Commit bfc19297 authored by Rich Salz's avatar Rich Salz Committed by Rich Salz
Browse files

Avoid SHA1 weakness 



In X509_cmp, if cert digest is equal, look at DER of the
signed part.  This is what master and 1.0.2 already do.

Reviewed-by: default avatarDr. Stephen Henson <steve@openssl.org>
parent 978b5d70

crypto/x509/x509_cmp.c

+14 −1
Original line number Diff line number Diff line
@@ -179,11 +179,24 @@ unsigned long X509_subject_name_hash_old(X509 *x) 
 */

int X509_cmp(const X509 *a, const X509 *b)

{

    int rv;



    /* ensure hash is valid */

    X509_check_purpose((X509 *)a, -1, 0);

    X509_check_purpose((X509 *)b, -1, 0);



    return memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);

    rv = memcmp(a->sha1_hash, b->sha1_hash, SHA_DIGEST_LENGTH);

    if (rv)

        return rv;

    /* Check for match against stored encoding too */

    if (!a->cert_info->enc.modified && !b->cert_info->enc.modified) {

        rv = (int)(a->cert_info->enc.len - b->cert_info->enc.len);

        if (rv)

            return rv;

        return memcmp(a->cert_info->enc.enc, b->cert_info->enc.enc,

                      a->cert_info->enc.len);

    }

    return rv;

}

#endif