forked from pool/openssl-3
0ddca788f5
- Security Fix: [CVE-2023-0465, bsc#1209878] * Invalid certificate policies in leaf certificates are silently ignored * Add openssl-CVE-2023-0465.patch - Security Fix: [CVE-2023-0466, bsc#1209873] * Certificate policy check not enabled * Add openssl-CVE-2023-0466.patch OBS-URL: https://build.opensuse.org/request/show/1075338 OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=61
242 lines
10 KiB
Diff
242 lines
10 KiB
Diff
From d45bdaa97d821ab88fb36d9e6484f5dc3df50cde Mon Sep 17 00:00:00 2001
|
|
From: Matt Caswell <matt@openssl.org>
|
|
Date: Tue, 7 Mar 2023 15:22:40 +0000
|
|
Subject: [PATCH 1/5] Generate some certificates with the certificatePolicies
|
|
extension
|
|
|
|
Related-to: CVE-2023-0465
|
|
---
|
|
CHANGES.md | 14 ++++++++++++--
|
|
NEWS.md | 5 +++++
|
|
crypto/x509/x509_vfy.c | 12 ++++++++++--
|
|
test/certs/ca-pol-cert.pem | 19 +++++++++++++++++++
|
|
test/certs/ee-cert-policies-bad.pem | 20 ++++++++++++++++++++
|
|
test/certs/ee-cert-policies.pem | 20 ++++++++++++++++++++
|
|
test/certs/mkcert.sh | 9 +++++++--
|
|
test/certs/setup.sh | 6 ++++++
|
|
test/recipes/25-test_verify.t | 13 ++++++++++++-
|
|
9 files changed, 111 insertions(+), 7 deletions(-)
|
|
create mode 100644 test/certs/ca-pol-cert.pem
|
|
create mode 100644 test/certs/ee-cert-policies-bad.pem
|
|
create mode 100644 test/certs/ee-cert-policies.pem
|
|
|
|
--- a/CHANGES.md
|
|
+++ b/CHANGES.md
|
|
@@ -24,14 +24,22 @@ OpenSSL 3.1
|
|
|
|
### Changes between 3.0 and 3.1.0 [14 Mar 2023]
|
|
|
|
+ * Fixed an issue where invalid certificate policies in leaf certificates are
|
|
+ silently ignored by OpenSSL and other certificate policy checks are skipped
|
|
+ for that certificate. A malicious CA could use this to deliberately assert
|
|
+ invalid certificate policies in order to circumvent policy checking on the
|
|
+ certificate altogether.
|
|
+ ([CVE-2023-0465])
|
|
+
|
|
+ *Matt Caswell*
|
|
+
|
|
* Limited the number of nodes created in a policy tree to mitigate
|
|
against CVE-2023-0464. The default limit is set to 1000 nodes, which
|
|
should be sufficient for most installations. If required, the limit
|
|
can be adjusted by setting the OPENSSL_POLICY_TREE_NODES_MAX build
|
|
time define to a desired maximum number of nodes or zero to allow
|
|
unlimited growth.
|
|
-
|
|
- *Paul Dale*
|
|
+ ([CVE-2023-0464])
|
|
|
|
* Add FIPS provider configuration option to enforce the
|
|
Extended Master Secret (EMS) check during the TLS1_PRF KDF.
|
|
@@ -19687,6 +19695,8 @@ ndif
|
|
|
|
<!-- Links -->
|
|
|
|
+[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
|
|
+[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
|
|
[CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401
|
|
[CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286
|
|
[CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217
|
|
--- a/NEWS.md
|
|
+++ b/NEWS.md
|
|
@@ -26,6 +26,9 @@ OpenSSL 3.1
|
|
assembler code algorithm implementations.
|
|
* Deprecated LHASH statistics functions.
|
|
* FIPS 140-3 compliance changes.
