Skip to content

Commit 8e7eef4

Browse files
miyazakhmiyazakh
committed
fix fenrir-301: Read-only lock not released on early return
1 parent d7bd35c commit 8e7eef4

2 files changed

Lines changed: 48 additions & 1 deletion

File tree

src/internal.c

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10626,8 +10626,12 @@ int WP11_Rsa_Verify(unsigned char* sig, word32 sigLen, unsigned char* in,
1062610626
if (pub->onToken)
1062710627
WP11_Lock_LockRO(pub->lock);
1062810628
decSigLen = wc_RsaEncryptSize(pub->data.rsaKey);
10629-
if (inLen > decSigLen)
10629+
if (inLen > decSigLen) {
10630+
if(pub->onToken)
10631+
WP11_Lock_UnlockRO(pub->lock);
1063010632
return BUFFER_E;
10633+
}
10634+
1063110635
ret = wc_RsaDirect(sig, sigLen, decSig, &decSigLen, pub->data.rsaKey,
1063210636
RSA_PUBLIC_DECRYPT, NULL);
1063310637
if (pub->onToken)

tests/pkcs11test.c

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7634,6 +7634,46 @@ static CK_RV test_rsa_x_509_fail(void* args)
76347634
return ret;
76357635
}
76367636

7637+
#ifdef WC_RSA_DIRECT
7638+
/* Regression test for WP11_Rsa_Verify early return when inLen > key size. */
7639+
static CK_RV test_rsa_x_509_verify_lock(void* args)
7640+
{
7641+
CK_SESSION_HANDLE session = *(CK_SESSION_HANDLE*)args;
7642+
CK_RV ret;
7643+
CK_MECHANISM mech;
7644+
CK_OBJECT_HANDLE pub = CK_INVALID_HANDLE;
7645+
/* One byte larger than RSA-2048 key size (256 bytes) */
7646+
byte overData[2048/8 + 1];
7647+
byte sig[2048/8];
7648+
CK_ULONG sigSz = sizeof(sig);
7649+
7650+
mech.mechanism = CKM_RSA_X_509;
7651+
mech.ulParameterLen = 0;
7652+
mech.pParameter = NULL;
7653+
7654+
memset(overData, 0, sizeof(overData));
7655+
memset(sig, 0, sizeof(sig));
7656+
7657+
/* Token-based key so pub->onToken=1 and the lock path is active */
7658+
ret = get_rsa_pub_key(session, NULL, 0, &pub);
7659+
7660+
/* inLen > decSigLen triggers the early return path in WP11_Rsa_Verify */
7661+
if (ret == CKR_OK) {
7662+
ret = funcList->C_VerifyInit(session, &mech, pub);
7663+
CHECK_CKR(ret, "RSA X_509 Verify Init token key");
7664+
}
7665+
if (ret == CKR_OK) {
7666+
ret = funcList->C_Verify(session, overData, sizeof(overData),
7667+
sig, sigSz);
7668+
CHECK_CKR_FAIL(ret, CKR_FUNCTION_FAILED,
7669+
"RSA X_509 Verify oversized data");
7670+
}
7671+
7672+
funcList->C_DestroyObject(session, pub);
7673+
return ret;
7674+
}
7675+
#endif /* WC_RSA_DIRECT */
7676+
76377677
static CK_RV test_rsa_pkcs_encdec_fail(void* args)
76387678
{
76397679
CK_SESSION_HANDLE session = *(CK_SESSION_HANDLE*)args;
@@ -15846,6 +15886,9 @@ static TEST_FUNC testFunc[] = {
1584615886
#endif
1584715887
PKCS11TEST_FUNC_SESS_DECL(test_rsa_fixed_keys_store_token),
1584815888
PKCS11TEST_FUNC_SESS_DECL(test_rsa_x_509_fail),
15889+
#ifdef WC_RSA_DIRECT
15890+
PKCS11TEST_FUNC_SESS_DECL(test_rsa_x_509_verify_lock),
15891+
#endif
1584915892
PKCS11TEST_FUNC_SESS_DECL(test_rsa_pkcs_encdec_fail),
1585015893
#ifndef WC_NO_RSA_OAEP
1585115894
PKCS11TEST_FUNC_SESS_DECL(test_rsa_pkcs_oaep_encdec_fail),

0 commit comments

Comments
 (0)