openssl3/contribs10/0101-CVE-2022-4203-nc-match.patch

From c927a3492698c254637da836762f9b1f86cffabc Mon Sep 17 00:00:00 2001
From: Viktor Dukhovni <openssl-users@dukhovni.org>
Date: Tue, 13 Dec 2022 08:49:13 +0100
Subject: [PATCH 01/18] Fix type confusion in nc_match_single()

This function assumes that if the "gen" is an OtherName, then the "base"
is a rfc822Name constraint. This assumption is not true in all cases.
If the end-entity certificate contains an OtherName SAN of any type besides
SmtpUtf8Mailbox and the CA certificate contains a name constraint of
OtherName (of any type), then "nc_email_eai" will be invoked, with the
OTHERNAME "base" being incorrectly interpreted as a ASN1_IA5STRING.

Reported by Corey Bonnell from Digicert.

CVE-2022-4203

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
---
 crypto/x509/v3_ncons.c | 45 +++++++++++++++++++++++++++++-------------
 1 file changed, 31 insertions(+), 14 deletions(-)

diff --git a/crypto/x509/v3_ncons.c b/crypto/x509/v3_ncons.c
index 70a7e8304e..5101598512 100644
--- a/crypto/x509/v3_ncons.c
+++ b/crypto/x509/v3_ncons.c
@@ -31,7 +31,8 @@ static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
 static int print_nc_ipadd(BIO *bp, ASN1_OCTET_STRING *ip);
 
 static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc);
-static int nc_match_single(GENERAL_NAME *sub, GENERAL_NAME *gen);
+static int nc_match_single(int effective_type, GENERAL_NAME *sub,
+                           GENERAL_NAME *gen);
 static int nc_dn(const X509_NAME *sub, const X509_NAME *nm);
 static int nc_dns(ASN1_IA5STRING *sub, ASN1_IA5STRING *dns);
 static int nc_email(ASN1_IA5STRING *sub, ASN1_IA5STRING *eml);
@@ -472,14 +473,17 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 {
     GENERAL_SUBTREE *sub;
     int i, r, match = 0;
+    int effective_type = gen->type;
+
     /*
      * We need to compare not gen->type field but an "effective" type because
      * the otherName field may contain EAI email address treated specially
      * according to RFC 8398, section 6
      */
-    int effective_type = ((gen->type == GEN_OTHERNAME) &&
-                          (OBJ_obj2nid(gen->d.otherName->type_id) ==
-                           NID_id_on_SmtpUTF8Mailbox)) ? GEN_EMAIL : gen->type;
+    if (effective_type == GEN_OTHERNAME &&
+        (OBJ_obj2nid(gen->d.otherName->type_id) == NID_id_on_SmtpUTF8Mailbox)) {
+        effective_type = GEN_EMAIL;
+    }
 
     /*
      * Permitted subtrees: if any subtrees exist of matching the type at
@@ -488,7 +492,10 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 
     for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
         sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
-        if (effective_type != sub->base->type)
+        if (effective_type != sub->base->type
+            || (effective_type == GEN_OTHERNAME &&
+                OBJ_cmp(gen->d.otherName->type_id,
+                        sub->base->d.otherName->type_id) != 0))
             continue;
         if (!nc_minmax_valid(sub))
             return X509_V_ERR_SUBTREE_MINMAX;
@@ -497,7 +504,7 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
             continue;
         if (match == 0)
             match = 1;
-        r = nc_match_single(gen, sub->base);
+        r = nc_match_single(effective_type, gen, sub->base);
         if (r == X509_V_OK)
             match = 2;
         else if (r != X509_V_ERR_PERMITTED_VIOLATION)
@@ -511,12 +518,15 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 
     for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
         sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
-        if (effective_type != sub->base->type)
+        if (effective_type != sub->base->type
+            || (effective_type == GEN_OTHERNAME &&
+                OBJ_cmp(gen->d.otherName->type_id,
+                        sub->base->d.otherName->type_id) != 0))
             continue;
         if (!nc_minmax_valid(sub))
             return X509_V_ERR_SUBTREE_MINMAX;
 
-        r = nc_match_single(gen, sub->base);
+        r = nc_match_single(effective_type, gen, sub->base);
         if (r == X509_V_OK)
             return X509_V_ERR_EXCLUDED_VIOLATION;
         else if (r != X509_V_ERR_PERMITTED_VIOLATION)
@@ -528,15 +538,22 @@ static int nc_match(GENERAL_NAME *gen, NAME_CONSTRAINTS *nc)
 
