From b72c9eead6c40c8710af2913faedde3c5eb4384e Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Mon, 26 Nov 2018 18:02:22 +0100 Subject: [PATCH] pki: Sanitize input to verification Signed-off-by: Jakub Jelen Reviewed-by: Andreas Schneider --- src/pki_crypto.c | 10 +++++++++- src/pki_gcrypt.c | 8 ++++++++ src/pki_mbedcrypto.c | 8 ++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) diff --git a/src/pki_crypto.c b/src/pki_crypto.c index 366b377d..617f9bea 100644 --- a/src/pki_crypto.c +++ b/src/pki_crypto.c @@ -1797,7 +1797,15 @@ int pki_signature_verify(ssh_session session, int rc; int nid; - switch(key->type) { + if (key->type != sig->type) { + SSH_LOG(SSH_LOG_WARN, + "Can not verify %s signature with %s key", + sig->type_c, + key->type_c); + return SSH_ERROR; + } + + switch (key->type) { case SSH_KEYTYPE_DSS: rc = DSA_do_verify(hash, hlen, diff --git a/src/pki_gcrypt.c b/src/pki_gcrypt.c index 5506edfb..c0cf5926 100644 --- a/src/pki_gcrypt.c +++ b/src/pki_gcrypt.c @@ -2034,6 +2034,14 @@ int pki_signature_verify(ssh_session session, gcry_sexp_t sexp; gcry_error_t err; + if (key->type != sig->type) { + SSH_LOG(SSH_LOG_WARN, + "Can not verify %s signature with %s key", + sig->type_c, + key->type_c); + return SSH_ERROR; + } + switch(key->type) { case SSH_KEYTYPE_DSS: /* That is to mark the number as positive */ diff --git a/src/pki_mbedcrypto.c b/src/pki_mbedcrypto.c index ee791db0..ccce014c 100644 --- a/src/pki_mbedcrypto.c +++ b/src/pki_mbedcrypto.c @@ -1008,6 +1008,14 @@ int pki_signature_verify(ssh_session session, const ssh_signature sig, const int rc; mbedtls_md_type_t md = 0; + if (key->type != sig->type) { + SSH_LOG(SSH_LOG_WARN, + "Can not verify %s signature with %s key", + sig->type_c, + key->type_c); + return SSH_ERROR; + } + switch (key->type) { case SSH_KEYTYPE_RSA: switch (sig->hash_type) {