Don't try and verify signatures if key is NULL (CVE-2013-0166)
authorDr. Stephen Henson <steve@openssl.org>
Thu, 24 Jan 2013 13:30:42 +0000 (13:30 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 29 Jan 2013 16:49:24 +0000 (16:49 +0000)
Add additional check to catch this in ASN1_item_verify too.

CHANGES
crypto/asn1/a_verify.c
crypto/ocsp/ocsp_vfy.c

diff --git a/CHANGES b/CHANGES
index ef8b2bf..4cc7c13 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 1.0.1c and 1.0.1d [xx XXX xxxx]
 
+  *) Return an error when checking OCSP signatures when key is NULL.
+     This fixes a DoS attack. (CVE-2013-0166)
+     [Steve Henson]
+
   *) Make openssl verify return errors.
      [Chris Palmer <palmer@google.com> and Ben Laurie]
 
index 432722e..fc84cd3 100644 (file)
@@ -140,6 +140,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
 
        int mdnid, pknid;
 
+       if (!pkey)
+               {
+               ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
+               return -1;
+               }
+
        EVP_MD_CTX_init(&ctx);
 
        /* Convert signature OID into digest and public key OIDs */
index 8a5e788..2767183 100644 (file)
@@ -91,9 +91,12 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
                {
                EVP_PKEY *skey;
                skey = X509_get_pubkey(signer);
-               ret = OCSP_BASICRESP_verify(bs, skey, 0);
-               EVP_PKEY_free(skey);
-               if(ret <= 0)
+               if (skey)
+                       {
+                       ret = OCSP_BASICRESP_verify(bs, skey, 0);
+                       EVP_PKEY_free(skey);
+                       }
+               if(!skey || ret <= 0)
                        {
                        OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
                        goto end;