 }
 
-static int nc_match_single(GENERAL_NAME *gen, GENERAL_NAME *base)
+static int nc_match_single(int effective_type, GENERAL_NAME *gen,
+                           GENERAL_NAME *base)
 {
     switch (gen->type) {
     case GEN_OTHERNAME:
-        /*
-         * We are here only when we have SmtpUTF8 name,
-         * so we match the value of othername with base->d.rfc822Name
-         */
-        return nc_email_eai(gen->d.otherName->value, base->d.rfc822Name);
+        switch (effective_type) {
+        case GEN_EMAIL:
+            /*
+             * We are here only when we have SmtpUTF8 name,
+             * so we match the value of othername with base->d.rfc822Name
+             */
+            return nc_email_eai(gen->d.otherName->value, base->d.rfc822Name);
+
+        default:
+            return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
+        }
 
     case GEN_DIRNAME:
         return nc_dn(gen->d.directoryName, base->d.directoryName);
-- 
2.39.1

From fe6842f5a5dc2fb66da7fb24bf4343a3aeedd50a Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Tue, 13 Dec 2022 19:45:09 +0100
Subject: [PATCH 02/18] Add testcase for nc_match_single type confusion

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
---
 test/certs/bad-othername-cert.pem | 20 ++++++++++++++++++++
 test/certs/nccaothername-cert.pem | 20 ++++++++++++++++++++
 test/certs/nccaothername-key.pem  | 28 ++++++++++++++++++++++++++++
 test/certs/setup.sh               | 11 +++++++++++
 test/recipes/25-test_verify.t     |  5 ++++-
 5 files changed, 83 insertions(+), 1 deletion(-)
 create mode 100644 test/certs/bad-othername-cert.pem
 create mode 100644 test/certs/nccaothername-cert.pem
 create mode 100644 test/certs/nccaothername-key.pem

