Permalink
Browse files

Merge master into 2.6.51dev branch

  • Loading branch information...
shussain committed Aug 24, 2018
2 parents 613e98c + 0b460be commit 1b7841e674fcc4f9f36f885630a25dd41ef1a456
View
13 CHANGES
@@ -8,6 +8,19 @@ v2.6.51rc1 (2018)
Additional work to enable NAT-Traversal in IKEv2.
v2.6.50.1 (August 24, 2018)
This release fixes CVE-2018-15836 (a Bleichenbacher-style signature
forgery which involves RSA padding attack)
* wo#7449 . test case for Bleichenbacher-style signature forgery [Bart Trojanowski]
* wo#7449 . verify padding contents for IKEv2 RSA sig check [Bart Trojanowski]
* wo#7449 . added lo06-verifybadsigs test case [Bart Trojanowski]
* b01-install test case will no longer spam with the environment
variables [Bart Trojanowski]
* lp28-addrinfoserialize: IP address for moon changed to
192.139.46.82 [Bart Trojanowski]
v2.6.50 (August 3, 2017)
Bug fixes for RSA key size and other issues
@@ -157,8 +157,21 @@ err_t verify_signed_hash(const struct RSA_public_key *k
return "3""SIG padding does not check out";
}
s += padlen + 3;
(*psig) = s;
/* signature starts after ASN wrapped padding [00,01,FF..FF,00] */
(*psig) = s + padlen + 3;
/* verify padding contents */
{
const u_char *p;
size_t cnt_ffs = 0;
for (p = s+2; p < s+padlen+2; p++)
if (*p == 0xFF)
cnt_ffs ++;
if (cnt_ffs != padlen)
return "4" "invalid Padding String";
}
/* return SUCCESS */
return NULL;
@@ -22,7 +22,7 @@ check:
@mkdir -p ../OUTPUTS
@rm -rf ${buildtmp}
@mkdir -p ${buildtmp}
env
env > ../OUTPUTS/env
${MAKE} --no-print-directory -C ${OPENSWANSRCDIR} DESTDIR=${buildtmp} programs install
(cd ${buildtmp} && find . -type f -print) | LC_ALL=C sort | tee ../OUTPUTS/01-build-list.raw | diff - 01-build-list.txt || cat ../OUTPUTS/01-build-list.raw
${MAKE} --no-print-directory -C ${OPENSWANSRCDIR} DESTDIR=${buildtmp} programs install
@@ -22,6 +22,8 @@ clean check:
@${MAKE} -C lo03-includesecrets $@
@${MAKE} -C lo04-verifypubkeys $@
@${MAKE} -C lo05-datatot $@
@${MAKE} -C lo06-verifybadsigs $@
@${MAKE} -C lo07-bleichenbacher-attack $@
@@ -0,0 +1,4 @@
.gdbinit
OUTPUT
verifybadsigs
@@ -0,0 +1,59 @@
# OpenS/WAN testing makefile
# Copyright (C) 2018 Bart Trojanowski <bart@xelerance.com>
# Copyright (C) 2014 Michael Richardson <mcr@xelerance.com>
# Copyright (C) 2002 Michael Richardson <mcr@freeswan.org>
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published by the
# Free Software Foundation; either version 2 of the License, or (at your
# option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
# for more details.
OPENSWANSRCDIR?=$(shell cd ../../../..; pwd)
srcdir?=${OPENSWANSRCDIR}/tests/unit/libpluto/lp01-spdbtest
include $(OPENSWANSRCDIR)/Makefile.inc
EXTRAFLAGS+=${USERCOMPILE} ${PORTINCLUDE}
EXTRAFLAGS+=-I${OPENSWANSRCDIR}/programs/pluto
EXTRAFLAGS+=-I${OPENSWANSRCDIR}/include/pluto
EXTRAFLAGS+=-I${OPENSWANSRCDIR}/include
EXTRALIBS+=${LIBOSWLOG} ${LIBOPENSWAN} ${LIBOSWLOG} ${LIBOSWKEYS}
EXTRALIBS+=${NSS_LIBS} ${FIPS_LIBS} ${LIBGMP} ${CRYPTOLIBS}
EXTRAFLAGS+=${NSS_FLAGS} ${FIPS_FLAGS}
EXTRAFLAGS+=${NSS_HDRDIRS} ${FIPS_HDRDIRS}
TESTNUMBER=lo06-verifybadsigs
TESTNAME=verifybadsigs
UNITTESTARGS=
check: ${TESTNAME}
@mkdir -p OUTPUT
${COREULIMIT} && ./${TESTNAME} ${UNITTESTARGS} >OUTPUT/${TESTNAME}.txt 2>&1
diff OUTPUT/${TESTNAME}.txt output.txt
@: recordresults lib-$testobj "$testexpect" "$stat" lib-$testobj false
.PHONY: ${TESTNAME}
${TESTNAME}: ${TESTNAME}.c
@echo CC ${TESTNAME}.c
@${CC} -o ${TESTNAME} ${EXTRAFLAGS} ${TESTNAME}.c ${EXTRALIBS} ${EXTRALIBS}
@echo "file ${TESTNAME}" >.gdbinit
@echo "set args "${UNITTESTARGS} >>.gdbinit
update:
cp OUTPUT/${TESTNAME}.txt output.txt
initiate:
(echo ': RSA {'; ${OBJDIRTOP}/programs/rsasigkey/rsasigkey --random /dev/urandom 512 --hostname fivetwelve; echo ' }') >key-0512.secrets
(echo ': RSA {'; ${OBJDIRTOP}/programs/rsasigkey/rsasigkey --random /dev/urandom 1024 --hostname fivetwelve; echo ' }') >key-1024.secrets
(echo ': RSA {'; ${OBJDIRTOP}/programs/rsasigkey/rsasigkey --random /dev/urandom 2048 --hostname fivetwelve; echo ' }') >key-2048.secrets
(echo ': RSA {'; ${OBJDIRTOP}/programs/rsasigkey/rsasigkey --random /dev/urandom 3072 --hostname fivetwelve; echo ' }') >key-3072.secrets
(echo ': RSA {'; ${OBJDIRTOP}/programs/rsasigkey/rsasigkey --random /dev/urandom 4096 --hostname fivetwelve; echo ' }') >key-4096.secrets
(echo ': RSA {'; ${OBJDIRTOP}/programs/rsasigkey/rsasigkey --random /dev/urandom 8192 --hostname fivetwelve; echo ' }') >key-8192.secrets
@@ -0,0 +1,5 @@
This unit test case is a clone of lo02-verifysigs. However, instead of testing
successful sign/verify operation, it applies various corruptions to the signature
and validates that verify_signed_hash() can handle the error.
This test reuses *.secrets files from ../lo02-verifysigs
Oops, something went wrong.

0 comments on commit 1b7841e

Please sign in to comment.