|
|
+ * Fixed handling of invalid certificate policies in leaf certificates
|
|
+ ([CVE-2023-0465])
|
|
+ * Limited the number of nodes created in a policy tree ([CVE-2023-0464])
|
|
|
|
OpenSSL 3.0
|
|
-----------
|
|
@@ -1442,6 +1445,8 @@ OpenSSL 0.9.x
|
|
* Support for various new platforms
|
|
|
|
<!-- Links -->
|
|
+[CVE-2023-0465]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0465
|
|
+[CVE-2023-0464]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0464
|
|
[CVE-2023-0401]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0401
|
|
[CVE-2023-0286]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0286
|
|
[CVE-2023-0217]: https://www.openssl.org/news/vulnerabilities.html#CVE-2023-0217
|
|
--- a/crypto/x509/x509_vfy.c
|
|
+++ b/crypto/x509/x509_vfy.c
|
|
@@ -1654,15 +1654,23 @@ static int check_policy(X509_STORE_CTX *
|
|
goto memerr;
|
|
/* Invalid or inconsistent extensions */
|
|
if (ret == X509_PCY_TREE_INVALID) {
|
|
- int i;
|
|
+ int i, cbcalled = 0;
|
|
|
|
/* Locate certificates with bad extensions and notify callback. */
|
|
- for (i = 1; i < sk_X509_num(ctx->chain); i++) {
|
|
+ for (i = 0; i < sk_X509_num(ctx->chain); i++) {
|
|
X509 *x = sk_X509_value(ctx->chain, i);
|
|
|
|
+ if ((x->ex_flags & EXFLAG_INVALID_POLICY) != 0)
|
|
+ cbcalled = 1;
|
|
CB_FAIL_IF((x->ex_flags & EXFLAG_INVALID_POLICY) != 0,
|
|
ctx, x, i, X509_V_ERR_INVALID_POLICY_EXTENSION);
|
|
}
|
|
+ if (!cbcalled) {
|
|
+ /* Should not be able to get here */
|
|
+ ERR_raise(ERR_LIB_X509, ERR_R_INTERNAL_ERROR);
|
|
+ return 0;
|
|
+ }
|
|
+ /* The callback ignored the error so we return success */
|
|
return 1;
|
|
}
|
|
if (ret == X509_PCY_TREE_FAILURE) {
|
|
--- /dev/null
|
|
+++ b/test/certs/ca-pol-cert.pem
|
|
@@ -0,0 +1,19 @@
|
|
+-----BEGIN CERTIFICATE-----
|
|
+MIIDFzCCAf+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
|
|
+IENBMCAXDTIzMDMwODEyMjMxNloYDzIxMjMwMzA5MTIyMzE2WjANMQswCQYDVQQD
|
|
+DAJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJadpD0ASxxfxsvd
|
|
+j9IxsogVzMSGLFziaYuE9KejU9+R479RifvwfBANO62sNWJ19X//9G5UjwWmkiOz
|
|
+n1k50DkYsBBA3mJzik6wjt/c58lBIlSEgAgpvDU8ht8w3t20JP9+YqXAeugqFj/W
|
|
+l9rFQtsvaWSRywjXVlp5fxuEQelNnXcJEKhsKTNExsBUZebo4/J1BWpklWzA9P0l
|
|
+YW5INvDAAwcF1nzlEf0Y6Eot03IMNyg2MTE4hehxjdgCSci8GYnFirE/ojXqqpAc
|
|
+ZGh7r2dqWgZUD1Dh+bT2vjrUzj8eTH3GdzI+oljt29102JIUaqj3yzRYkah8FLF9
|
|
+CLNNsUcCAwEAAaN7MHkwDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8EBAMCAQYwHQYD
|
|
+VR0OBBYEFLQRM/HX4l73U54gIhBPhga/H8leMB8GA1UdIwQYMBaAFI71Ja8em2uE
|
|
+PXyAmslTnE1y96NSMBkGA1UdIAQSMBAwDgYMKwYBBAGBgVy8+0cBMA0GCSqGSIb3
|
|
+DQEBCwUAA4IBAQBbE+MO9mewWIUY2kt85yhl0oZtvVxbn9K2Hty59ItwJGRNfzx7
|
|
+Ge7KgawkvNzMOXmj6qf8TpbJnf41ZLWdRyVZBVyIwrAKIVw1VxfGh8aEifHKN97H
|
|