diff --git a/test/certs/bad-othername-cert.pem b/test/certs/bad-othername-cert.pem
new file mode 100644
index 0000000000..cf279de5ea
--- /dev/null
+++ b/test/certs/bad-othername-cert.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDRDCCAiygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAfMR0wGwYDVQQDDBRUZXN0
+IE5DIENBIG90aGVybmFtZTAgFw0yMjEyMTMxODMzMTZaGA8yMTIyMTIxNDE4MzMx
+NlowMTEvMC0GA1UECgwmTkMgZW1haWwgaW4gb3RoZXJuYW1lIFRlc3QgQ2VydGlm
+aWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPgeoakqHk1zYt
+JZpEC0qkJPU/X0lfI+6GY2LHFY9KOSFqqmTXxrUtjQc3SdpQvBZhPuMZ8p82Jid2
+kkRHnWs0uqX9NtLO923yQalYvP6Mt3fokcYgw/C9b+I/q1PKUyN0kPB6McROguD5
+Jz2DcEufJBhbpyay1bFjEI2DAQJKDP/U7uH0EA7kH/27UMk0vfvL5uVjDvlo8i6S
+Ul8+u0cDV5ZFJW2VAJKLU3wp6IY4fZl9UqkHZuRQpMJGqAjAleWOIEpyyvfGGh0b
+75n3GJ+4YZ7CIBEgY7K0nIbKxtcDZPvmtbYg3g1tkPMTHcodFT7yEdqkBTJ5AGL7
+6U850OhjAgMBAAGjdzB1MB0GA1UdDgQWBBTBz0k+q6d4c3aM+s2IyOF/QP6zCTAf
+BgNVHSMEGDAWgBTwhghX7uNdMejZ3f4XorqOQoMqwTAJBgNVHRMEAjAAMCgGA1Ud
+EQQhMB+gHQYIKwYBBQUHCAegEQwPZm9vQGV4YW1wbGUub3JnMA0GCSqGSIb3DQEB
+CwUAA4IBAQAhxbCEVH8pq0aUMaLWaodyXdCqA0AKTFG6Mz9Rpwn89OwC8FylTEru
+t+Bqx/ZuTo8YzON8h9m7DIrQIjZKDLW/g5YbvIsxIVV9gWhAGohdsIyMKRBepSmr
+NxJQkO74RLBTamfl0WUCVM4HqroflFjBBG67CTJaQ9cH9ug3TKxaXCK1L6iQAXtq
+enILGai98Byo0LCFH4MQOhmhV1BDT2boIG/iYb5VKCTSX25vhaF+PNBhUoysjW0O
+vhQX8vrw42QRr4Qi7VfUBXzrbRTzxjOc4yqki7h2DcEdpginqe+aGyaFY+H9m/ka
+1AR5KN8h5SYKltSXknjs0pp1w4k49aHl
+-----END CERTIFICATE-----
diff --git a/test/certs/nccaothername-cert.pem b/test/certs/nccaothername-cert.pem
new file mode 100644
index 0000000000..f9b9b07b80
--- /dev/null
+++ b/test/certs/nccaothername-cert.pem
@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAiagAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
+IENBMCAXDTIyMTIxMzE4MTgwM1oYDzIxMjIxMjE0MTgxODAzWjAfMR0wGwYDVQQD
+DBRUZXN0IE5DIENBIG90aGVybmFtZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAN0Dx+ei8CgtRKnDcYiLwX4vrA48at/o/zfX24X/WZZM1o9HUKo1FQBN
+vhESJu+gqPxuIePrk+/L25XdRqwCKk8wkWX0XIz18q5orOHUUFAWNK3g0FDj6N8H
+d8urNIbDJ44FCx+/0n8Ppiht/EYN3aVOW5enqbgZ+EEt+3AUG6ibieRdGri9g4oh
+IIx60MmVHLbuT/TcVZxaeWyTl6iWmsYosUyqlhTtu1uGtbVtkCAhBYloVvz4J5eA
+mVu/JuJbsNxbxVeO9Q8Kj6nb4jPPdGvZ3JPcabbWrz5LwaereBf5IPrXEVdQTlYB
+gI0pTz2CEDHSIrd7jzRUX/9EC2gMk6UCAwEAAaOBjzCBjDAPBgNVHRMBAf8EBTAD
+AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU8IYIV+7jXTHo2d3+F6K6jkKDKsEw
+HwYDVR0jBBgwFoAUjvUlrx6ba4Q9fICayVOcTXL3o1IwLAYDVR0eBCUwI6EhMB+g
+HQYIKwYBBQUHCAegEQwPZm9vQGV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IB
+AQDPI5uZd8DhSNKMvYF5bxOshd6h6UJ7YzZS7K6fhiygltdqzkHQ/5+4yiuUkDe4
+hOZlH8MCfXQy5jVZDTk24yNchpdfie5Bswn4SmQVQh3QyzOLxizoh0rLCf2PHueu
+dNVNhfiiJNJ5kd8MIuVG7CPK68dP0QrVR+DihROuJgvGB3ClKttLrgle19t4PFRR
+2wW6hJT9aXEjzLNyN1QFZKoShuiGX4xwjZh7VyKkV64p8hjojhcLk6dQkel+Jw4y
+OP26XbVfM8/6KG8f6WAZ8P0qJwHlhmi0EvRTnEpAM8WuenOeZH6ERZ9uZbRGh6xx
+LKQu2Aw2+bOEZ2vUtz0dBhX8
+-----END CERTIFICATE-----
diff --git a/test/certs/nccaothername-key.pem b/test/certs/nccaothername-key.pem
new file mode 100644
index 0000000000..d3e300ac2f
--- /dev/null
+++ b/test/certs/nccaothername-key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDdA8fnovAoLUSp
+w3GIi8F+L6wOPGrf6P8319uF/1mWTNaPR1CqNRUATb4REibvoKj8biHj65Pvy9uV
+3UasAipPMJFl9FyM9fKuaKzh1FBQFjSt4NBQ4+jfB3fLqzSGwyeOBQsfv9J/D6Yo
+bfxGDd2lTluXp6m4GfhBLftwFBuom4nkXRq4vYOKISCMetDJlRy27k/03FWcWnls
+k5eolprGKLFMqpYU7btbhrW1bZAgIQWJaFb8+CeXgJlbvybiW7DcW8VXjvUPCo+p
+2+Izz3Rr2dyT3Gm21q8+S8Gnq3gX+SD61xFXUE5WAYCNKU89ghAx0iK3e480VF//
+RAtoDJOlAgMBAAECggEAMFSJlCyEFlER3Qq9asXe9eRgXEuXdmfZ2aEVIuf8M/sR
+B0tpxxKtCUA24j5FL+0CzxKZTCFBnDRIzCyTbf1aOa9t+CzXyUZmP3/p4EdgmabF
+dcl93FZ+X7kfF/VUGu0Vmv+c12BH3Fu0cs5cVohlMecg7diu6zCYok43F+L5ymRy
+2mTcKkGc0ShWizj8Z9R3WJGssZOlxbxa/Zr4rZwRC24UVhfN8AfGWYx/StyQPQIw
+gtbbtOmwbyredQmY4jwNqgrnfZS9bkWwJbRuCmD5l7lxubBgcHQpoM+DQVeOLZIq
+uksFXeNfal9G5Bo747MMzpD7dJMCGmX+gbMY5oZF+QKBgQDs2MbY4nbxi+fV+KuV
+zUvis8m8Lpzf3T6NLkgSkUPRN9tGr95iLIrB/bRPJg5Ne02q/cT7d86B9rpE42w7
+eeIF9fANezX2AF8LUqNZhIR23J3tfB/eqGlJRZeMNia+lD09a7SWGwrS7sufY1I+
+JQGcHx77ntt+eQT1MUJ1skF06QKBgQDu4z+TW4QIA5ItxIReVdcfh5e3xLkzDEVP
+3KNo9tpXxvPwqapdeBh6c9z4Lqe3MKr5UPlDvVW+o40t6OjKxDCXczB8+JAM0OyX
+8V+K3zXXUxRgieSd3oMncTylSWIvouPP3aW37B67TKdRlRHgaBrpJT2wdk3kYR4t
+62J1eDdjXQKBgQDMsY0pZI/nskJrar7geM1c4IU5Xg+2aj/lRFqFsYYrC1s3fEd2
+EYjan6l1vi4eSLKXVTspGiIfsFzLrMGdpXjyLduJyzKXqTp7TrBebWkOUR0sYloo
+1OQprzuKskJJ81P6AVvRXw27vyW8Wtp5WwJJK5xbWq/YXj8qqagGkEiCAQKBgQCc
+RK3XAFurPmLGa7JHX5Hc/z8BKMAZo6JHrsZ6qFiGaRA0U1it0hz5JYfcFfECheSi
+ORUF+fn4PlbhPGXkFljPCbwjVBovOBA9CNl+J6u50pAW4r1ZhDB5gbqxSQLgtIaf
++JcqbFxiG6+sT36lNJS+BO2I3KrxhZJPaZY7z8szxQKBgQDRy70XzwOk8jXayiF2
+ej2IN7Ow9cgSE4tLEwR/vCjxvOlWhA3jC3wxoggshGJkpbP3DqLkQtwQm0h1lM8J
+QNtFwKzjtpf//bTlfFq08/YxWimTPMqzcV2PgRacB8P3yf1r8T7M4fA5TORCDWpW
+5FtOCFEmwQHTR8lu4c63qfxkEQ==
+-----END PRIVATE KEY-----
diff --git a/test/certs/setup.sh b/test/certs/setup.sh
index b9766aab20..2240cd9df0 100755
--- a/test/certs/setup.sh
+++ b/test/certs/setup.sh
@@ -388,6 +388,17 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \
     "email.1 = good@good.org" "email.2 = any@good.com" \
     "IP = 127.0.0.1" "IP = 192.168.0.1"
 
