diff options
| author | Richard Levitte <levitte@openssl.org> | 2018-12-18 09:14:51 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2018-12-19 13:33:54 +0100 |
| commit | ffd2df135a5d9f6d2627bd125f362298430fdc06 (patch) | |
| tree | 5c13617bd3bbaaef09863e84a444b07d2a9eb5d1 /crypto/x509v3/v3_purp.c | |
| parent | 5aa2a7ea41d7137640cb0914807fd1202b920543 (diff) | |
| download | openssl-ffd2df135a5d9f6d2627bd125f362298430fdc06.zip openssl-ffd2df135a5d9f6d2627bd125f362298430fdc06.tar.gz openssl-ffd2df135a5d9f6d2627bd125f362298430fdc06.tar.bz2 | |
X509_check_issued: check that signature algo matches signing key algo
This implements 3.5.18 "Consistent Public Key and Signature Algorithms"
from RFC 4158 "Internet X.509 Public Key Infrastructure: Certification
Path Building"
Ref: https://tools.ietf.org/html/rfc4158#section-3.5.18
Fixes #7899
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7919)
Diffstat (limited to 'crypto/x509v3/v3_purp.c')
| -rw-r--r-- | crypto/x509v3/v3_purp.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 2080adb..d0ac7e6 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -764,8 +764,9 @@ static int no_check(const X509_PURPOSE *xp, const X509 *x, int ca) * subject name. * These are: * 1. Check issuer_name(subject) == subject_name(issuer) - * 2. If akid(subject) exists check it matches issuer - * 3. If key_usage(issuer) exists check it supports certificate signing + * 2. If akid(subject) exists, check that it matches issuer + * 3. Check that issuer public key algorithm matches subject signature algorithm + * 4. If key_usage(issuer) exists, check that it supports certificate signing * returns 0 for OK, positive for reason for mismatch, reasons match * codes for X509_verify_cert() */ @@ -785,6 +786,24 @@ int X509_check_issued(X509 *issuer, X509 *subject) return ret; } + { + /* + * Check if the subject signature algorithm matches the issuer's PUBKEY + * algorithm + */ + EVP_PKEY *i_pkey = X509_get0_pubkey(issuer); + X509_ALGOR *s_algor = &subject->cert_info.signature; + int s_pknid = NID_undef, s_mdnid = NID_undef; + + if (i_pkey == NULL) + return X509_V_ERR_NO_ISSUER_PUBLIC_KEY; + + if (!OBJ_find_sigid_algs(OBJ_obj2nid(s_algor->algorithm), + &s_mdnid, &s_pknid) + || EVP_PKEY_type(s_pknid) != EVP_PKEY_base_id(i_pkey)) + return X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH; + } + if (subject->ex_flags & EXFLAG_PROXY) { if (ku_reject(issuer, KU_DIGITAL_SIGNATURE)) return X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE; |