diff options
| author | Matt Caswell <matt@openssl.org> | 2022-04-13 16:36:54 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2022-05-03 10:46:49 +0100 |
| commit | 21f89f542d745adbf1131338929ae538e200d50d (patch) | |
| tree | c28718b84cb2a2e64f6d3b0752e1318bc4eee315 /test/recipes/80-test_ocsp.t | |
| parent | b1b2146ded9ce5a84c62f30c6c4a922b449f6c90 (diff) | |
| download | openssl-new-21f89f542d745adbf1131338929ae538e200d50d.tar.gz | |
Fix OCSP_basic_verify signer certificate validation
The function `OCSP_basic_verify` validates the signer certificate on an OCSP
response. The internal function, ocsp_verify_signer, is responsible for this
and is expected to return a 0 value in the event of a failure to verify.
Unfortunately, due to a bug, it actually returns with a postive success
response in this case. In the normal course of events OCSP_basic_verify
will then continue and will fail anyway in the ocsp_check_issuer function
because the supplied "chain" value will be empty in the case that
ocsp_verify_signer failed to verify the chain. This will cause
OCSP_basic_verify to return with a negative result (fatal error). Normally
in the event of a failure to verify it should return with 0.
However, in the case of the OCSP_NOCHECKS flag being used, OCSP_basic_verify
will return with a positvie result. This could lead to callers trusting an
OCSP Basic response when it should not be.
CVE-2022-1343
Fixes #18053
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Diffstat (limited to 'test/recipes/80-test_ocsp.t')
0 files changed, 0 insertions, 0 deletions