+# Certs for CVE-2022-4203 testcase
+
+NC="excluded;otherName:SRVName;UTF8STRING:foo@example.org" ./mkcert.sh genca \
+    "Test NC CA othername" nccaothername-key nccaothername-cert \
+    root-key root-cert
+
+./mkcert.sh req alt-email-key "O = NC email in othername Test Certificate" | \
+    ./mkcert.sh geneealt bad-othername-key bad-othername-cert \
+    nccaothername-key nccaothername-cert \
+    "otherName.1 = SRVName;UTF8STRING:foo@example.org"
+
 # RSA-PSS signatures
 # SHA1
 ./mkcert.sh genee PSS-SHA1 ee-key ee-pss-sha1-cert ca-key ca-cert \
diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
index 4613489f57..e6a2bca731 100644
--- a/test/recipes/25-test_verify.t
+++ b/test/recipes/25-test_verify.t
@@ -29,7 +29,7 @@ sub verify {
     run(app([@args]));
 }
 
-plan tests => 162;
+plan tests => 163;
 
 # Canonical success
 ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
@@ -402,6 +402,9 @@ ok(!verify("badalt9-cert", "", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ),
 ok(!verify("badalt10-cert", "", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ),
    "Name constraints nested DNS name excluded");
 
+ok(!verify("bad-othername-cert", "", ["root-cert"], ["nccaothername-cert"], ),
+   "CVE-2022-4203 type confusion test");
+
 #Check that we get the expected failure return code
 with({ exit_checker => sub { return shift == 2; } },
      sub {
-- 
2.39.1