+unZkBPcUkAhUJSiC1BOD/euaMYqOi8QwiI702Q6q1NBY1/UKnV/ZIBLecnqfj9vZ
|
|
+7T0wKxrwGYBztP4pNcxCmBoD9Dg+Dx3ZElo0WXyO4SOh/BgrsKJHKyhbuTpjrI/g
|
|
+DhcINRp6+lIzuFBtJ67+YXnAEspb3lKMk0YL/LXrCNF2scdmNfOPwHi+OKBqt69C
|
|
+9FJyWFEMxx2qm/ENE9sbOswgJRnKkaAqHBHx
|
|
+-----END CERTIFICATE-----
|
|
--- /dev/null
|
|
+++ b/test/certs/ee-cert-policies-bad.pem
|
|
@@ -0,0 +1,20 @@
|
|
+-----BEGIN CERTIFICATE-----
|
|
+MIIDTTCCAjWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg
|
|
+Fw0yMzAzMDgxMjIzMzJaGA8yMTIzMDMwOTEyMjMzMlowGTEXMBUGA1UEAwwOc2Vy
|
|
+dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY
|
|
+YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT
|
|
+5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l
|
|
+Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1
|
|
+U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5
|
|
+ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn
|
|
+iIQPYf55NB9KiR+3AgMBAAGjgakwgaYwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4H
|
|
+mCKX4XOiMB8GA1UdIwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQC
|
|
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4YW1w
|
|
+bGUwKQYDVR0gBCIwIDAOBgwrBgEEAYGBXLz7RwEwDgYMKwYBBAGBgVy8+0cBMA0G
|
|
+CSqGSIb3DQEBCwUAA4IBAQArwtwNO++7kStcJeMg3ekz2D/m/8UEjTA1rknBjQiQ
|
|
+P0FK7tNeRqus9i8PxthNWk+biRayvDzaGIBV7igpDBPfXemDgmW9Adc4MKyiQDfs
|
|
+YfkHi3xJKvsK2fQmyCs2InVDaKpVAkNFcgAW8nSOhGliqIxLb0EOLoLNwaktou0N
|
|
+XQHmRzY8S7aIr8K9Qo9y/+MLar+PS4h8l6FkLLkTICiFzE4/wje5S3NckAnadRJa
|
|
+QpjwM2S6NuA+tYWuOcN//r7BSpW/AZKanYWPzHMrKlqCh+9o7sthPd72+hObG9kx
|
|
+wSGdzfStNK1I1zM5LiI08WtXCvR6AfLANTo2x1AYhSxF
|
|
+-----END CERTIFICATE-----
|
|
--- /dev/null
|
|
+++ b/test/certs/ee-cert-policies.pem
|
|
@@ -0,0 +1,20 @@
|
|
+-----BEGIN CERTIFICATE-----
|
|
+MIIDPTCCAiWgAwIBAgIBAjANBgkqhkiG9w0BAQsFADANMQswCQYDVQQDDAJDQTAg
|
|
+Fw0yMzAzMDgxMjIzMjNaGA8yMTIzMDMwOTEyMjMyM1owGTEXMBUGA1UEAwwOc2Vy
|
|
+dmVyLmV4YW1wbGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo/4lY
|
|
+YYWu3tssD9Vz++K3qBt6dWAr1H08c3a1rt6TL38kkG3JHPSKOM2fooAWVsu0LLuT
|
|
+5Rcf/w3GQ/4xNPgo2HXpo7uIgu+jcuJTYgVFTeAxl++qnRDSWA2eBp4yuxsIVl1l
|
|
+Dz9mjsI2oBH/wFk1/Ukc3RxCMwZ4rgQ4I+XndWfTlK1aqUAfrFkQ9QzBZK1KxMY1
|
|
+U7OWaoIbFYvRmavknm+UqtKW5Vf7jJFkijwkFsbSGb6CYBM7YrDtPh2zyvlr3zG5
|
|
+ep5LR2inKcc/SuIiJ7TvkGPX79ByST5brbkb1Ctvhmjd1XMSuEPJ3EEPoqNGT4tn
|
|
+iIQPYf55NB9KiR+3AgMBAAGjgZkwgZYwHQYDVR0OBBYEFOeb4iqtimw6y3ZR5Y4H
|
|
+mCKX4XOiMB8GA1UdIwQYMBaAFLQRM/HX4l73U54gIhBPhga/H8leMAkGA1UdEwQC
|
|
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4YW1w
|
|
+bGUwGQYDVR0gBBIwEDAOBgwrBgEEAYGBXLz7RwEwDQYJKoZIhvcNAQELBQADggEB
|
|
+AGbWslmAAdMX3+5ChcnFrX+NqDGoyhb3PTgWdtlQB5qtWdIt4rSxN50OcQxFTX0D
|
|
+QOBabSzR0DDKrgfBe4waL19WsdEvR9GyO4M7ASze/A3IEZue9C9k0n7Vq8zDaAZl
|
|
+CiR/Zqo9nAOuhKHMgmC/NjUlX7STv5pJVgc4SH8VEKmSRZDmNihaOalUtK5X8/Oa
