Streamline the approach to set CMP message recipient and expected sender

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)

diff --git a/crypto/cmp/cmp_hdr.c b/crypto/cmp/cmp_hdr.c
index b07bf031bfd596b90ccc231cfd6b363a2bfce04c..7f2506ba9e96cd76d9e5414bd407517cfb16377b 100644 (file)
--- a/crypto/cmp/cmp_hdr.c
+++ b/crypto/cmp/cmp_hdr.c
@@ -309,23 +309,22 @@ int ossl_cmp_hdr_init(OSSL_CMP_CTX *ctx, OSSL_CMP_PKIHEADER *hdr)
         return 0;
 
     /* determine recipient entry in PKIHeader */
-    if (ctx->srvCert != NULL) {
-        rcp = X509_get_subject_name(ctx->srvCert);
-        /* set also as expected_sender of responses unless set explicitly */
-        if (ctx->expected_sender == NULL && rcp != NULL
-                && !OSSL_CMP_CTX_set1_expected_sender(ctx, rcp))
-            return 0;
-    } else if (ctx->recipient != NULL) {
+    if (ctx->recipient != NULL)
         rcp = ctx->recipient;
-    } else if (ctx->issuer != NULL) {
+    else if (ctx->srvCert != NULL)
+        rcp = X509_get_subject_name(ctx->srvCert);
+    else if (ctx->issuer != NULL)
         rcp = ctx->issuer;
-    } else if (ctx->oldCert != NULL) {
+    else if (ctx->oldCert != NULL)
         rcp = X509_get_issuer_name(ctx->oldCert);
-    } else if (ctx->cert != NULL) {
+    else if (ctx->cert != NULL)
         rcp = X509_get_issuer_name(ctx->cert);
-    }
     if (!ossl_cmp_hdr_set1_recipient(hdr, rcp))
         return 0;
+    /* set also as expected_sender of responses unless set explicitly */
+    if (ctx->expected_sender == NULL && rcp != NULL
+        && !OSSL_CMP_CTX_set1_expected_sender(ctx, rcp))
+        return 0;
 
     /* set current time as message time */
     if (!ossl_cmp_hdr_update_messageTime(hdr))

diff --git a/crypto/cmp/cmp_msg.c b/crypto/cmp/cmp_msg.c
index 7b338b2b01d17600f8de57f68dde2f626966ce9b..bbce90c3261f8d0e234505a9709b18a378e03598 100644 (file)
--- a/crypto/cmp/cmp_msg.c
+++ b/crypto/cmp/cmp_msg.c
@@ -228,7 +228,7 @@ static OSSL_CRMF_MSG *crm_new(OSSL_CMP_CTX *ctx, int bodytype, int rid)
     X509_EXTENSIONS *exts = NULL;
 
     if (rkey == NULL)
-        rkey = ctx->pkey; /* default is independent of ctx->oldClCert */
+        rkey = ctx->pkey; /* default is independent of ctx->oldCert */
     if (rkey == NULL) {
 #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
         CMPerr(0, CMP_R_NULL_ARGUMENT);

diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c
index c124b0636fd0c31e10d7e05eb5ac00f6a7b8c2d2..289402d829e97da176b57bd1231015cf8f503f55 100644 (file)
--- a/crypto/cmp/cmp_vfy.c
+++ b/crypto/cmp/cmp_vfy.c
@@ -559,6 +559,7 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
     int nid = NID_undef, pk_nid = NID_undef;
     const ASN1_OBJECT *algorOID = NULL;
     X509 *scrt;
+    const X509_NAME *expected_sender;
 
     if (ctx == NULL || msg == NULL
             || msg->header == NULL || msg->body == NULL) {
@@ -642,9 +643,12 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg)
          * Mitigates risk to accept misused certificate of an unauthorized
          * entity of a trusted hierarchy.
          */
+        expected_sender = ctx->expected_sender;
+        if (expected_sender == NULL && ctx->srvCert != NULL)
+            expected_sender = X509_get_subject_name(ctx->srvCert);
         if (!check_name(ctx, "sender DN field",
                         msg->header->sender->d.directoryName,
-                        "expected sender", ctx->expected_sender))
+                        "expected sender", expected_sender))
             break;
         /* Note: if recipient was NULL-DN it could be learned here if needed */