1	From c927a3492698c254637da836762f9b1f86cffabc Mon Sep 17 00:00:00 2001
2	From: Viktor Dukhovni <openssl-users@dukhovni.org>
3	Date: Tue, 13 Dec 2022 08:49:13 +0100
4	Subject: [PATCH 01/18] Fix type confusion in nc_match_single()
5
6	This function assumes that if the "gen" is an OtherName, then the "base"
7	is a rfc822Name constraint. This assumption is not true in all cases.
8	If the end-entity certificate contains an OtherName SAN of any type besides
9	SmtpUtf8Mailbox and the CA certificate contains a name constraint of
10	OtherName (of any type), then "nc_email_eai" will be invoked, with the
11	OTHERNAME "base" being incorrectly interpreted as a ASN1_IA5STRING.
12
13	Reported by Corey Bonnell from Digicert.
14
15	CVE-2022-4203
16
17	Reviewed-by: Paul Dale <pauli@openssl.org>
18	Reviewed-by: Hugo Landau <hlandau@openssl.org>
19	Reviewed-by: Tomas Mraz <tomas@openssl.org>
20	---
21	crypto/x509/v3_ncons.c \| 45 +++++++++++++++++++++++++++++-------------
22	1 file changed, 31 insertions(+), 14 deletions(-)
23
24	diff --git a/crypto/x509/v3_ncons.c b/crypto/x509/v3_ncons.c
25	index 70a7e8304e..5101598512 100644
26	--- a/crypto/x509/v3_ncons.c
27	+++ b/crypto/x509/v3_ncons.c
28	@@ -31,7 +31,8 @@ static int do_i2r_name_constraints(const X509V3_EXT_METHOD *method,
29	static int print_nc_ipadd(BIO bp, ASN1_OCTET_STRING ip);
30
31	static int nc_match(GENERAL_NAME gen, NAME_CONSTRAINTS nc);
32	-static int nc_match_single(GENERAL_NAME sub, GENERAL_NAME gen);
33	+static int nc_match_single(int effective_type, GENERAL_NAME *sub,
34	+ GENERAL_NAME *gen);
35	static int nc_dn(const X509_NAME sub, const X509_NAME nm);
36	static int nc_dns(ASN1_IA5STRING sub, ASN1_IA5STRING dns);
37	static int nc_email(ASN1_IA5STRING sub, ASN1_IA5STRING eml);
38	@@ -472,14 +473,17 @@ static int nc_match(GENERAL_NAME gen, NAME_CONSTRAINTS nc)
39	{
40	GENERAL_SUBTREE *sub;
41	int i, r, match = 0;
42	+ int effective_type = gen->type;
43	+
44	/*
45	* We need to compare not gen->type field but an "effective" type because
46	* the otherName field may contain EAI email address treated specially
47	* according to RFC 8398, section 6
48	*/
49	- int effective_type = ((gen->type == GEN_OTHERNAME) &&
50	- (OBJ_obj2nid(gen->d.otherName->type_id) ==
51	- NID_id_on_SmtpUTF8Mailbox)) ? GEN_EMAIL : gen->type;
52	+ if (effective_type == GEN_OTHERNAME &&
53	+ (OBJ_obj2nid(gen->d.otherName->type_id) == NID_id_on_SmtpUTF8Mailbox)) {
54	+ effective_type = GEN_EMAIL;
55	+ }
56
57	/*
58	* Permitted subtrees: if any subtrees exist of matching the type at
59	@@ -488,7 +492,10 @@ static int nc_match(GENERAL_NAME gen, NAME_CONSTRAINTS nc)
60
61	for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->permittedSubtrees); i++) {
62	sub = sk_GENERAL_SUBTREE_value(nc->permittedSubtrees, i);
63	- if (effective_type != sub->base->type)
64	+ if (effective_type != sub->base->type
65	+ \|\| (effective_type == GEN_OTHERNAME &&
66	+ OBJ_cmp(gen->d.otherName->type_id,
67	+ sub->base->d.otherName->type_id) != 0))
68	continue;
69	if (!nc_minmax_valid(sub))
70	return X509_V_ERR_SUBTREE_MINMAX;
71	@@ -497,7 +504,7 @@ static int nc_match(GENERAL_NAME gen, NAME_CONSTRAINTS nc)
72	continue;
73	if (match == 0)
74	match = 1;
75	- r = nc_match_single(gen, sub->base);