|
|
+dawKxsZcaP5IKnOEPPKjtVNJxBu5CXywJHsO0GcoDEnEx1/NLdFoJ6WFw8NuTyDK
|
|
+NGLq2MHEdyKaigHQlptEs9bXyu9McJjzbx0uXj3BenRULASreccFej0L1RU6jDlk
|
|
+D3brBn24UISaFRZoB7jsjok=
|
|
+-----END CERTIFICATE-----
|
|
--- a/test/certs/mkcert.sh
|
|
+++ b/test/certs/mkcert.sh
|
|
@@ -119,11 +119,12 @@ genca() {
|
|
local OPTIND=1
|
|
local purpose=
|
|
|
|
- while getopts p: o
|
|
+ while getopts p:c: o
|
|
do
|
|
case $o in
|
|
p) purpose="$OPTARG";;
|
|
- *) echo "Usage: $0 genca [-p EKU] cn keyname certname cakeyname cacertname" >&2
|
|
+ c) certpol="$OPTARG";;
|
|
+ *) echo "Usage: $0 genca [-p EKU][-c policyoid] cn keyname certname cakeyname cacertname" >&2
|
|
return 1;;
|
|
esac
|
|
done
|
|
@@ -146,6 +147,10 @@ genca() {
|
|
if [ -n "$NC" ]; then
|
|
exts=$(printf "%s\nnameConstraints = %s\n" "$exts" "$NC")
|
|
fi
|
|
+ if [ -n "$certpol" ]; then
|
|
+ exts=$(printf "%s\ncertificatePolicies = %s\n" "$exts" "$certpol")
|
|
+ fi
|
|
+
|
|
csr=$(req "$key" "CN = $cn") || return 1
|
|
echo "$csr" |
|
|
cert "$cert" "$exts" -CA "${cacert}.pem" -CAkey "${cakey}.pem" \
|
|
--- a/test/certs/setup.sh
|
|
+++ b/test/certs/setup.sh
|
|
@@ -451,3 +451,9 @@ OPENSSL_SIGALG=ED448 OPENSSL_KEYALG=ed44
|
|
|
|
# critical id-pkix-ocsp-no-check extension
|
|
./mkcert.sh geneeextra server.example ee-key ee-cert-ocsp-nocheck ca-key ca-cert "1.3.6.1.5.5.7.48.1.5=critical,DER:05:00"
|
|
+
|
|
+# certificatePolicies extension
|
|
+./mkcert.sh genca -c "1.3.6.1.4.1.16604.998855.1" "CA" ca-key ca-pol-cert root-key root-cert
|
|
+./mkcert.sh geneeextra server.example ee-key ee-cert-policies ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1"
|
|
+# We can create a cert with a duplicate policy oid - but its actually invalid!
|
|
+./mkcert.sh geneeextra server.example ee-key ee-cert-policies-bad ca-key ca-cert "certificatePolicies=1.3.6.1.4.1.16604.998855.1,1.3.6.1.4.1.16604.998855.1"
|
|
--- a/test/recipes/25-test_verify.t
|
|
+++ b/test/recipes/25-test_verify.t
|
|
@@ -29,7 +29,7 @@ sub verify {
|
|
run(app([@args]));
|
|
}
|
|
|
|
-plan tests => 173;
|
|
+plan tests => 175;
|
|
|
|
# Canonical success
|
|
ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
|
|
@@ -536,3 +536,14 @@ SKIP: {
|
|
ok(run(app([ qw(openssl verify -trusted), $rsapluscert_file, $cert_file ])),
|
|
'Mixed key + cert file test');
|
|
}
|
|
+
|
|
+# Certificate Policies
|
|
+ok(verify("ee-cert-policies", "", ["root-cert"], ["ca-pol-cert"],
|
|
+ "-policy_check", "-policy", "1.3.6.1.4.1.16604.998855.1",
|
|
+ "-explicit_policy"),
|
|
+ "Certificate policy");
|
|
+
|
|
+ok(!verify("ee-cert-policies-bad", "", ["root-cert"], ["ca-pol-cert"],
|
|
+ "-policy_check", "-policy", "1.3.6.1.4.1.16604.998855.1",
|
|
+ "-explicit_policy"),
|
|
+ "Bad certificate policy");
|