wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
openssl/crypto/x509
History
Ken Goldman baba154510 Admit unknown pkey types at security level 0 
The check_key_level() function currently fails when the public key
cannot be extracted from the certificate because its algorithm is not
supported.  However, the public key is not needed for the last
certificate in the chain.

This change moves the check for level 0 before the check for a
non-NULL public key.

For background, this is the TPM 1.2 endorsement key certificate.
I.e., this is a real application with millions of certificates issued.
The key is an RSA-2048 key.

The TCG (for a while) specified

     Public Key Algorithm: rsaesOaep

rather than the commonly used

     Public Key Algorithm: rsaEncryption

because the key is an encryption key rather than a signing key.
The X509 certificate parser fails to get the public key.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7906)
2018-12-20 02:55:12 -05:00
..
build.info Add APIs for custom X509_LOOKUP_METHOD creation 2018-05-30 15:45:48 +02:00
by_dir.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
by_file.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
t_crl.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
t_req.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
t_x509.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_att.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_cmp.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_d2.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_def.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_err.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_ext.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_lcl.h Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_lu.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_meth.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_obj.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_r2x.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_req.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_set.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_trs.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_txt.c X509_check_issued: check that signature algo matches signing key algo 2018-12-19 13:33:54 +01:00
x509_v3.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509_vfy.c Admit unknown pkey types at security level 0 2018-12-20 02:55:12 -05:00
x509_vpm.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509cset.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509name.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509rset.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509spki.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x509type.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_all.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_attrib.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_crl.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_exten.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_name.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_pubkey.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_req.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_x509.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00
x_x509a.c Following the license change, modify the boilerplates in crypto/x509/ 2018-12-06 15:30:09 +01:00