]> Cypherpunks.ru repositories - gostls13.git/commitdiff
projects / gostls13.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6f45b39)
crypto/x509: bypass signature verification in CreateCertificate when using MD5WithRSA
authorRoland Shoemaker <rolandshoemaker@gmail.com>
Tue, 20 Oct 2020 20:50:52 +0000 (13:50 -0700)
committerRoland Shoemaker <roland@golang.org>
Wed, 21 Oct 2020 17:13:25 +0000 (17:13 +0000)
Bypasses the signature verification check we previously added if the
signature algorithm is MD5WithRSA, as we only support this algorithm
for signing and not verification.

Change-Id: Idba6dbba8b365d6199d467526746b88a5f734af1
Reviewed-on: https://go-review.googlesource.com/c/go/+/264019
Run-TryBot: Roland Shoemaker <roland@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Trust: Roland Shoemaker <roland@golang.org>

src/crypto/x509/x509.go patch | blob | history
src/crypto/x509/x509_test.go patch | blob | history

diff --git a/src/crypto/x509/x509.go b/src/crypto/x509/x509.go
index bcef54ddb4fe7f769ad5433161a5d507830a7b5b..b421d759732182d16903599acab13bd836705c3f 100644 (file)
--- a/src/crypto/x509/x509.go
+++ b/src/crypto/x509/x509.go
@@ -2156,8 +2156,12 @@ func CreateCertificate(rand io.Reader, template, parent *Certificate, pub, priv
        }
 
        // Check the signature to ensure the crypto.Signer behaved correctly.
-       if err := checkSignature(getSignatureAlgorithmFromAI(signatureAlgorithm), c.Raw, signature, key.Public()); err != nil {
-               return nil, fmt.Errorf("x509: signature over certificate returned by signer is invalid: %w", err)
+       // We skip this check if the signature algorithm is MD5WithRSA as we
+       // only support this algorithm for signing, and not verification.
+       if sigAlg := getSignatureAlgorithmFromAI(signatureAlgorithm); sigAlg != MD5WithRSA {
+               if err := checkSignature(sigAlg, c.Raw, signature, key.Public()); err != nil {
+                       return nil, fmt.Errorf("x509: signature over certificate returned by signer is invalid: %w", err)
+               }
        }
 
        return signedCert, nil
diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index 5a39e61b3c2898bb2d5bdd7eed224d4d3bbbae08..47d78cf02afa5561dd740edcc6a1ab3b4e3294cc 100644 (file)
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -2896,3 +2896,19 @@ func TestCreateCertificateBrokenSigner(t *testing.T) {
                t.Fatalf("CreateCertificate returned an unexpected error: got %q, want %q", err, expectedErr)
        }
 }
+
+func TestCreateCertificateMD5(t *testing.T) {
+       template := &Certificate{
+               SerialNumber:       big.NewInt(10),
+               DNSNames:           []string{"example.com"},
+               SignatureAlgorithm: MD5WithRSA,
+       }
+       k, err := rsa.GenerateKey(rand.Reader, 1024)
+       if err != nil {
+               t.Fatalf("failed to generate test key: %s", err)
+       }
+       _, err = CreateCertificate(rand.Reader, template, template, k.Public(), &brokenSigner{k.Public()})
+       if err != nil {
+               t.Fatalf("CreateCertificate failed when SignatureAlgorithm = MD5WithRSA: %s", err)
+       }
+}
Go GOST TLS 1.3