From 97d231672763cdb5959a3b191e692a362f1b9e55 Mon Sep 17 00:00:00 2001
From: Alex Gaynor <alex.gaynor@gmail.com>
Date: Mon, 19 Feb 2024 11:50:28 -0500
Subject: [PATCH] Fixes #10422 -- don't crash when a PKCS#12 key and cert don't
 match (#10423)

Upstream-Status: Backport [https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55]
CVE: CVE-2024-26130
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
 .../hazmat/backends/openssl/backend.py         |  9 +++++++++
 tests/hazmat/primitives/test_pkcs12.py         | 18 ++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index c43fea0..d687931 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -2131,6 +2131,15 @@ class Backend(BackendInterface):
                     mac_iter,
                     0,
                 )
+                if p12 == self._ffi.NULL:
+                    errors = self._consume_errors()
+                    raise ValueError(
+                        (
+                            "Failed to create PKCS12 (does the key match the "
+                            "certificate?)"
+                        ),
+                        errors,
+                    )
 
         self.openssl_assert(p12 != self._ffi.NULL)
         p12 = self._ffi.gc(p12, self._lib.PKCS12_free)
diff --git a/tests/hazmat/primitives/test_pkcs12.py b/tests/hazmat/primitives/test_pkcs12.py
index c5cfbc0..8af4c93 100644
--- a/tests/hazmat/primitives/test_pkcs12.py
+++ b/tests/hazmat/primitives/test_pkcs12.py
@@ -25,6 +25,24 @@ from ...doubles import DummyKeySerializationEncryption
 from ...utils import load_vectors_from_file
 
 
+   @pytest.mark.supported(
+       only_if=lambda backend: backend._lib.Cryptography_HAS_PKCS12_SET_MAC,
+       skip_message="Requires OpenSSL with PKCS12_set_mac",
+   )
+   def test_set_mac_key_certificate_mismatch(self, backend):
+       cacert, _ = _load_ca(backend)
+       key = ec.generate_private_key(ec.SECP256R1())
+       encryption = (
+           serialization.PrivateFormat.PKCS12.encryption_builder()
+           .hmac_hash(hashes.SHA256())
+           .build(b"password")
+       )
+
+       with pytest.raises(ValueError):
+           serialize_key_and_certificates(
+               b"name", key, cacert, [], encryption
+           )
+
 @pytest.mark.skip_fips(
     reason="PKCS12 unsupported in FIPS mode. So much bad crypto in it."
 )
-- 
2.35.7