8wDQYDVQQD ++DAZDQS1QU1MwggEgMAsGCSqGSIb3DQEBCgOCAQ8AMIIBCgKCAQEAtclsFtJOQgAC ++ZxTPn2T2ksmibRNVAnEfVCgfJxsPN3aEERgqqhWbC4LmGHRIIjQ9DpobarydJivw ++epDaiu11rgwXgenIobIVvVr2+L3ngalYdkwmmPVImNN8Ef575ybE/kVgTu9X37DJ ++t+8psfVGeFg4RKykOi7SfPCSKHKSeZUXPj9AYwZDw4HX2rhstRopXAmUzz2/uAaR ++fmU7tYOG5qhfMUpP+Ce0ZBlLE9JjasY+d20/mDFuvFEc5qjfzNqv/7okyBjaWB4h ++gwnjXASrqKlqHKVU1UyrJc76yAniimy+IoXKAELetIJGSN15GYaWJcAIs0Eybjyk ++gyAu7Zlf/wIDAQABo2AwXjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAd ++BgNVHQ4EFgQUGfmhA/VcxWkh7VUBHxUdHHQLgrAwHwYDVR0jBBgwFoAUjvUlrx6b ++a4Q9fICayVOcTXL3o1IwPQYJKoZIhvcNAQEKMDCgDTALBglghkgBZQMEAgGhGjAY ++BgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMCASADggEBAF6rSSBj+dkv0UGuE1El ++lB9zVpqVlV72RY8gAkmSJmbzblHEO/PYV/UnNJ2C2IXEhAQaE0xKCg+WC2RO56oc ++qZc6UXBCN8G9rJKVxgXVbciP4pQYN6POpmhJfQqzNPwzTADt3HY6X9gQtyG0fuQF ++OPDc+mXjRvBrcYMkAgYiKe+oA45WDWYpIvipWVQ3xP/BSGJqrdKx5SOrJA72+BLM ++bPbD3tBC2SVirDjv0N926Wcb/JQFkM+5YY2/yKNybstngr4Pb1T/tESsIZvGG2Tk ++3IhBl1dJtC9gpGTRa8NzQvcmPK9VUjWtv5YNA+FxD9FTxGibh7Aw1fbFCV91Qjc3 ++JQQ= ++-----END CERTIFICATE----- +diff --git a/test/certs/ca-pss-key.pem b/test/certs/ca-pss-key.pem +new file mode 100644 +index 000000000000..9270c3648447 +--- /dev/null ++++ b/test/certs/ca-pss-key.pem +@@ -0,0 +1,28 @@ ++-----BEGIN PRIVATE KEY----- ++MIIEvQIBADALBgkqhkiG9w0BAQoEggSpMIIEpQIBAAKCAQEAtclsFtJOQgACZxTP ++n2T2ksmibRNVAnEfVCgfJxsPN3aEERgqqhWbC4LmGHRIIjQ9DpobarydJivwepDa ++iu11rgwXgenIobIVvVr2+L3ngalYdkwmmPVImNN8Ef575ybE/kVgTu9X37DJt+8p ++sfVGeFg4RKykOi7SfPCSKHKSeZUXPj9AYwZDw4HX2rhstRopXAmUzz2/uAaRfmU7 ++tYOG5qhfMUpP+Ce0ZBlLE9JjasY+d20/mDFuvFEc5qjfzNqv/7okyBjaWB4hgwnj ++XASrqKlqHKVU1UyrJc76yAniimy+IoXKAELetIJGSN15GYaWJcAIs0EybjykgyAu ++7Zlf/wIDAQABAoIBAErkiNt+GS+nwVWmhUMt3UfsOjal2EgBQt7xCKSbyVEYSqCg ++TDN2Y0IC07kPbwhobR8u7kyzGCs5vwE/3EmQOwNRh/3FyxqSu9IfP9CKrG4GzqMu ++DFjH9PjBaEQhi/pXRqFbA6qBgLpvoytcJNlkK3w5HDVuytoNoDpJAm4XhbEAwVG2 ++u3De40lPKXBFaGjSrUQETnrm0Fhj+J7+VMheQZVjEHwMIOmbIDcckV0OSIWn00XG ++/Md0y0i/U8S0TkP9sVC+cKkKMCNL+BJYf5YucUIna/9PgBD36RRRq2D0e8/iP8m+ ++ftnmW7fxlL2neTZ2sAS+4sm7sOoudaeAta+JoEECgYEA5ZjbBJf+FhyFOBFRoYow ++OHP+JfU7rdi8n5GpNswVmtNx3FK+eoUz+PlXTluUydS3L40ba7/mzYFzAZETF6YO ++Z8STkmvLxRTDzvZoE0SCJQAcG9I1oVWMufDVnHvljflH+IBjvMQM527dfFgaebvD ++TkRvnCup2oV3uT430++15K0CgYEAyrESfgP5f9+zZqz30N+QTWHZCzCUqSDcGhke ++Irvjs5tSrCQibbSGkGNHZ/V019K8rKJQlvNbEEzlRRcohuqIuUPgPmXBbbruqCBP ++a1+DD/HRg6BrTsNo67SbUJ6EsV5D80Ie76Yzye3By7E71xvFzFxbMwcwPFHBDViR ++m4oRwNsCgYEAtdb/N78tVNPXytUkot0wXbW4RtXYI1Lx6StTKnwubEYk+otqIt1W ++kUzhkcTEralUQEvwuMDvCjoJHOeKiINTC2pMOn43j+pnPoY3XXM35BgXKw2svg9k ++emu8ssgJwgz5rF37ICjh03Yh4vZgWaOVBmr7PmPyjYiBjuwxCSDkHa0CgYEAkqwP ++9aBqq131NBd2PG+KvHRR2wcMjFZ672e9puTPoOiEqox7XWeE+Hbe9RtpscONRF8w ++cgsnmmQKhDR93yNYTLgRTRXVItJiYMcAsXIsJR2XvugWvqgpBGds/Km426CbCyyN ++tl1OnJCv6/YUl1RBjeBHHmXVQdDnIgE1XJhMwIECgYEAt4zgPqswoicfDBqakP6X ++ZND0s7fiki2YBmXyASIoUACnpJEWsOOEJrAcW7xtgXgjNxKdk1JqYV3ggU8wgCvv ++9Ugsx0FiuPmIBhYNZMWIItNmpYqPm8KbEwIPqChs9OA+5FREFwFjJgGK2ublfmVj ++dN2I3LilMIXTE4/MQ8Lhcjc= ++-----END PRIVATE KEY----- +diff --git a/test/certs/ee-pss-cert.pem b/test/certs/ee-pss-cert.pem +new file mode 100644 +index 000000000000..e908783b5536 +--- /dev/null ++++ b/test/certs/ee-pss-cert.pem +@@ -0,0 +1,21 @@ ++-----BEGIN CERTIFICATE----- ++MIIDdDCCAiygAwIBAgIBAjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEa ++MBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgGiAwIBIDARMQ8wDQYDVQQDDAZDQS1Q ++U1MwIBcNMjEwMTI2MTAwNjMzWhgPMjEyMTAxMjcxMDA2MzNaMBExDzANBgNVBAMM ++BkVFLVBTUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKj/iVhhha7e ++2ywP1XP74reoG3p1YCvUfTxzdrWu3pMvfySQbckc9Io4zZ+igBZWy7Qsu5PlFx// ++DcZD/jE0+CjYdemju4iC76Ny4lNiBUVN4DGX76qdENJYDZ4GnjK7GwhWXWUPP2aO ++wjagEf/AWTX9SRzdHEIzBniuBDgj5ed1Z9OUrVqpQB+sWRD1DMFkrUrExjVTs5Zq ++ghsVi9GZq+Seb5Sq0pblV/uMkWSKPCQWxtIZvoJgEztisO0+HbPK+WvfMbl6nktH ++aKcpxz9K4iIntO+QY9fv0HJJPlutuRvUK2+GaN3VcxK4Q8ncQQ+io0ZPi2eIhA9h ++/nk0H0qJH7cCAwEAAaN1MHMwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4HmCKX4XOi ++MB8GA1UdIwQYMBaAFBn5oQP1XMVpIe1VAR8VHRx0C4KwMAkGA1UdEwQCMAAwEwYD ++VR0lBAwwCgYIKwYBBQUHAwEwEQYDVR0RBAowCIIGRUUtUFNTMD0GCSqGSIb3DQEB ++CjAwoA0wCwYJYIZIAWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaID ++AgEgA4IBAQCzCXb5XpMvhuwWso9wj4B8AJjCugMlGdrLXIj3ueqyS1qSEcFp1meO ++9jMDCjAkitTdZjf3gqEghC/joUd+XAw3JfOPOl36WlNrm9bwZTnfnCYFRrdprfMo ++Q1Kqy9SNvDeHZZVcGeU3PZSt+EabmR9mQODg/qfpa9/3WktzFbvxlPOS7Tb0n2tn ++vQnTmyrmGN2/o8X1qGQgETw5bH3csKgsPh668zN/gv3DxNN0EVACLaOSahNsNQa7 ++KCcl1ez5KcFc0QIlQajhorTYOIeTb8UmR4wdy5C4Nd9P5OKv1sQvVO9PtswAv/s7 ++Vs48cDO1+ASn0KjN41hXN5+fOIlNqOeU ++-----END CERTIFICATE----- +diff --git a/test/certs/mkcert.sh b/test/certs/mkcert.sh +index ebb71c177857..2126c4fcfea7 100755 +--- a/test/certs/mkcert.sh ++++ b/test/certs/mkcert.sh +@@ -114,6 +114,19 @@ genroot() { + } + + genca() { ++ local OPTIND=1 ++ local purpose= ++ ++ while getopts p: o ++ do ++ case $o in ++ p) purpose="$OPTARG";; ++ *) echo "Usage: $0 genca [-p EKU] cn keyname certname cakeyname cacertname" >&2 ++ return 1;; ++ esac ++ done ++ ++ shift $((OPTIND - 1)) + local cn=$1; shift + local key=$1; shift + local cert=$1; shift +@@ -123,17 +136,16 @@ genca() { + local akid="authorityKeyIdentifier = keyid" + + exts=$(printf "%s\n%s\n%s\n" "$skid" "$akid" "basicConstraints = critical,CA:true") +- for eku in "$@" +- do +- exts=$(printf "%s\nextendedKeyUsage = %s\n" "$exts" "$eku") +- done ++ if [ -n "$purpose" ]; then ++ exts=$(printf "%s\nextendedKeyUsage = %s\n" "$exts" "$purpose") ++ fi + if [ -n "$NC" ]; then + exts=$(printf "%s\nnameConstraints = %s\n" "$exts" "$NC") + fi + csr=$(req "$key" "CN = $cn") || return 1 + echo "$csr" | + cert "$cert" "$exts" -CA "${cacert}.pem" -CAkey "${cakey}.pem" \ +- -set_serial 2 -days "${DAYS}" ++ -set_serial 2 -days "${DAYS}" "$@" + } + + gen_nonbc_ca() { +diff --git a/test/certs/setup.sh b/test/certs/setup.sh +index 04591bcc05fe..49aab7118f0f 100755 +--- a/test/certs/setup.sh ++++ b/test/certs/setup.sh +@@ -125,7 +125,7 @@ OPENSSL_KEYBITS=768 \ + # client intermediate ca: cca-cert + # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth + # +-./mkcert.sh genca "CA" ca-key cca-cert root-key root-cert clientAuth ++./mkcert.sh genca -p clientAuth "CA" ca-key cca-cert root-key root-cert + # + openssl x509 -in cca-cert.pem -trustout \ + -addtrust serverAuth -out cca+serverAuth.pem +@@ -143,7 +143,7 @@ openssl x509 -in cca-cert.pem -trustout \ + # server intermediate ca: sca-cert + # trust variants: +serverAuth, -serverAuth, +clientAuth, -clientAuth, -anyEKU, +anyEKU + # +-./mkcert.sh genca "CA" ca-key sca-cert root-key root-cert serverAuth ++./mkcert.sh genca -p serverAuth "CA" ca-key sca-cert root-key root-cert + # + openssl x509 -in sca-cert.pem -trustout \ + -addtrust serverAuth -out sca+serverAuth.pem +@@ -380,9 +380,14 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \ + # SHA1 + ./mkcert.sh genee PSS-SHA1 ee-key ee-pss-sha1-cert ca-key ca-cert \ + -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest +-# SHA256 ++# EE SHA256 + ./mkcert.sh genee PSS-SHA256 ee-key ee-pss-sha256-cert ca-key ca-cert \ +- -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest ++ -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:digest ++# CA-PSS ++./mkcert.sh genca "CA-PSS" ca-pss-key ca-pss-cert root-key root-cert \ ++ -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 ++./mkcert.sh genee "EE-PSS" ee-key ee-pss-cert ca-pss-key ca-pss-cert \ ++ -sha256 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 + + OPENSSL_KEYALG=ec OPENSSL_KEYBITS=brainpoolP256r1 ./mkcert.sh genee \ + "Server ECDSA brainpoolP256r1 cert" server-ecdsa-brainpoolP256r1-key \ +diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t +index 1336b8a72615..070c8e2245d6 100644 +--- a/test/recipes/25-test_verify.t ++++ b/test/recipes/25-test_verify.t +@@ -27,7 +27,7 @@ sub verify { + run(app([@args])); + } + +-plan tests => 145; ++plan tests => 146; + + # Canonical success + ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]), +@@ -377,6 +377,9 @@ ok(!verify("ee-pss-sha1-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_l + ok(verify("ee-pss-sha256-cert", "sslserver", ["root-cert"], ["ca-cert"], "-auth_level", "2"), + "PSS signature using SHA256 and auth level 2"); + ++ok(verify("ee-pss-cert", "sslserver", ["root-cert"], ["ca-pss-cert"], ), ++ "CA PSS signature"); ++ + ok(!verify("many-names1", "sslserver", ["many-constraints"], ["many-constraints"], ), + "Too many names and constraints to check (1)"); + ok(!verify("many-names2", "sslserver", ["many-constraints"], ["many-constraints"], ), diff --git a/debian/patches/series b/debian/patches/series index 8aa553ea9acd1..34e7f14e3f306 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,4 @@ c_rehash-compat.patch Set-systemwide-default-settings-for-libssl-users.patch x509_vfy.c-Fix-a-regression-in-find_isser.patch X509_cmp-Fix-comparison-in-case-x509v3_cache_extensions-f.patch +check_sig_alg_match-weaken-sig-nid-comparison-to-base-alg.patch