Public bug reported: Note: This bug report, analysis of the issue, and the potential fix were created using the assistance of an LLM.
OpenSSL 3.0.12–3.0.13 has a bug (openssl/openssl#23063 (https://github.com/openssl/openssl/pull/23063)) in foreign EVP_PKEY handling that causes a NULL dereference when the engine's RSA signing path is invoked. libp11 0.4.13 (in plucky 25.04+) has a workaround; noble ships 0.4.12 which does not. The upstream commit 86c04043c0 in libp11 (https://github.com/OpenSC/libp11/pull/554), backported to 0.4.12 to add the workaround for the problematic OpenSSL versions would fix this issue. Since the 0.4.12 version does not contain an existing `if` condition that the PR extends, the backported fix patch would add an OpenSSL version check in load_privkey() and calls ENGINE_set_default_string(engine, "PKEY_CRYPTO") to reroute signing through the EVP_PKEY path, avoiding the broken RSA_get_ex_data call. Environment: - Ubuntu 24.04 noble - YubiHSM2 device - Packages: yubihsm-connector (3.0.7-1), yubihsm-shell (2.7.3), yubihsm-pkcs11 (2.7.3) from Yubico YubiHSM2 SDK, libengine-pkcs11-openssl (0.4.12-1.1build2), sbsigntool (0.9.4-3.1ubuntu7), opensc (0.25.0~rc1-1ubuntu0.2) Steps to reproduce: 1. Start yubihsm-connector and confirm it reaches the device: curl -s http://127.0.0.1:12345/connector/status 2. Generate a test RSA-2048 key and self-signed certificate: openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out test.key openssl req -new -x509 -key test.key -out test.crt -days 365 -subj "/CN=Test" 3. Load the key into the YubiHSM2 (factory default credentials): yubihsm-shell --connector http://127.0.0.1:12345 -p password --authkey 1 \ -a put-asymmetric-key --object-id 257 --label "test-key" \ --domains 1 --capabilities sign-pkcs --algorithm rsa2048 \ --in test.key 4. Create the PKCS#11 connector config: echo "connector = http://127.0.0.1:12345"; > yubihsm_pkcs11.conf 5. Attempt to sign an EFI binary: YUBIHSM_PKCS11_CONF=$(pwd)/yubihsm_pkcs11.conf \ sbsign \ --engine pkcs11 \ --key "pkcs11:id=%01%01;type=private;pin-value=0001password" \ --cert test.crt \ --output test-output.efi \ /boot/efi/EFI/ubuntu/grubx64.efi Expected result: Signed EFI binary produced. Actual result: Segmentation fault (core dumped). Additional context: The crash is entirely within engines-3/pkcs11.so as shown by the backtrace: pkcs11.so → RSA_sign → EVP_DigestSignFinal → PKCS7_SIGNER_INFO_sign → PKCS7_dataFinal → sbsign SIGSEGV, si_code=SI_KERNEL, si_addr=NULL Root cause: OpenSSL 3.0.13 (shipped in noble) contains a regression introduced in commit openssl/openssl@2b74e75 and fixed in openssl/openssl@39ea783. The fix did not ship until OpenSSL 3.0.14. libp11 0.4.13 (plucky+) carries a workaround; noble's 0.4.12 does not. ** Affects: libp11 (Ubuntu) Importance: Undecided Status: New ** Affects: libp11 (Ubuntu Noble) Importance: Undecided Status: New ** Also affects: libp11 (Ubuntu Noble) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2158304 Title: sbsign (and any tool using the OpenSSL PKCS#11 engine) segfaults when signing via a PKCS#11 token on OpenSSL 3.0.13 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libp11/+bug/2158304/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
