dirmngr: Reject certificate which is not valid into cache.

* dirmngr/certcache.c (put_cert): When PERMANENT, reject the certificate which is obviously invalid. -- With this change, invalid certificates from system won't be registered into cache. Then, an intermediate certificate which is issued by an entity certified by such an invalid certificate will be also rejected with GPG_ERR_INV_CERT_OBJ. With less invalid certificates in cache, it helps the validate_cert_chain function work better. GnuPG-bug-id: 6142 Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2025-01-30 16:17:02 +01:00 · 2022-08-26 09:24:00 +09:00 · 2022-08-26 09:24:00 +09:00 · 0662b9444b
commit 0662b9444b
parent 6df8608c3e
1 changed files with 14 additions and 0 deletions
--- a/dirmngr/certcache.c
+++ b/dirmngr/certcache.c
@ -271,6 +271,20 @@ put_cert (ksba_cert_t cert, int permanent, unsigned int trustclass,
  cert_item_t ci;
  fingerprint_list_t ignored;

+  if (permanent)
+    {                           /* Do a little validation.  */
+      ksba_isotime_t not_after;
+      ksba_isotime_t current_time;
+
+      if (ksba_cert_get_validity (cert, 1, not_after))
+        return gpg_error (GPG_ERR_BAD_CERT);
+
+      gnupg_get_isotime (current_time);
+
+      if (*not_after && strcmp (current_time, not_after) > 0)
+        return gpg_error (GPG_ERR_CERT_EXPIRED);
+    }
+
  fpr = fpr_buffer? fpr_buffer : &help_fpr_buffer;

  /* If we already reached the caching limit, drop a couple of certs