From 293ab820812b3979161c5f018c2e753bcd3b11a4 Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <David.von.Oheimb@siemens.com>
Date: Mon, 1 Aug 2022 18:54:06 +0200
Subject: [PATCH] CRMF: make create_popo_signature() check that pubkey and pkey
 match

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18930)
---
 crypto/crmf/crmf_lib.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index e28c7fe9beb..aaafda4ba3c 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -31,6 +31,7 @@
 #include "crmf_local.h"
 #include "internal/constant_time.h"
 #include "internal/sizes.h"
+#include "crypto/x509.h"
 
 /* explicit #includes not strictly needed since implied by the above: */
 #include <openssl/crmf.h>
@@ -370,11 +371,16 @@ static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps,
                                  OSSL_LIB_CTX *libctx, const char *propq)
 {
     char name[80] = "";
+    EVP_PKEY *pub;
 
     if (ps == NULL || cr == NULL || pkey == NULL) {
         ERR_raise(ERR_LIB_CRMF, CRMF_R_NULL_ARGUMENT);
         return 0;
     }
+    pub = X509_PUBKEY_get0(cr->certTemplate->publicKey);
+    if (!ossl_x509_check_private_key(pub, pkey))
+        return 0;
+
     if (ps->poposkInput != NULL) {
         /* We do not support cases 1+2 defined in RFC 4211, section 4.1 */
         ERR_raise(ERR_LIB_CRMF, CRMF_R_POPOSKINPUT_NOT_SUPPORTED);
-- 
2.47.2