OpenSSL Security Advisory

Benjamin Kaduk bkaduk at akamai.com
Tue Apr 21 19:48:47 UTC 2020


On Tue, Apr 21, 2020 at 12:46:43PM -0700, Sam Roberts wrote:
> The announcement claims that this affects SSL_check_chain().
> 
> Is that an exhaustive list? If an application does NOT call that
> function, does this mean the vulnerability is not exploitable?

That is correct (speaking only in terms of public APIs).

> I ask because the the fixed function tls1_check_sig_alg is called by
> tls1_check_chain, and that is called directly by SSL_check_chain, but
> it is also called by tls1_set_cert_validity, and that is called from
> inside the tls state machine, but with different parameters, so its a
> bit hard to see if it is affected or not.

As you note, the valid call chains are a bit convoluted, but the relevant
codepath is only exercised for TLS 1.3 and SSL_check_chain().

-Ben


More information about the openssl-users mailing list