The OpenSSL new release / HEAD updates removed the following comment-out
statement
in PKCS7_verify() routine, which will return error for one call if both
embedded-content and
detached data were provided.
#if 0 --> Removed
/*
* NB: this test commented out because some versions of Netscape
* illegally include zero length content when signing data.
*/
/* Check for data and content: two sets of data */
if (!PKCS7_get_detached(p7) && indata) {
PKCS7err(PKCS7_F_PKCS7_VERIFY, PKCS7_R_CONTENT_AND_DATA_PRESENT);
return 0;
}
#endif
This update will break some existing Authenticode verification solutions which
leveraged the
Pkcs7_verify() interface, such as UEFI secure boot, and other open-source
utilities (e.g. osslsigncode).
The root cause is the Authenticode is one extended PKCS7 format, and its
verification process
is different (the embedded data is one extended structure
(SpcIndirectDataContent), and will
not be used directly for signature verification) . The old comment-out in
PKCS7_verify just helped
to support the Authenticode verification with embedded p7data and user-supplied
inData
(some extra checking will be handled outside).
It's better to introduce one new macro or new PKCS7 flag to re-enable this
capability. E.g.
#if !defined(OPENSSL_ALLOW_PKCS7_CONTENT_AND_DATA_PRESENT)
....
Or
If (!(flags & PKCS7_NO_CHECK_BOTH_DATASET))
...
If two data sets (embedded and detached data) were present, the input data will
be the default
Input for validation (just as the current logic.), so there should be no risk.
Best Regards & Thanks,
LONG, Qin
_______________________________________________
openssl-bugs-mod mailing list
[email protected]
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
