edk2/0041-Fix-DH_check-excessive-time-with-over-sized-modulus.patch

From 01fae0d95d961c14a7819e02ec16e43c1225dfa9 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 6 Jul 2023 16:36:35 +0100
Subject: [PATCH 07/11] Fix DH_check() excessive time with over sized modulus

The DH_check() function checks numerous aspects of the key or parameters
that have been supplied. Some of those checks use the supplied modulus
value even if it is excessively large.

There is already a maximum DH modulus size (10,000 bits) over which
OpenSSL will not generate or derive keys. DH_check() will however still
perform various tests for validity on such a large modulus. We introduce a
new maximum (32,768) over which DH_check() will just fail.

An application that calls DH_check() and supplies a key or parameters
obtained from an untrusted source could be vulnerable to a Denial of
Service attack.

The function DH_check() is itself called by a number of other OpenSSL
functions. An application calling any of those other functions may
similarly be affected. The other functions affected by this are
DH_check_ex() and EVP_PKEY_param_check().

CVE-2023-3446

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

reference: https://github.com/openssl/openssl/pull/21452
Signed-off-by: yexiao <yexiao7@huawei.com>
---
 CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c   | 6 ++++++
 CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_err.c     | 3 ++-
 CryptoPkg/Library/OpensslLib/openssl/crypto/err/openssl.txt | 1 +
 CryptoPkg/Library/OpensslLib/openssl/include/openssl/dh.h   | 4 ++++
 .../Library/OpensslLib/openssl/include/openssl/dherr.h      | 3 ++-
 5 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c
index 4ac169e7..e5f9dd50 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_check.c
@@ -101,6 +101,12 @@ int DH_check(const DH *dh, int *ret)
     BN_CTX *ctx = NULL;
     BIGNUM *t1 = NULL, *t2 = NULL;
 
+    /* Don't do any checks at all with an excessively large modulus */
+    if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) {
+        DHerr(DH_F_DH_CHECK, DH_R_MODULUS_TOO_LARGE);
+        return 0;
+    }
+
     if (!DH_check_params(dh, ret))
         return 0;
 
diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_err.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_err.c
index 7285587b..92800d3f 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_err.c
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/dh/dh_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -18,6 +18,7 @@ static const ERR_STRING_DATA DH_str_functs[] = {
     {ERR_PACK(ERR_LIB_DH, DH_F_DHPARAMS_PRINT_FP, 0), "DHparams_print_fp"},
     {ERR_PACK(ERR_LIB_DH, DH_F_DH_BUILTIN_GENPARAMS, 0),
      "dh_builtin_genparams"},
+    {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK, 0), "DH_check"},
     {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_EX, 0), "DH_check_ex"},
     {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PARAMS_EX, 0), "DH_check_params_ex"},
     {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY_EX, 0), "DH_check_pub_key_ex"},
diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/err/openssl.txt b/CryptoPkg/Library/OpensslLib/openssl/crypto/err/openssl.txt
index 03d16406..a07f1a1b 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/err/openssl.txt
+++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/err/openssl.txt
@@ -401,6 +401,7 @@ CT_F_SCT_SET_VERSION:104:SCT_set_version
 DH_F_COMPUTE_KEY:102:compute_key
 DH_F_DHPARAMS_PRINT_FP:101:DHparams_print_fp
 DH_F_DH_BUILTIN_GENPARAMS:106:dh_builtin_genparams
+DH_F_DH_CHECK:126:DH_check
 DH_F_DH_CHECK_EX:121:DH_check_ex
 DH_F_DH_CHECK_PARAMS_EX:122:DH_check_params_ex
 DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pub_key_ex
diff --git a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dh.h b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dh.h
index 3527540c..ff00397c 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dh.h
+++ b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dh.h
@@ -30,6 +30,10 @@ extern "C" {
 #  define OPENSSL_DH_MAX_MODULUS_BITS    10000
 # endif
 
+# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS
+#  define OPENSSL_DH_CHECK_MAX_MODULUS_BITS  32768
+# endif
+
 # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024
 
 # define DH_FLAG_CACHE_MONT_P     0x01
diff --git a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dherr.h b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dherr.h
index 916b3bed..528c8198 100644
--- a/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dherr.h
+++ b/CryptoPkg/Library/OpensslLib/openssl/include/openssl/dherr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -30,6 +30,7 @@ int ERR_load_DH_strings(void);
 #  define DH_F_COMPUTE_KEY                                 102
 #  define DH_F_DHPARAMS_PRINT_FP                           101
 #  define DH_F_DH_BUILTIN_GENPARAMS                        106
+#  define DH_F_DH_CHECK                                    126
 #  define DH_F_DH_CHECK_EX                                 121
 #  define DH_F_DH_CHECK_PARAMS_EX                          122
 #  define DH_F_DH_CHECK_PUB_KEY_EX                         123
-- 
2.33.0