git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
jose
1
0
Fork 0
Files
Tree: a01d048edc
Branches Tags
jose
/
debian
/
patches
/
1711969854.v12-3-g4ee7708.fix-potential-dos-issue-with-p2c-header.patch

1711969854.v12-3-g4ee7708.fix-potential-dos-issue-with-p2c-header.patch 3.2 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586 
  1. Subject: Fix potential DoS issue with p2c header
    2. 

  2. ID: CVE-2023-50967
    3. 

  3. Origin: v12-3-g4ee7708 <https://github.com/latchset/jose/commit/v12-3-g4ee7708>
    4. 

  4. Upstream-Author: Sergio Correia <scorreia@redhat.com>
    5. 

  5. Date: Mon Apr 1 12:10:54 2024 +0100
    6. 

  6. 

  7.     Unbounded p2c headers may be used to cause an application that accept
    8. 

  8.     PBES algorithms to spend a lot of resources running PBKDF2 with a very
    9. 

  9.     high number of iterations.
    10. 

  10. 

  11.     Limit the maximum number of iterations to to 32768.
    12. 

  12. 

  13.     Fixes: CVE-2023-50967
    14. 

  14. 

  15.     Signed-off-by: Sergio Correia <scorreia@redhat.com>
    16. 

  16. 

  17. --- a/lib/openssl/pbes2.c
    18. 

  18. +++ b/lib/openssl/pbes2.c
    19. 

  19. @@ -25,6 +25,8 @@
    20. 

  20.  #include <string.h>
    21. 

  21.  
    22. 

  22.  #define NAMES "PBES2-HS256+A128KW", "PBES2-HS384+A192KW", "PBES2-HS512+A256KW"
    23. 

  23. +#define P2C_MIN_ITERATIONS 1000
    24. 

  24. +#define P2C_MAX_ITERATIONS 32768
    25. 

  25.  
    26. 

  26.  static json_t *
    27. 

  27.  pbkdf2(const char *alg, jose_cfg_t *cfg, const json_t *jwk, int iter,
    28. 

  28. @@ -170,7 +172,7 @@
    29. 

  29.      json_auto_t *hdr = NULL;
    30. 

  30.      const char *aes = NULL;
    31. 

  31.      json_t *h = NULL;
    32. 

  32. -    int p2c = 10000;
    33. 

  33. +    int p2c = P2C_MAX_ITERATIONS;
    34. 

  34.      size_t stl = 0;
    35. 

  35.  
    36. 

  36.      if (!json_object_get(cek, "k") && !jose_jwk_gen(cfg, cek))
    37. 

  37. @@ -203,7 +205,7 @@
    38. 

  38.          json_object_set_new(h, "p2c", json_integer(p2c)) < 0)
    39. 

  39.          return false;
    40. 

  40.  
    41. 

  41. -    if (p2c < 1000)
    42. 

  42. +    if (p2c < P2C_MIN_ITERATIONS || p2c > P2C_MAX_ITERATIONS)
    43. 

  43.          return false;
    44. 

  44.  
    45. 

  45.      if (json_object_set_new(h, "p2s", jose_b64_enc(st, stl)) == -1)
    46. 

  46. @@ -245,6 +247,9 @@
    47. 

  47.      if (json_unpack(hdr, "{s:I}", "p2c", &p2c) == -1)
    48. 

  48.          return false;
    49. 

  49.  
    50. 

  50. +    if (p2c > P2C_MAX_ITERATIONS)
    51. 

  51. +        return false;
    52. 

  52. +
    53. 

  53.      stl = jose_b64_dec(json_object_get(hdr, "p2s"), NULL, 0);
    54. 

  54.      if (stl < 8 || stl > sizeof(st))
    55. 

  55.          return false;
    56. 

  56. --- /dev/null
    57. 

  57. +++ b/tests/cve-2023-50967/cve-2023-50967.jwe
    58. 

  58. @@ -0,0 +1 @@
    59. 

  59. +{"ciphertext":"aaPb-JYGACs-loPwJkZewg","encrypted_key":"P1h8q8wLVxqYsZUuw6iEQTzgXVZHCsu8Eik-oqbE4AJGIDto3gb3SA","header":{"alg":"PBES2-HS256+A128KW","p2c":1000000000,"p2s":"qUQQWWkyyIqculSiC93mlg"},"iv":"Clg3JX9oNl_ck3sLSGrlgg","protected":"eyJlbmMiOiJBMTI4Q0JDLUhTMjU2In0","tag":"i7vga9tJkwRswFd7HlyD_A"}
    60. 

  60. --- /dev/null
    61. 

  61. +++ b/tests/cve-2023-50967/cve-2023-50967.jwk
    62. 

  62. @@ -0,0 +1 @@
    63. 

  63. +{"alg":"PBES2-HS256+A128KW","k":"VHBLJ4-PmnqELoKbQoXuRA","key_ops":["wrapKey","unwrapKey"],"kty":"oct"}
    64. 

  64. --- a/tests/jose-jwe-dec
    65. 

  65. +++ b/tests/jose-jwe-dec
    66. 

  66. @@ -53,3 +53,8 @@
    67. 

  67.  test "`jose jwe dec -i $prfx.13.jweg -k $prfx.13.1.jwk`" == "`cat $prfx.13.pt`"
    68. 

  68.  test "`jose jwe dec -i $prfx.13.jweg -k $prfx.13.2.jwk`" == "`cat $prfx.13.pt`"
    69. 

  69.  test "`jose jwe dec -i $prfx.13.jweg -k $prfx.13.3.jwk`" == "`cat $prfx.13.pt`"
    70. 

  70. +
    71. 

  71. +# CVE-2023-50967 - test originally from https://github.com/P3ngu1nW/CVE_Request/blob/main/latch-jose.md
    72. 

  72. +# This test is expected to fail quickly on patched systems.
    73. 

  73. +prfx="${CVE_2023_50967}/cve-2023-50967"
    74. 

  74. +! test "$(jose jwe dec -i $prfx.jwe -k $prfx.jwk)"
    75. 

  75. --- a/tests/Makefile.am
    76. 

  76. +++ b/tests/Makefile.am
    77. 

  77. @@ -2,7 +2,8 @@
    78. 

  78.  LDFLAGS += $(top_builddir)/lib/libjose.la @jansson_LIBS@
    79. 

  79.  EXTRA_DIST = vectors
    80. 

  80.  
    81. 

  81. -AM_TESTS_ENVIRONMENT=PATH=$(top_builddir)/cmd:$(PATH) VECTORS=$(top_srcdir)/tests/vectors
    82. 

  82. +AM_TESTS_ENVIRONMENT=PATH=$(top_builddir)/cmd:$(PATH) VECTORS=$(top_srcdir)/tests/vectors CVE_2023_50967=$(top_srcdir)/tests/cve-2023-50967
    83. 

  83. +
    84. 

  84.  TESTS = $(dist_check_SCRIPTS) $(check_PROGRAMS)
    85. 

  85.  
    86. 

  86.  check_PROGRAMS = \
    87.