Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rebase verify_cert: check name constraints after sig. validation #280

Merged
merged 3 commits into from
Sep 30, 2023
Merged

Rebase verify_cert: check name constraints after sig. validation #280

merged 3 commits into from
Sep 30, 2023

Conversation

briansmith
Copy link
Owner

@briansmith briansmith commented Sep 30, 2023
edited
Loading

Rebase #278 on top of main after #277 was merged.

@briansmith briansmith self-assigned this Sep 30, 2023
@briansmith briansmith mentioned this pull request Sep 30, 2023
Closed
@briansmith
Copy link
Owner Author

@cpu See the last commit about the semver breakage in rcgen.

@codecov
Copy link

codecov bot commented Sep 30, 2023
edited
Loading

Codecov Report

Merging #280 (ed2ac06) into main (4a71d47) will increase coverage by 0.55%.
Report is 3 commits behind head on main.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main     #280      +/-   ##
==========================================
+ Coverage   50.62%   51.18%   +0.55%     
==========================================
  Files          18       18              
  Lines        3751     3806      +55     
==========================================
+ Hits         1899     1948      +49     
- Misses       1852     1858       +6
Files Coverage Δ
src/signed_data.rs 100.00% <ø> (ø)
src/verify_cert.rs 94.90% <100.00%> (+0.82%) ⬆️

... and 2 files with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@briansmith briansmith force-pushed the backport-name-constraints-post-sigs branch from ac5c13b to a7a0d41 Compare September 30, 2023 02:41
@cpu @briansmith
verify_cert: check name constraints after sig. validation
ed2ac06 
Prior to this commit parsing and processing certificate name constraints
was done before validating a chain of signatures to a known trust
anchor. This increases the attack surface of these features, allowing an
adversary to force webpki to process name constraints on a crafted
certificate without needing to have that certificate issued by a trusted
entity.

This commit moves the parsing and processing of name constraints to
after building and verifying the chain of signatures to reduce the
potential for mischief.
@briansmith briansmith force-pushed the backport-name-constraints-post-sigs branch from a7a0d41 to ed2ac06 Compare September 30, 2023 02:53
@briansmith briansmith merged commit 519bcb6 into main Sep 30, 2023
212 checks passed
@briansmith briansmith deleted the backport-name-constraints-post-sigs branch September 30, 2023 03:21
@cpu
Copy link
Contributor

cpu commented Sep 30, 2023

@cpu See the last commit about the semver breakage in rcgen.

Thanks, I fixed that upstream but it's pending release.

@cpu cpu mentioned this pull request Oct 2, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@briansmith briansmith

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@briansmith @cpu