Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: AKID and issuer SKID are not checked to match #40679

Closed
PeterNovotney opened this issue Aug 10, 2020 · 5 comments
Closed

crypto/x509: AKID and issuer SKID are not checked to match #40679

PeterNovotney opened this issue Aug 10, 2020 · 5 comments

Comments

@PeterNovotney
Copy link

@PeterNovotney PeterNovotney commented Aug 10, 2020

What version of Go are you using (go version)?

go1.14.6

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

It reproduces on the playground.

What did you do?

https://play.golang.org/p/SBdIYeRXuOB verification succeeds for this certificate chain where the AIK keyid on the leaf certificate does not match the issuer ID.

What did you expect to see?

OpenSSL verify rejects this certificate chain due to the AIK KeyId and Issuer ID mismatch.

This can be verified with: openssl verify -CAfile ca.pem passing.pem
where ca.pem and passing.pem are the same x.509 certs that are in the playground example.

I expected Go x.509 Verify to also fail the chain.

What did you see instead?

Go x.509 Verify succeeds

@FiloSottile FiloSottile changed the title Go crypto/x509.Verify does not check that AIK keyid matches issuer ID, but OpenSSL Verify does crypto/x509: AKID and issuer SKID are not checked to match Aug 11, 2020
@FiloSottile
Copy link
Member

@FiloSottile FiloSottile commented Aug 11, 2020

The spec does not require a match, we can check what the other good verifiers do (Chrome and moz::pkix) and match that.

@andybons andybons added this to the Unplanned milestone Aug 11, 2020
@rolandshoemaker
Copy link
Member

@rolandshoemaker rolandshoemaker commented Aug 16, 2020

Chromium allows mismatches, but during chain building prioritizes potential issuers with matching SKID/AKID above those with mismatches (see https://source.chromium.org/chromium/chromium/src/+/master:net/cert/internal/path_builder.cc;l=113?q=subject_key_identifier&ss=chromium%2Fchromium%2Fsrc&start=11). A similar approach to this is suggested in https://go-review.googlesource.com/c/go/+/232993.

Mozilla::pkix just ignores SKID/AKID matching entirely.

@rolandshoemaker
Copy link
Member

@rolandshoemaker rolandshoemaker commented Sep 29, 2020

With https://go-review.googlesource.com/c/go/+/232993 landed this is now expected behavior and matches what Chromium does.

@networkimprov
Copy link

@networkimprov networkimprov commented Sep 29, 2020

See also #30079

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
5 participants
You can’t perform that action at this time.