76	+ r = nc_match_single(effective_type, gen, sub->base);
77	if (r == X509_V_OK)
78	match = 2;
79	else if (r != X509_V_ERR_PERMITTED_VIOLATION)
80	@@ -511,12 +518,15 @@ static int nc_match(GENERAL_NAME gen, NAME_CONSTRAINTS nc)
81
82	for (i = 0; i < sk_GENERAL_SUBTREE_num(nc->excludedSubtrees); i++) {
83	sub = sk_GENERAL_SUBTREE_value(nc->excludedSubtrees, i);
84	- if (effective_type != sub->base->type)
85	+ if (effective_type != sub->base->type
86	+ \|\| (effective_type == GEN_OTHERNAME &&
87	+ OBJ_cmp(gen->d.otherName->type_id,
88	+ sub->base->d.otherName->type_id) != 0))
89	continue;
90	if (!nc_minmax_valid(sub))
91	return X509_V_ERR_SUBTREE_MINMAX;
92
93	- r = nc_match_single(gen, sub->base);
94	+ r = nc_match_single(effective_type, gen, sub->base);
95	if (r == X509_V_OK)
96	return X509_V_ERR_EXCLUDED_VIOLATION;
97	else if (r != X509_V_ERR_PERMITTED_VIOLATION)
98	@@ -528,15 +538,22 @@ static int nc_match(GENERAL_NAME gen, NAME_CONSTRAINTS nc)
99
100	}
101
102	-static int nc_match_single(GENERAL_NAME gen, GENERAL_NAME base)
103	+static int nc_match_single(int effective_type, GENERAL_NAME *gen,
104	+ GENERAL_NAME *base)
105	{
106	switch (gen->type) {
107	case GEN_OTHERNAME:
108	- /*
109	- * We are here only when we have SmtpUTF8 name,
110	- * so we match the value of othername with base->d.rfc822Name
111	- */
112	- return nc_email_eai(gen->d.otherName->value, base->d.rfc822Name);
113	+ switch (effective_type) {
114	+ case GEN_EMAIL:
115	+ /*
116	+ * We are here only when we have SmtpUTF8 name,
117	+ * so we match the value of othername with base->d.rfc822Name
118	+ */
119	+ return nc_email_eai(gen->d.otherName->value, base->d.rfc822Name);
120	+
121	+ default:
122	+ return X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE;
123	+ }
124
125	case GEN_DIRNAME:
126	return nc_dn(gen->d.directoryName, base->d.directoryName);
127	--
128	2.39.1
129
130	From fe6842f5a5dc2fb66da7fb24bf4343a3aeedd50a Mon Sep 17 00:00:00 2001
131	From: Tomas Mraz <tomas@openssl.org>
132	Date: Tue, 13 Dec 2022 19:45:09 +0100
133	Subject: [PATCH 02/18] Add testcase for nc_match_single type confusion
134
135	Reviewed-by: Paul Dale <pauli@openssl.org>
136	Reviewed-by: Hugo Landau <hlandau@openssl.org>
137	---
138	test/certs/bad-othername-cert.pem \| 20 ++++++++++++++++++++
139	test/certs/nccaothername-cert.pem \| 20 ++++++++++++++++++++
140	test/certs/nccaothername-key.pem \| 28 ++++++++++++++++++++++++++++
141	test/certs/setup.sh \| 11 +++++++++++
142	test/recipes/25-test_verify.t \| 5 ++++-
143	5 files changed, 83 insertions(+), 1 deletion(-)
144	create mode 100644 test/certs/bad-othername-cert.pem
145	create mode 100644 test/certs/nccaothername-cert.pem
146	create mode 100644 test/certs/nccaothername-key.pem
147
148	diff --git a/test/certs/bad-othername-cert.pem b/test/certs/bad-othername-cert.pem
149	new file mode 100644
150	index 0000000000..cf279de5ea
151	--- /dev/null
152	+++ b/test/certs/bad-othername-cert.pem
153	@@ -0,0 +1,20 @@
154	+-----BEGIN CERTIFICATE-----
155	+MIIDRDCCAiygAwIBAgIBAjANBgkqhkiG9w0BAQsFADAfMR0wGwYDVQQDDBRUZXN0
156	+IE5DIENBIG90aGVybmFtZTAgFw0yMjEyMTMxODMzMTZaGA8yMTIyMTIxNDE4MzMx
157	+NlowMTEvMC0GA1UECgwmTkMgZW1haWwgaW4gb3RoZXJuYW1lIFRlc3QgQ2VydGlm
158	+aWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPgeoakqHk1zYt
