v2.8 SIGSEGV in check_key_fork

Shaeto commented 6 months ago

Description:

SIGSEGV in check_key_fork

Affected version: v2.8.

Steps to Reproduce:

Build under CentOS Stream 9, gcc (GCC) 11.4.1, (libcrypto v3.2.1)

run:

osslsigncode sign \
    -pkcs11engine /usr/lib64/engines-3/pkcs11.so \
    -pkcs11module /usr/lib64/pkcs11/libeTPkcs11.so \
    -pkcs11cert 'pkcs11:token=xxxxxxx' \
    -key 'pkcs11:token=xxxxxxx' \
    -in samples1.exe -out samples1-signed.exe

stack trace:

Thread 1 "osslsigncode" received signal SIGSEGV, Segmentation fault.
check_key_fork (key=key@entry=0x5555555c7db0) at /usr/src/debug/openssl-pkcs11-0.4.11-9.el9.x86_64/src/p11_atfork.c:224
224             cpriv = PRIVCTX(KEY2CTX(key));
(gdb) bt
#0  check_key_fork (key=key@entry=0x5555555c7db0) at /usr/src/debug/openssl-pkcs11-0.4.11-9.el9.x86_64/src/p11_atfork.c:224
#1  0x00007ffff7e8a2df in pkcs11_rsa_priv_enc_method (flen=51, from=0x5555555c7650 "010\r\006\t`\206H\001e\003\004\002\001\005", to=0x5555555de530 "~\227\t", rsa=0x5555555c9040, padding=1)
    at /usr/src/debug/openssl-pkcs11-0.4.11-9.el9.x86_64/src/p11_rsa.c:381
#2  0x00007ffff7a17acd in RSA_sign (type=<optimized out>, m=m@entry=0x7fffffffb9c0 "\355\374\357Q%ߪ\363\371\233\306^\001[\034\326@]\340\272\030B\242\277Ṵh\365\306\361\025", m_len=m_len@entry=32, sigret=sigret@entry=0x5555555de530 "~\227\t", 
    siglen=siglen@entry=0x7fffffffb954, rsa=rsa@entry=0x5555555c9040) at crypto/rsa/rsa_sign.c:307
#3  0x00007ffff7a19dfd in pkey_rsa_sign (ctx=0x5555555a1940, sig=0x5555555de530 "~\227\t", siglen=0x7fffffffba50, tbs=0x7fffffffb9c0 "\355\374\357Q%ߪ\363\371\233\306^\001[\034\326@]\340\272\030B\242\277Ṵh\365\306\361\025", tbslen=32)
    at crypto/rsa/rsa_pmeth.c:178
#4  0x00007ffff79ae242 in EVP_DigestSignFinal (ctx=0x5555555e2aa0, sigret=0x5555555de530 "~\227\t", siglen=0x7fffffffba50) at crypto/evp/m_sigver.c:677
#5  0x00007ffff79fd45b in PKCS7_SIGNER_INFO_sign (si=si@entry=0x5555555e1ca0) at crypto/pkcs7/pk7_doit.c:934
#6  0x00007ffff79fd634 in do_pkcs7_signed_attrib (mctx=0x5555555e29d0, si=0x5555555e1ca0) at crypto/pkcs7/pk7_doit.c:711
#7  PKCS7_dataFinal (p7=p7@entry=0x5555555c7ba0, bio=bio@entry=0x5555555e2860) at crypto/pkcs7/pk7_doit.c:833
#8  0x00005555555688d1 in pkcs7_sign_content (p7=p7@entry=0x5555555c7ba0, data=0x5555555e2762 "04\006\n+\006\001\004\001\202\067\002\001\017\060&\003\002\a\200\240 \242\036\200\034", len=105) at /root/osslsigncode/helpers.c:396
#9  0x00005555555689d1 in sign_spc_indirect_data_content (p7=p7@entry=0x5555555c7ba0, content=content@entry=0x5555555e2560) at /root/osslsigncode/helpers.c:280
#10 0x000055555556da4a in pe_pkcs7_signature_new (ctx=<optimized out>, hash=0x5555555bae80) at /root/osslsigncode/pe.c:407
#11 0x0000555555560001 in main (argc=<optimized out>, argv=<optimized out>) at /root/osslsigncode/osslsigncode.c:4921

mtrojnar commented 6 months ago

Why do you think a crash in libp11 should be fixed in osslsigncode?

Shaeto commented 6 months ago

well, i have fixed problem using workaround patch from https://github.com/mtrojnar/osslsigncode/issues/316 (move engine close)

so, openssl 3.2.1 still have this problem

samhed commented 4 months ago

osslsigncode 2.8.4 from Fedoras repos crashes with a SIGSEGV on Fedora 40.

The command I used was:

GOOGLE_APPLICATION_CREDENTIALS=gcloud-production.json \
KMS_PKCS11_CONFIG=production_pkcs11-config.yaml \
PKCS11_MODULE_PATH=libkmsp11-1.5-linux-amd64/libkmsp11.so \
osslsigncode sign \
-pkcs11engine /usr/lib64/engines-3/pkcs11.so \
-certs codesign_windows_cert.pem \
-key pkcs11:object=xxxxxx \
-n ThinLinc client \
-i https://www.cendio.com/ \
-comm \
-ts http://rfc3161timestamp.globalsign.com/advanced \
-in client-windows/unsigned-client.exe \
-out client-windows/tl-4.17.0-client-windows.exe

The output is:

Engine "pkcs11" set.
Segmentation fault (core dumped)

The end out the output with strace:

...
futex(0x7f7485400990, FUTEX_WAIT_BITSET|FUTEX_CLOCK_REALTIME, 1258279, NULL, FUTEX_BITSET_MATCH_ANY) = -1 EAGAIN (Resource temporarily unavailable)
munmap(0x7f7470e00000, 8392704)         = 0
close(4)                                = 0
close(3)                                = 0
munmap(0x7f74855bb000, 10842712)        = 0
munmap(0x7f748674e000, 16392)           = 0
munmap(0x7f74854d8000, 925712)          = 0
openat(AT_FDCWD, "codesign_windows_cert.pem", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2585, ...}) = 0
lseek(3, 0, SEEK_SET)                   = 0
read(3, "-----BEGIN CERTIFICATE-----\nMIIH"..., 4096) = 2585
read(3, "", 4096)                       = 0
close(3)                                = 0
openat(AT_FDCWD, "client-windows/tl-4.17.0-client-windows.exe", O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0666) = 3
newfstatat(AT_FDCWD, "client-windows/unsigned.exe", {st_mode=S_IFREG|0644, st_size=15089536, ...}, 0) = 0
openat(AT_FDCWD, "client-windows/unsigned.exe", O_RDONLY) = 4
mmap(NULL, 15089536, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f747f19c000
close(4)                                = 0
munmap(0x7f747f19c000, 15089536)        = 0
newfstatat(AT_FDCWD, "client-windows/unsigned.exe", {st_mode=S_IFREG|0644, st_size=15089536, ...}, 0) = 0
openat(AT_FDCWD, "client-windows/unsigned.exe", O_RDONLY) = 4
mmap(NULL, 15089536, PROT_READ, MAP_PRIVATE, 4, 0) = 0x7f747f19c000
close(4)                                = 0
fstat(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
brk(0x558c7f110000)                     = 0x558c7f110000
write(3, "MZ\220\0\3\0\0\0\4\0\0\0\377\377\0\0\270\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 8192) = 8192
write(3, "Q\211\307\211\34$\350\30U\0\0\205\300Rt}\213\205p\376\377\377\211\34$\307\205\254\376\377\377\2"..., 15065088) = 15065088
openat(AT_FDCWD, "/etc/localtime", O_RDONLY|O_CLOEXEC) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=2298, ...}) = 0
fstat(4, {st_mode=S_IFREG|0644, st_size=2298, ...}) = 0
read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\t\0\0\0\t\0\0\0\0"..., 4096) = 2298
lseek(4, -1449, SEEK_CUR)               = 849
read(4, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\t\0\0\0\t\0\0\0\0"..., 4096) = 1449
close(4)                                = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault (core dumped)

Works on fedora 39 with:

osslsigncode-2.8-4.20240501gita53bd2b.fc39.x86_64
openssl-pkcs11-0.4.12-4.fc39.x86_64
openssl-libs-3.1.1-4.fc39.x86_64
openssl-3.1.1-4.fc39.x86_64

Not working on fedora 40 with:

osslsigncode-2.8-4.20240501gita53bd2b.fc40.x86_64
openssl-pkcs11-0.4.12-8.fc40.x86_64
openssl-libs-3.2.1-2.fc40.x86_64
openssl-3.2.1-2.fc40.x86_64

samhed commented 4 months ago

Issue remains with osslsigncode-2.9-1.fc40.x86_64.

mtrojnar commented 2 weeks ago

@olszomal I'm afraid check_key_fork crash may be a separate issue...

olszomal commented 2 weeks ago

I believe this issue is related to specific OpenSSL versions that cause a segmentation fault during private key operations. The fault occurs in engine operations and has been addressed upstream with commit openssl/openssl@39ea783.

OpenSSL versions requiring a workaround include:

OpenSSL 3.0.12 (0x300000c0L)
OpenSSL 3.0.13 (0x300000d0L)
OpenSSL 3.1.4 (0x30100040L)
OpenSSL 3.1.5 (0x30100050L)
OpenSSL 3.2.0 (0x30200000L)
OpenSSL 3.2.1 (0x30200010L)

The workaround was applied in OpenSC/libp11#554. I recommend closing this issue.

mtrojnar / osslsigncode

v2.8 SIGSEGV in check_key_fork #388

Description:

Steps to Reproduce: