From: job Date: Mon, 13 Mar 2023 19:54:36 +0000 (+0000) Subject: Check that the CMS signing-time is not after the MFT's nextUpdate X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=36b57f808370ab9beae28e0a476df33e4bea1a1b;p=openbsd Check that the CMS signing-time is not after the MFT's nextUpdate Issuing manifests whose validity window is entirely in the past, as observed from the purported CMS signing-time would be a form of backdating. OK tb@ --- diff --git a/usr.sbin/rpki-client/mft.c b/usr.sbin/rpki-client/mft.c index 5f6089641ee..4c87b993912 100644 --- a/usr.sbin/rpki-client/mft.c +++ b/usr.sbin/rpki-client/mft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mft.c,v 1.88 2023/03/13 10:39:03 tb Exp $ */ +/* $OpenBSD: mft.c,v 1.89 2023/03/13 19:54:36 job Exp $ */ /* * Copyright (c) 2022 Theo Buehler * Copyright (c) 2019 Kristaps Dzonsons @@ -414,6 +414,12 @@ mft_parse(X509 **x509, const char *fn, const unsigned char *der, size_t len) if (mft_parse_econtent(cms, cmsz, &p) == 0) goto out; + if (p.res->signtime > p.res->nextupdate) { + warnx("%s: dating issue: CMS signing-time after MFT nextUpdate", + fn); + goto out; + } + rc = 1; out: if (rc == 0) {