159	+JZpEC0qkJPU/X0lfI+6GY2LHFY9KOSFqqmTXxrUtjQc3SdpQvBZhPuMZ8p82Jid2
160	+kkRHnWs0uqX9NtLO923yQalYvP6Mt3fokcYgw/C9b+I/q1PKUyN0kPB6McROguD5
161	+Jz2DcEufJBhbpyay1bFjEI2DAQJKDP/U7uH0EA7kH/27UMk0vfvL5uVjDvlo8i6S
162	+Ul8+u0cDV5ZFJW2VAJKLU3wp6IY4fZl9UqkHZuRQpMJGqAjAleWOIEpyyvfGGh0b
163	+75n3GJ+4YZ7CIBEgY7K0nIbKxtcDZPvmtbYg3g1tkPMTHcodFT7yEdqkBTJ5AGL7
164	+6U850OhjAgMBAAGjdzB1MB0GA1UdDgQWBBTBz0k+q6d4c3aM+s2IyOF/QP6zCTAf
165	+BgNVHSMEGDAWgBTwhghX7uNdMejZ3f4XorqOQoMqwTAJBgNVHRMEAjAAMCgGA1Ud
166	+EQQhMB+gHQYIKwYBBQUHCAegEQwPZm9vQGV4YW1wbGUub3JnMA0GCSqGSIb3DQEB
167	+CwUAA4IBAQAhxbCEVH8pq0aUMaLWaodyXdCqA0AKTFG6Mz9Rpwn89OwC8FylTEru
168	+t+Bqx/ZuTo8YzON8h9m7DIrQIjZKDLW/g5YbvIsxIVV9gWhAGohdsIyMKRBepSmr
169	+NxJQkO74RLBTamfl0WUCVM4HqroflFjBBG67CTJaQ9cH9ug3TKxaXCK1L6iQAXtq
170	+enILGai98Byo0LCFH4MQOhmhV1BDT2boIG/iYb5VKCTSX25vhaF+PNBhUoysjW0O
171	+vhQX8vrw42QRr4Qi7VfUBXzrbRTzxjOc4yqki7h2DcEdpginqe+aGyaFY+H9m/ka
172	+1AR5KN8h5SYKltSXknjs0pp1w4k49aHl
173	+-----END CERTIFICATE-----
174	diff --git a/test/certs/nccaothername-cert.pem b/test/certs/nccaothername-cert.pem
175	new file mode 100644
176	index 0000000000..f9b9b07b80
177	--- /dev/null
178	+++ b/test/certs/nccaothername-cert.pem
179	@@ -0,0 +1,20 @@
180	+-----BEGIN CERTIFICATE-----
181	+MIIDPjCCAiagAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
182	+IENBMCAXDTIyMTIxMzE4MTgwM1oYDzIxMjIxMjE0MTgxODAzWjAfMR0wGwYDVQQD
183	+DBRUZXN0IE5DIENBIG90aGVybmFtZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
184	+AQoCggEBAN0Dx+ei8CgtRKnDcYiLwX4vrA48at/o/zfX24X/WZZM1o9HUKo1FQBN
185	+vhESJu+gqPxuIePrk+/L25XdRqwCKk8wkWX0XIz18q5orOHUUFAWNK3g0FDj6N8H
186	+d8urNIbDJ44FCx+/0n8Ppiht/EYN3aVOW5enqbgZ+EEt+3AUG6ibieRdGri9g4oh
187	+IIx60MmVHLbuT/TcVZxaeWyTl6iWmsYosUyqlhTtu1uGtbVtkCAhBYloVvz4J5eA
188	+mVu/JuJbsNxbxVeO9Q8Kj6nb4jPPdGvZ3JPcabbWrz5LwaereBf5IPrXEVdQTlYB
189	+gI0pTz2CEDHSIrd7jzRUX/9EC2gMk6UCAwEAAaOBjzCBjDAPBgNVHRMBAf8EBTAD
190	+AQH/MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU8IYIV+7jXTHo2d3+F6K6jkKDKsEw
191	+HwYDVR0jBBgwFoAUjvUlrx6ba4Q9fICayVOcTXL3o1IwLAYDVR0eBCUwI6EhMB+g
192	+HQYIKwYBBQUHCAegEQwPZm9vQGV4YW1wbGUub3JnMA0GCSqGSIb3DQEBCwUAA4IB
193	+AQDPI5uZd8DhSNKMvYF5bxOshd6h6UJ7YzZS7K6fhiygltdqzkHQ/5+4yiuUkDe4
194	+hOZlH8MCfXQy5jVZDTk24yNchpdfie5Bswn4SmQVQh3QyzOLxizoh0rLCf2PHueu
195	+dNVNhfiiJNJ5kd8MIuVG7CPK68dP0QrVR+DihROuJgvGB3ClKttLrgle19t4PFRR
196	+2wW6hJT9aXEjzLNyN1QFZKoShuiGX4xwjZh7VyKkV64p8hjojhcLk6dQkel+Jw4y
197	+OP26XbVfM8/6KG8f6WAZ8P0qJwHlhmi0EvRTnEpAM8WuenOeZH6ERZ9uZbRGh6xx
198	+LKQu2Aw2+bOEZ2vUtz0dBhX8
199	+-----END CERTIFICATE-----
200	diff --git a/test/certs/nccaothername-key.pem b/test/certs/nccaothername-key.pem
201	new file mode 100644
202	index 0000000000..d3e300ac2f
203	--- /dev/null
204	+++ b/test/certs/nccaothername-key.pem
205	@@ -0,0 +1,28 @@
206	+-----BEGIN PRIVATE KEY-----
207	+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDdA8fnovAoLUSp
208	+w3GIi8F+L6wOPGrf6P8319uF/1mWTNaPR1CqNRUATb4REibvoKj8biHj65Pvy9uV
209	+3UasAipPMJFl9FyM9fKuaKzh1FBQFjSt4NBQ4+jfB3fLqzSGwyeOBQsfv9J/D6Yo
210	+bfxGDd2lTluXp6m4GfhBLftwFBuom4nkXRq4vYOKISCMetDJlRy27k/03FWcWnls
211	+k5eolprGKLFMqpYU7btbhrW1bZAgIQWJaFb8+CeXgJlbvybiW7DcW8VXjvUPCo+p
212	+2+Izz3Rr2dyT3Gm21q8+S8Gnq3gX+SD61xFXUE5WAYCNKU89ghAx0iK3e480VF//
