Bug 3327 - Wrong index used in pkcs11 cert attribute array when fetching x509 subject name
Summary: Wrong index used in pkcs11 cert attribute array when fetching x509 subject name
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Smartcard (show other bugs)
Version: 8.6p1
Hardware: Other All
: P5 minor
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_8_7
  Show dependency treegraph
 
Reported: 2021-06-24 03:03 AEST by Leif Thuresson
Modified: 2022-02-25 13:58 AEDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Leif Thuresson 2021-06-24 03:03:24 AEST 
Result is that key label is set to "invalid subject" instead of certificate subject name.

Here is a fix diff against openssh-portable master branch



diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index 844aa9ff..a727d1bd 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -973,7 +973,7 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
        }
 
        /* Decode DER-encoded cert subject */
-       cp = cert_attr[2].pValue;
+       cp = cert_attr[1].pValue;
        if ((x509_name = d2i_X509_NAME(NULL, &cp,
            cert_attr[1].ulValueLen)) == NULL ||
            (subject = X509_NAME_oneline(x509_name, NULL, 0)) == NULL)
Comment 1 Damien Miller 2021-06-25 16:33:02 AEST 
committed as d443006c0 and will be in the openssh-8.7 release - thanks!
Comment 2 Damien Miller 2022-02-25 13:58:00 AEDT 
closing bugs resolved before openssh-8.9