diff options
| author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2022-11-22 08:43:03 +0100 |
|---|---|---|
| committer | Dr. David von Oheimb <dev@ddvo.net> | 2022-12-08 08:19:45 +0100 |
| commit | fc93335760686ad7cf3633d457caf18b0ac83ea2 (patch) | |
| tree | 6691c0baf052a7a6132dcff7ee39ccacfd4bb4d0 /crypto/cmp | |
| parent | 318a9dfa5f7bd1237d2697ad950697d241b8b49f (diff) | |
OSSL_CMP_validate_msg(): make sure to reject protection type mismatch
Do not accept password-based if expected signature-based and no secret is available and
do not accept signature-based if expected password-based and no trust anchors available.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19729)
Diffstat (limited to 'crypto/cmp')
| -rw-r--r-- | crypto/cmp/cmp_err.c | 5 | ||||
| -rw-r--r-- | crypto/cmp/cmp_vfy.c | 10 |
2 files changed, 10 insertions, 5 deletions
diff --git a/crypto/cmp/cmp_err.c b/crypto/cmp/cmp_err.c index 67d9964dbe..fe7b96348b 100644 --- a/crypto/cmp/cmp_err.c +++ b/crypto/cmp/cmp_err.c @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -98,8 +98,11 @@ static const ERR_STRING_DATA CMP_str_reasons[] = { {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_PROTECTION), "missing protection"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_REFERENCE_CERT), "missing reference cert"}, + {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_SECRET), "missing secret"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_SENDER_IDENTIFICATION), "missing sender identification"}, + {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_TRUST_ANCHOR), + "missing trust anchor"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MISSING_TRUST_STORE), "missing trust store"}, {ERR_PACK(ERR_LIB_CMP, 0, CMP_R_MULTIPLE_REQUESTS_NOT_SUPPORTED), diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index d41e9e742e..8bb4bf42ca 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -565,8 +565,9 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg) /* 5.1.3.1. Shared Secret Information */ case NID_id_PasswordBasedMAC: if (ctx->secretValue == NULL) { - ossl_cmp_warn(ctx, "no secret available for verifying PBM-based CMP message protection"); - return 1; + ossl_cmp_info(ctx, "no secret available for verifying PBM-based CMP message protection"); + ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_SECRET); + return 0; } if (verify_PBMAC(ctx, msg)) { /* @@ -616,8 +617,9 @@ int OSSL_CMP_validate_msg(OSSL_CMP_CTX *ctx, const OSSL_CMP_MSG *msg) scrt = ctx->srvCert; if (scrt == NULL) { if (ctx->trusted == NULL) { - ossl_cmp_warn(ctx, "no trust store nor pinned server cert available for verifying signature-based CMP message protection"); - return 1; + ossl_cmp_info(ctx, "no trust store nor pinned server cert available for verifying signature-based CMP message protection"); + ERR_raise(ERR_LIB_CMP, CMP_R_MISSING_TRUST_ANCHOR); + return 0; } if (check_msg_find_cert(ctx, msg)) { ossl_cmp_debug(ctx, |