git.baikalelectronics.ru Git - kernel.git/commit

author	Eric Biggers <ebiggers@google.com>
	Thu, 22 Feb 2018 14:38:33 +0000 (14:38 +0000)
committer	David Howells <dhowells@redhat.com>
	Thu, 22 Feb 2018 14:38:33 +0000 (14:38 +0000)
commit	5dcfbdb8833ff5e67b016977fcdff09d9ac4a66f
tree	92ebf88fb34ed78abaddb1a69f1940868096546d	tree \| snapshot
parent	60d4a4fd256e1b5eb86b6436a1d7a79f67e5922f	commit \| diff

PKCS#7: fix direct verification of SignerInfo signature

If none of the certificates in a SignerInfo's certificate chain match a
trusted key, nor is the last certificate signed by a trusted key, then
pkcs7_validate_trust_one() tries to check whether the SignerInfo's
signature was made directly by a trusted key. But, it actually fails to
set the 'sig' variable correctly, so it actually verifies the last
signature seen. That will only be the SignerInfo's signature if the
certificate chain is empty; otherwise it will actually be the last
certificate's signature.

This is not by itself a security problem, since verifying any of the
certificates in the chain should be sufficient to verify the SignerInfo.
Still, it's not working as intended so it should be fixed.

Fix it by setting 'sig' correctly for the direct verification case.

Fixes: 90fbff7d4f15 ("PKCS#7: Handle PKCS#7 messages that contain no X.509 certs")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: David Howells <dhowells@redhat.com>