213	+RAtoDJOlAgMBAAECggEAMFSJlCyEFlER3Qq9asXe9eRgXEuXdmfZ2aEVIuf8M/sR
214	+B0tpxxKtCUA24j5FL+0CzxKZTCFBnDRIzCyTbf1aOa9t+CzXyUZmP3/p4EdgmabF
215	+dcl93FZ+X7kfF/VUGu0Vmv+c12BH3Fu0cs5cVohlMecg7diu6zCYok43F+L5ymRy
216	+2mTcKkGc0ShWizj8Z9R3WJGssZOlxbxa/Zr4rZwRC24UVhfN8AfGWYx/StyQPQIw
217	+gtbbtOmwbyredQmY4jwNqgrnfZS9bkWwJbRuCmD5l7lxubBgcHQpoM+DQVeOLZIq
218	+uksFXeNfal9G5Bo747MMzpD7dJMCGmX+gbMY5oZF+QKBgQDs2MbY4nbxi+fV+KuV
219	+zUvis8m8Lpzf3T6NLkgSkUPRN9tGr95iLIrB/bRPJg5Ne02q/cT7d86B9rpE42w7
220	+eeIF9fANezX2AF8LUqNZhIR23J3tfB/eqGlJRZeMNia+lD09a7SWGwrS7sufY1I+
221	+JQGcHx77ntt+eQT1MUJ1skF06QKBgQDu4z+TW4QIA5ItxIReVdcfh5e3xLkzDEVP
222	+3KNo9tpXxvPwqapdeBh6c9z4Lqe3MKr5UPlDvVW+o40t6OjKxDCXczB8+JAM0OyX
223	+8V+K3zXXUxRgieSd3oMncTylSWIvouPP3aW37B67TKdRlRHgaBrpJT2wdk3kYR4t
224	+62J1eDdjXQKBgQDMsY0pZI/nskJrar7geM1c4IU5Xg+2aj/lRFqFsYYrC1s3fEd2
225	+EYjan6l1vi4eSLKXVTspGiIfsFzLrMGdpXjyLduJyzKXqTp7TrBebWkOUR0sYloo
226	+1OQprzuKskJJ81P6AVvRXw27vyW8Wtp5WwJJK5xbWq/YXj8qqagGkEiCAQKBgQCc
227	+RK3XAFurPmLGa7JHX5Hc/z8BKMAZo6JHrsZ6qFiGaRA0U1it0hz5JYfcFfECheSi
228	+ORUF+fn4PlbhPGXkFljPCbwjVBovOBA9CNl+J6u50pAW4r1ZhDB5gbqxSQLgtIaf
229	++JcqbFxiG6+sT36lNJS+BO2I3KrxhZJPaZY7z8szxQKBgQDRy70XzwOk8jXayiF2
230	+ej2IN7Ow9cgSE4tLEwR/vCjxvOlWhA3jC3wxoggshGJkpbP3DqLkQtwQm0h1lM8J
231	+QNtFwKzjtpf//bTlfFq08/YxWimTPMqzcV2PgRacB8P3yf1r8T7M4fA5TORCDWpW
232	+5FtOCFEmwQHTR8lu4c63qfxkEQ==
233	+-----END PRIVATE KEY-----
234	diff --git a/test/certs/setup.sh b/test/certs/setup.sh
235	index b9766aab20..2240cd9df0 100755
236	--- a/test/certs/setup.sh
237	+++ b/test/certs/setup.sh
238	@@ -388,6 +388,17 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \
239	"email.1 = good@good.org" "email.2 = any@good.com" \
240	"IP = 127.0.0.1" "IP = 192.168.0.1"
241
242	+# Certs for CVE-2022-4203 testcase
243	+
244	+NC="excluded;otherName:SRVName;UTF8STRING:foo@example.org" ./mkcert.sh genca \
245	+ "Test NC CA othername" nccaothername-key nccaothername-cert \
246	+ root-key root-cert
247	+
248	+./mkcert.sh req alt-email-key "O = NC email in othername Test Certificate" \| \
249	+ ./mkcert.sh geneealt bad-othername-key bad-othername-cert \
250	+ nccaothername-key nccaothername-cert \
251	+ "otherName.1 = SRVName;UTF8STRING:foo@example.org"
252	+
253	# RSA-PSS signatures
254	# SHA1
255	./mkcert.sh genee PSS-SHA1 ee-key ee-pss-sha1-cert ca-key ca-cert \
256	diff --git a/test/recipes/25-test_verify.t b/test/recipes/25-test_verify.t
257	index 4613489f57..e6a2bca731 100644
258	--- a/test/recipes/25-test_verify.t
259	+++ b/test/recipes/25-test_verify.t
260	@@ -29,7 +29,7 @@ sub verify {
261	run(app([@args]));
262	}
263
264	-plan tests => 162;
265	+plan tests => 163;
266
267	# Canonical success
268	ok(verify("ee-cert", "sslserver", ["root-cert"], ["ca-cert"]),
269	@@ -402,6 +402,9 @@ ok(!verify("badalt9-cert", "", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ),
270	ok(!verify("badalt10-cert", "", ["root-cert"], ["ncca1-cert", "ncca3-cert"], ),
271	"Name constraints nested DNS name excluded");
272
273	+ok(!verify("bad-othername-cert", "", ["root-cert"], ["nccaothername-cert"], ),
274	+ "CVE-2022-4203 type confusion test");
275	+
276	#Check that we get the expected failure return code
277	with({ exit_checker => sub { return shift == 2; } },
278	sub {
279	--
280	2.39.1
281