Drop cached certificate signature validity flag
It seems risky in the context of cross-signed certificates when the same certificate might have multiple potential issuers. Also rarely used, since chains in OpenSSL typically only employ self-signed trust-anchors, whose self-signatures are not checked, while untrusted certificates are generally ephemeral. (Imported from upstream's 0e76014e584ba78ef1d6ecb4572391ef61c4fb51.) This is in master and not 1.0.2, but having a per-certificate signature cache when this is a function of signature and issuer seems dubious at best. Thanks to Viktor Dukhovni for pointing this change out to me. (And for making the original change upstream, of course.) Change-Id: Ie692d651726f14aeba6eaab03ac918fcaedb4eeb Reviewed-on: https://boringssl-review.googlesource.com/8880 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
parent
84f8551753
commit
00d7a7cee7
@ -1753,9 +1753,7 @@ static int internal_verify(X509_STORE_CTX *ctx)
|
|||||||
* explicitly asked for. It doesn't add any security and just wastes
|
* explicitly asked for. It doesn't add any security and just wastes
|
||||||
* time.
|
* time.
|
||||||
*/
|
*/
|
||||||
if (!xs->valid
|
if (xs != xi || (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE)) {
|
||||||
&& (xs != xi
|
|
||||||
|| (ctx->param->flags & X509_V_FLAG_CHECK_SS_SIGNATURE))) {
|
|
||||||
if ((pkey = X509_get_pubkey(xi)) == NULL) {
|
if ((pkey = X509_get_pubkey(xi)) == NULL) {
|
||||||
ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
|
ctx->error = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
|
||||||
ctx->current_cert = xi;
|
ctx->current_cert = xi;
|
||||||
@ -1775,8 +1773,6 @@ static int internal_verify(X509_STORE_CTX *ctx)
|
|||||||
pkey = NULL;
|
pkey = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
xs->valid = 1;
|
|
||||||
|
|
||||||
check_cert:
|
check_cert:
|
||||||
ok = check_cert_time(ctx, xs);
|
ok = check_cert_time(ctx, xs);
|
||||||
if (!ok)
|
if (!ok)
|
||||||
|
@ -96,7 +96,6 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
|
|||||||
switch (operation) {
|
switch (operation) {
|
||||||
|
|
||||||
case ASN1_OP_NEW_POST:
|
case ASN1_OP_NEW_POST:
|
||||||
ret->valid = 0;
|
|
||||||
ret->name = NULL;
|
ret->name = NULL;
|
||||||
ret->ex_flags = 0;
|
ret->ex_flags = 0;
|
||||||
ret->ex_pathlen = -1;
|
ret->ex_pathlen = -1;
|
||||||
|
@ -243,7 +243,6 @@ struct x509_st
|
|||||||
X509_CINF *cert_info;
|
X509_CINF *cert_info;
|
||||||
X509_ALGOR *sig_alg;
|
X509_ALGOR *sig_alg;
|
||||||
ASN1_BIT_STRING *signature;
|
ASN1_BIT_STRING *signature;
|
||||||
int valid;
|
|
||||||
CRYPTO_refcount_t references;
|
CRYPTO_refcount_t references;
|
||||||
char *name;
|
char *name;
|
||||||
CRYPTO_EX_DATA ex_data;
|
CRYPTO_EX_DATA ex_data;
|
||||||
|
Loading…
Reference in New Issue
Block a user