Closed
Bug 174193
Opened 23 years ago
Closed 23 years ago
certutil doesn't verify signature on cert request before issuing cert
Categories
(NSS :: Tools, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.7
People
(Reporter: nelson, Assigned: nelson)
References
Details
Attachments
(2 files)
|
3.51 KB,
patch
|
rrelyea
:
review+
|
Details | Diff | Splinter Review |
|
3.12 KB,
patch
|
Details | Diff | Splinter Review |
A certificate request is a signed document. The signature proves that
the requestor holds the private key that corresponds to the public key
in the cert request. Any CA program, including certutil, should verify
that signature before honoring it.
It appears to me that certutil decodes the signed data, but doesn't actually
verify it. So, any requester can get a cert issued.
This is very bad if someone is going to use certutil to try to be a real CA.
I think the solution is to do something very similar to CERT_VerifySignedData
except that the public key is taken from the request, not from a certificate.
|
Assignee | |
Comment 1•23 years ago
|
||
I created a new function
SECStatus
CERT_VerifySignedDataWithPubKeyInfo(CERTSignedData *sd,
CERTSubjectPublicKeyInfo *pubKeyInfo,
void *wincx)
that checks the signature on a certrequest (or any signedData) using
the public key info taken from a PublicKeyInfo, such as the one found in
the a cert request. This new function will be exported from NSS.
I added a call to this function in certutil's function that imports
and parses a cert request.
Please review.
|
|
Assignee | |
Comment 2•23 years ago
|
||
Bob, please review the patch in this bug. Thanks.
|
|
Assignee | |
Comment 3•23 years ago
|
||
Taking bug, since I have a patch for it already.
Assignee: wtc → nelsonb
|
|
Assignee | |
Updated•23 years ago
|
Priority: -- → P1
Target Milestone: --- → 3.7
|
|
Assignee | |
Comment 4•23 years ago
|
||
Marking assigned. Since I already have a patch for it.
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 5•23 years ago
|
||
Patch checked in. Marking fixed.
Status: ASSIGNED → RESOLVED
Closed: 23 years ago
Resolution: --- → FIXED
|
||
Comment 6•23 years ago
|
||
Comment on attachment 103261 [details] [diff] [review]
new func to check signature on cert request, call from certutil
The patch looks fine, thought I would have preferred the interface to take the
public key and let the application do the SECKEY_ExtractPublicKey().
bob
Attachment #103261 -
Flags: review+
|
|
Assignee | |
Comment 7•23 years ago
|
||
In light of Bob's comment above, I wrote a new function
CERT_VerifySignedDataWithPublicKey, and changed the existing functions
CERT_VerifySignedDataWithPubKeyInfo and CERT_VerifySignedData to use
this new function, since it contained logic previously common to both.
Bob, please review this patch.
You need to log in
before you can comment on or make changes to this bug.
Description
•