git.openssl.org Git - openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Wed, 13 Apr 2022 15:36:54 +0000 (16:36 +0100)
committer	Matt Caswell <matt@openssl.org>
	Tue, 3 May 2022 09:54:03 +0000 (10:54 +0100)
commit	2eda98790c5c2741d76d23cc1e74b0dc4f4b391a
tree	c0aaaed0370ba3240d951c65ca8ffb40fc404103	tree \| snapshot
parent	ae3ece03a61e8822fd7ea58f44812871efba82d1	commit \| diff

Fix OCSP_basic_verify signer certificate validation

The function `OCSP_basic_verify` validates the signer certificate on an OCSP
response. The internal function, ocsp_verify_signer, is responsible for this
and is expected to return a 0 value in the event of a failure to verify.
Unfortunately, due to a bug, it actually returns with a postive success
response in this case. In the normal course of events OCSP_basic_verify
will then continue and will fail anyway in the ocsp_check_issuer function
because the supplied "chain" value will be empty in the case that
ocsp_verify_signer failed to verify the chain. This will cause
OCSP_basic_verify to return with a negative result (fatal error). Normally
in the event of a failure to verify it should return with 0.

However, in the case of the OCSP_NOCHECKS flag being used, OCSP_basic_verify
will return with a positvie result. This could lead to callers trusting an
OCSP Basic response when it should not be.

CVE-2022-1343

Fixes #18053

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>