Reject incorrect RSA key lengths during key generation and and sign/verify context...

diff --git a/CHANGES b/CHANGES
index 9d73a8b8354f003da792821ac6a34831b4579069..4d67159f0976a3f1742ab40c6cbb13554a44d002 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,7 @@
+4601.  [bug]           Reject incorrect RSA key lengths during key
+                       generation and and sign/verify context
+                       creation. [RT #45043]
+
 4600.  [bug]           Adjust RPZ trigger counts only when the entry
                        being deleted exists. [RT #43386]
 

diff --git a/lib/dns/opensslrsa_link.c b/lib/dns/opensslrsa_link.c
index ad4884cf6c9c3ee1deafa8bee365d0fec6267e67..8e3a4ef9949d3f2dbf7073f717925dc9b8b7133a 100644 (file)
--- a/lib/dns/opensslrsa_link.c
+++ b/lib/dns/opensslrsa_link.c
@@ -261,6 +261,33 @@ opensslrsa_createctx(dst_key_t *key, dst_context_t *dctx) {
                dctx->key->key_alg == DST_ALG_RSASHA512);
 #endif
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (dctx->key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (dctx->key->key_size > 4096)
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 512) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 1024) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       default:
+               INSIST(0);
+       }
+
 #if USE_EVP
        evp_md_ctx = EVP_MD_CTX_create();
        if (evp_md_ctx == NULL)
@@ -958,6 +985,33 @@ opensslrsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
        EVP_PKEY *pkey = EVP_PKEY_new();
 #endif
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (key->key_size > 4096)
+                       goto err;
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((key->key_size < 512) ||
+                   (key->key_size > 4096))
+                       goto err;
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((key->key_size < 1024) ||
+                   (key->key_size > 4096))
+                       goto err;
+               break;
+       default:
+               INSIST(0);
+       }
+
        if (rsa == NULL || e == NULL || cb == NULL)
                goto err;
 #if USE_EVP

diff --git a/lib/dns/pkcs11rsa_link.c b/lib/dns/pkcs11rsa_link.c
index d213fc5e099239013e8bfe1a8b5c3e353625103e..32aa5df80f1d621797326a4437e4078dad0543b6 100644 (file)
--- a/lib/dns/pkcs11rsa_link.c
+++ b/lib/dns/pkcs11rsa_link.c
@@ -92,6 +92,33 @@ pkcs11rsa_createctx_sign(dst_key_t *key, dst_context_t *dctx) {
                key->key_alg == DST_ALG_RSASHA512);
 #endif
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (dctx->key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (dctx->key->key_size > 4096)
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 512) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 1024) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       default:
+               INSIST(0);
+       }
+
        rsa = key->keydata.pkey;
 
        pk11_ctx = (pk11_context_t *) isc_mem_get(dctx->mctx,
@@ -301,6 +328,33 @@ pkcs11rsa_createctx_verify(dst_key_t *key, unsigned int maxbits,
                key->key_alg == DST_ALG_RSASHA512);
 #endif
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (dctx->key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (dctx->key->key_size > 4096)
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 512) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 1024) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       default:
+               INSIST(0);
+       }
+
        rsa = key->keydata.pkey;
 
        pk11_ctx = (pk11_context_t *) isc_mem_get(dctx->mctx,
@@ -549,6 +603,33 @@ pkcs11rsa_createctx(dst_key_t *key, dst_context_t *dctx) {
 #endif
        REQUIRE(rsa != NULL);
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (dctx->key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (dctx->key->key_size > 4096)
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 512) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 1024) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       default:
+               INSIST(0);
+       }
+
        switch (key->key_alg) {
 #ifndef PK11_MD5_DISABLE
        case DST_ALG_RSAMD5:
@@ -678,6 +759,33 @@ pkcs11rsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
 #endif
        REQUIRE(rsa != NULL);
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (dctx->key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (dctx->key->key_size > 4096)
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 512) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((dctx->key->key_size < 1024) ||
+                   (dctx->key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       default:
+               INSIST(0);
+       }
+
        switch (key->key_alg) {
 #ifndef PK11_MD5_DISABLE
        case DST_ALG_RSAMD5:
@@ -1094,6 +1202,33 @@ pkcs11rsa_generate(dst_key_t *key, int exp, void (*callback)(int)) {
 
        UNUSED(callback);
 
+       /*
+        * Reject incorrect RSA key lengths.
+        */
+       switch (key->key_alg) {
+       case DST_ALG_RSAMD5:
+       case DST_ALG_RSASHA1:
+       case DST_ALG_NSEC3RSASHA1:
+               /* From RFC 3110 */
+               if (key->key_size > 4096)
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA256:
+               /* From RFC 5702 */
+               if ((key->key_size < 512) ||
+                   (key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       case DST_ALG_RSASHA512:
+               /* From RFC 5702 */
+               if ((key->key_size < 1024) ||
+                   (key->key_size > 4096))
+                       return (ISC_R_FAILURE);
+               break;
+       default:
+               INSIST(0);
+       }
+
        pk11_ctx = (pk11_context_t *) isc_mem_get(key->mctx,
                                                  sizeof(*pk11_ctx));
        if (pk11_ctx == NULL)