diff options
| author | Matt Caswell <matt@openssl.org> | 2016-06-10 14:25:15 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2016-06-10 14:36:21 +0100 |
| commit | f6186cfba64593d3cefd6851a487a21abd0657a3 (patch) | |
| tree | 958999f1aec0b1aa51b7d89a3d0dec283421417b /crypto/ts | |
| parent | e4c4b2766bb97b34ea3479252276ab7c66311809 (diff) | |
| download | openssl-f6186cfba64593d3cefd6851a487a21abd0657a3.tar.gz | |
Fix seg fault in TS_RESP_verify_response()
The TS_RESP_verify_response() function is used for verifying the response
from a TSA. You can set the provided TS_VERIFY_CTX with different flags
depending on what aspects of the response you wish to verify.
A seg fault will occur if you supply the TS_VFY_SIGNER or TS_VFY_TSA_NAME
flags without also specifying TS_VFY_SIGNATURE.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/ts')
| -rw-r--r-- | crypto/ts/ts_rsp_verify.c | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index 29aa5a497e..97d9c81db6 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -434,51 +434,58 @@ static int int_TS_RESP_verify_token(TS_VERIFY_CTX *ctx, unsigned char *imprint = NULL; unsigned imprint_len = 0; int ret = 0; + int flags = ctx->flags; + + /* Some options require us to also check the signature */ + if (((flags & TS_VFY_SIGNER) && tsa_name != NULL) + || (flags & TS_VFY_TSA_NAME)) { + flags |= TS_VFY_SIGNATURE; + } /* Verify the signature. */ - if ((ctx->flags & TS_VFY_SIGNATURE) + if ((flags & TS_VFY_SIGNATURE) && !TS_RESP_verify_signature(token, ctx->certs, ctx->store, &signer)) goto err; /* Check version number of response. */ - if ((ctx->flags & TS_VFY_VERSION) + if ((flags & TS_VFY_VERSION) && TS_TST_INFO_get_version(tst_info) != 1) { TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_UNSUPPORTED_VERSION); goto err; } /* Check policies. */ - if ((ctx->flags & TS_VFY_POLICY) + if ((flags & TS_VFY_POLICY) && !TS_check_policy(ctx->policy, tst_info)) goto err; /* Check message imprints. */ - if ((ctx->flags & TS_VFY_IMPRINT) + if ((flags & TS_VFY_IMPRINT) && !TS_check_imprints(ctx->md_alg, ctx->imprint, ctx->imprint_len, tst_info)) goto err; /* Compute and check message imprints. */ - if ((ctx->flags & TS_VFY_DATA) + if ((flags & TS_VFY_DATA) && (!TS_compute_imprint(ctx->data, tst_info, &md_alg, &imprint, &imprint_len) || !TS_check_imprints(md_alg, imprint, imprint_len, tst_info))) goto err; /* Check nonces. */ - if ((ctx->flags & TS_VFY_NONCE) + if ((flags & TS_VFY_NONCE) && !TS_check_nonces(ctx->nonce, tst_info)) goto err; /* Check whether TSA name and signer certificate match. */ - if ((ctx->flags & TS_VFY_SIGNER) + if ((flags & TS_VFY_SIGNER) && tsa_name && !TS_check_signer_name(tsa_name, signer)) { TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_NAME_MISMATCH); goto err; } /* Check whether the TSA is the expected one. */ - if ((ctx->flags & TS_VFY_TSA_NAME) + if ((flags & TS_VFY_TSA_NAME) && !TS_check_signer_name(ctx->tsa_name, signer)) { TSerr(TS_F_INT_TS_RESP_VERIFY_TOKEN, TS_R_TSA_UNTRUSTED); goto err; |