Chain building fails in version 1.1.1i if CA uses RSASSA-PSS for signing EE cert

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Chain building fails in version 1.1.1i if CA uses RSASSA-PSS for signing EE cert

weber
Dear OpenSSL users,

we just bumped into a case we assume as a bug in version 1.1.1i.

Building a (partial) chain fails if an enduser cert is signed by a ca
using RSASSA-PSS algorithm.
Chain building works with version 1.1.1g.

Tracing the issue down, we found that the check_issued (source
x509_vfy.c) is changed.
The method is extended to compare the X509_NAMEs, AKIDs and algorithms
match.
The latter fails in check_sig_alg_match (source v3_purp.c) returning
X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH, which is wrong.

Is this issue and / or the proper solution known?

Thanks in advance
--
Christian Weber

Reply | Threaded
Open this post in threaded view
|

Re: Chain building fails in version 1.1.1i if CA uses RSASSA-PSS for signing EE cert

Tomas Mraz-3
Hi,

yes, this is a known regression in 1.1.1i that is fixed in the git repo
already with commit c2fc1115eac53d2043e09bfa43ac5407f87fe417

Tomas

On Thu, 2021-02-04 at 13:08 +0100, [hidden email] wrote:

> Dear OpenSSL users,
>
> we just bumped into a case we assume as a bug in version 1.1.1i.
>
> Building a (partial) chain fails if an enduser cert is signed by a
> ca
> using RSASSA-PSS algorithm.
> Chain building works with version 1.1.1g.
>
> Tracing the issue down, we found that the check_issued (source
> x509_vfy.c) is changed.
> The method is extended to compare the X509_NAMEs, AKIDs and
> algorithms
> match.
> The latter fails in check_sig_alg_match (source v3_purp.c) returning
> X509_V_ERR_SIGNATURE_ALGORITHM_MISMATCH, which is wrong.
>
> Is this issue and / or the proper solution known?
>
> Thanks in advance
> --
> Christian Weber
>