BUG 663313: Treat OCSP signatures with the same algorithm policies as CRL and Certificate signatures.

This effectively disables MD2, MD4, and MD5 for OCSP signatures. r=rrelyea
author: Ryan Sleevi <ryan.sleevi@gmail.com> 2013-08-15 15:03:09 -0700
committer: Ryan Sleevi <ryan.sleevi@gmail.com> 2013-08-15 15:03:09 -0700
commit: 9883e370bb098767ce03b3e9420e6316f9aa92d9 (patch)
tree: 904617c2914c1ee8aa5d0aa523a6355f17202b6e
parent: 47d68a6ce671fe86261cc5690645c0364cdf0fed (diff)
download: nss-hg-9883e370bb098767ce03b3e9420e6316f9aa92d9.tar.gz
1 files changed, 14 insertions, 17 deletions
diff --git a/lib/certhigh/ocsp.c b/lib/certhigh/ocsp.c
index 1814d7285..c78f8ca28 100644
--- a/lib/certhigh/ocsp.c
+++ b/lib/certhigh/ocsp.c
@@ -3805,38 +3805,35 @@ ocsp_VerifyResponseSignature(CERTCertificate *signerCert,
                              SECItem *tbsResponseDataDER,
                              void *pwArg)
 {
-    SECItem rawSignature;
     SECKEYPublicKey *signerKey = NULL;
     SECStatus rv = SECFailure;
+    CERTSignedData signedData;
 
     /*
      * Now get the public key from the signer's certificate; we need
      * it to perform the verification.
      */
     signerKey = CERT_ExtractPublicKey(signerCert);
-    if (signerKey == NULL)
-	return SECFailure;
+    if (signerKey == NULL) {
+        return SECFailure;
+    }
+
     /*
      * We copy the signature data *pointer* and length, so that we can
      * modify the length without damaging the original copy.  This is a
      * simple copy, not a dup, so no destroy/free is necessary.
      */
-    rawSignature = signature->signature;
-    /*
-     * The raw signature is a bit string, but we need to represent its
-     * length in bytes, because that is what the verify function expects.
-     */
-    DER_ConvertBitString(&rawSignature);
-
-    rv = VFY_VerifyDataWithAlgorithmID(tbsResponseDataDER->data,
-                                       tbsResponseDataDER->len,
-                                       signerKey, &rawSignature,
-                                       &signature->signatureAlgorithm,
-                                       NULL, pwArg);
-    if (rv != SECSuccess && PORT_GetError() == SEC_ERROR_BAD_SIGNATURE) {
+    signedData.signature = signature->signature;
+    signedData.signatureAlgorithm = signature->signatureAlgorithm;
+    signedData.data = *tbsResponseDataDER;
+
+    rv = CERT_VerifySignedDataWithPublicKey(&signedData, signerKey, pwArg);
+    if (rv != SECSuccess &&
+        (PORT_GetError() == SEC_ERROR_BAD_SIGNATURE || 
+         PORT_GetError() == SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED)) {
         PORT_SetError(SEC_ERROR_OCSP_BAD_SIGNATURE);
     }
-    
+
     if (signerKey != NULL) {
         SECKEY_DestroyPublicKey(signerKey);
     }
author	Ryan Sleevi <ryan.sleevi@gmail.com>	2013-08-15 15:03:09 -0700
committer	Ryan Sleevi <ryan.sleevi@gmail.com>	2013-08-15 15:03:09 -0700
commit	9883e370bb098767ce03b3e9420e6316f9aa92d9 (patch)
tree	904617c2914c1ee8aa5d0aa523a6355f17202b6e
parent	47d68a6ce671fe86261cc5690645c0364cdf0fed (diff)
download	nss-hg-9883e370bb098767ce03b3e9420e6316f9aa92d9.tar.gz