Certificate chain verification in crypto/x509/x509_vfy.c X509_verify_cert() fails badly and may allow verification bypass if check_issued() on line 259 returns false negative on check whether last certificate in chain is self signed. For example, check_issued() may return false negative in case of memory allocation failure (although could not find how to force that).
253 /* Examine last certificate in chain and see if it 254 * is self signed. 255 */ 256 257 i=sk_X509_num(ctx->chain); 258 x=sk_X509_value(ctx->chain,i-1); 259 if (ctx->check_issued(ctx, x, x)) This is because "for" loop later does not require to find even a single issuer certificate from trust store and will happily break loop if last certificate is actually self signed. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
