[openssl-dev] PKCS7_verify() behavior - possible bug ?

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[openssl-dev] PKCS7_verify() behavior - possible bug ?

Dr. Pala
Hi all,

I was looking at the behavior of PKCS7_verify(). It seems that, if the flags are set to 0, then the function will assume that the "smime_sign" purpose is to be used when verifying the certificate, however, if the PKCS7_NOCHAIN is actually used, it seems that the purpose is not checked. From the code (crypto/pkcs7/pk7_smime.c - line ~320 - function PKCS7_verify() ):
        if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
                signer = sk_X509_value (signers, k);
                if (!(flags & PKCS7_NOCHAIN)) {
                        if(!X509_STORE_CTX_init(&cert_ctx, store, signer,
                                                        p7->d.sign->cert))
                                {
                                PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
                                sk_X509_free(signers);
                                return 0;
                                }
                        X509_STORE_CTX_set_default(&cert_ctx, "smime_sign");
                } else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) {
                        PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
                        sk_X509_free(signers);
                        return 0;
                }
                if (!(flags & PKCS7_NOCRL))
                        X509_STORE_CTX_set0_crls(&cert_ctx, p7->d.sign->crl);
                i = X509_verify_cert(&cert_ctx);
                if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
                X509_STORE_CTX_cleanup(&cert_ctx);
                if (i <= 0) {
                        PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_CERTIFICATE_VERIFY_ERROR);
                        ERR_add_error_data(2, "Verify error:",
                                         X509_verify_cert_error_string(j));
                        sk_X509_free(signers);
                        return 0;
                }
                /* Check for revocation status here */
        }
Is this the desired behavior or if this is an error ? In other words, shouldn't the "smime_sign" purpose be checked in both cases ? I am asking because I am trying to understand if this behavior is going to be fixed / changed in the future or not (i.e., can we rely on the fact that by using the PKCS7_NOCHAIN flag the "smime_sign" purpose will not be checked) ?.

Thanks,
Max



_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev