diff options
author | Job Snijders <job@cvs.openbsd.org> | 2023-12-11 19:05:21 +0000 |
---|---|---|
committer | Job Snijders <job@cvs.openbsd.org> | 2023-12-11 19:05:21 +0000 |
commit | da217e32652747eba4d0134049efe3c658bedb96 (patch) | |
tree | 4ea80b01cb756068267a0370a771b0bf0cf078ce /usr.sbin/rpki-client | |
parent | 6936375124e602e2f619b9d989663adac575a33b (diff) |
Warn when the same manifestNumber is recycled across multiple issuances of that manifest
OK tb@
Diffstat (limited to 'usr.sbin/rpki-client')
-rw-r--r-- | usr.sbin/rpki-client/extern.h | 3 | ||||
-rw-r--r-- | usr.sbin/rpki-client/parser.c | 11 |
2 files changed, 12 insertions, 2 deletions
diff --git a/usr.sbin/rpki-client/extern.h b/usr.sbin/rpki-client/extern.h index 571b2d849de..9bb95edb208 100644 --- a/usr.sbin/rpki-client/extern.h +++ b/usr.sbin/rpki-client/extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: extern.h,v 1.195 2023/11/24 14:05:47 job Exp $ */ +/* $OpenBSD: extern.h,v 1.196 2023/12/11 19:05:20 job Exp $ */ /* * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> * @@ -210,6 +210,7 @@ struct mft { char *sia; /* SIA signedObject */ char *ski; /* SKI */ char *crl; /* CRL file name */ + unsigned char mfthash[SHA256_DIGEST_LENGTH]; unsigned char crlhash[SHA256_DIGEST_LENGTH]; time_t signtime; /* CMS signing-time attribute */ time_t thisupdate; /* from the eContent */ diff --git a/usr.sbin/rpki-client/parser.c b/usr.sbin/rpki-client/parser.c index 04259848e13..c2fffa98993 100644 --- a/usr.sbin/rpki-client/parser.c +++ b/usr.sbin/rpki-client/parser.c @@ -1,4 +1,4 @@ -/* $OpenBSD: parser.c,v 1.102 2023/12/11 15:50:23 job Exp $ */ +/* $OpenBSD: parser.c,v 1.103 2023/12/11 19:05:20 job Exp $ */ /* * Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org> * Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv> @@ -280,6 +280,10 @@ proc_parser_mft_pre(struct entity *entp, enum location loc, char **file, free(der); return NULL; } + + if (!EVP_Digest(der, len, mft->mfthash, NULL, EVP_sha256(), NULL)) + errx(1, "EVP_Digest failed"); + free(der); *crl = parse_load_crl_from_mft(entp, mft, DIR_TEMP, crlfile); @@ -381,6 +385,11 @@ proc_parser_mft(struct entity *entp, struct mft **mp, char **crlfile, warnx("%s: manifest replay detected (expected >= #%s, got #%s)", file1, mft2->seqnum, mft1->seqnum); + if (r == 0 && memcmp(mft1->mfthash, mft2->mfthash, + SHA256_DIGEST_LENGTH) != 0) + warnx("%s: manifest misissuance, #%s was recycled", + file1, mft1->seqnum); + if (r == 1) { *mp = proc_parser_mft_post(file1, mft1, entp->path, err1, &warned); |