[Skiboot] [PATCH 3/3] secvar/pkcs7: fix a wrong sizeof()
Cédric Le Goater
clg at kaod.org
Thu Dec 9 21:13:36 AEDT 2021
On 5/25/21 05:34, Daniel Axtens wrote:
> This code isn't directly used by skiboot, but it is wrong and potentially
> insecure so I'm fixing it in case it's used in the future.
>
> We pass sizeof(hash) into mbedtls_pk_verify(). However, hash is a pointer,
> not an array, so rather than passing the length of the hash to verify we'll
> pass in 8, and only compare the first 8 bytes of the hash rather than all 32.
>
> Pass in 0 instead. That tells mbedtls to work out the length based on the
> hash type. We allocated enough memory for whatever hash type the PKCS#7
> message declared so this will be safe.
>
> Signed-off-by: Daniel Axtens <dja at axtens.net>
Applied to master.
Thanks,
C.
More information about the Skiboot
mailing list