From 1a6a13bae9a19fb971fb5202301c1611be8a67e8 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 10 Jun 2026 04:26:58 +0000 Subject: [PATCH] x509_verify: fix incorrect purpose check in the non-legacy path If a purpose is configured on the verify context (which it currently never is), this check would only accept certificates for which the purpose check fails. Also, this code is not currently reachable from public API since x509_verify() is only ever called with a legacy xsc set on the verify ctx, so x509_verify_ccert_extensions() takes the path returning 1 earlier. X509_check_purpose() is one of these strange legacy APIs. It returns -1 on error, 0 if the cert fails the purpose check, 1 if it passes it and values between 2 and 5 indicate various legacy garbage meaning that the cert might possibly have been fit for this purpose until around a quarter century ago. While for CA certs the checks in "No we don't care about ..." exclude return values > 1, it is still possible for the S/MIME purpose to return 2 due to a workaround for some buggy NS certs, for example. In short: anything but 1 means unfit for the purpose or at best dubious, so reject such certs. Reported by Frank Denis ok kenjiro --- lib/libcrypto/x509/x509_verify.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/libcrypto/x509/x509_verify.c b/lib/libcrypto/x509/x509_verify.c index 640558b6855..af35cb0007c 100644 --- a/lib/libcrypto/x509/x509_verify.c +++ b/lib/libcrypto/x509/x509_verify.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_verify.c,v 1.76 2026/05/04 13:55:20 tb Exp $ */ +/* $OpenBSD: x509_verify.c,v 1.77 2026/06/10 04:26:58 tb Exp $ */ /* * Copyright (c) 2020-2021 Bob Beck * @@ -909,7 +909,8 @@ x509_verify_cert_extensions(struct x509_verify_ctx *ctx, X509 *cert, int need_ca ctx->error = X509_V_ERR_INVALID_CA; return 0; } - if (ctx->purpose > 0 && X509_check_purpose(cert, ctx->purpose, need_ca)) { + if (ctx->purpose > 0 && + X509_check_purpose(cert, ctx->purpose, need_ca) != 1) { ctx->error = X509_V_ERR_INVALID_PURPOSE; return 0; }