-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix various issues in x509_vfy.c and v3_purp.c related to #1418 and the respective documentation #10587
Conversation
ba0d852
to
34f5f35
Compare
The similarity to #7943 is remarkable 😃 |
63988a6
to
e41dd9e
Compare
@bernd-edlinger, indeed the improvement to BTW, I'm not convinced of the other half of PR #7943 (the change you proposed on |
This PR should obsolete #7918. |
Would you please amend the commit message so it is more descriptive? Also it would make sense to squash at this point and/or split the patches if there are multiple unrelated issues fixed. |
@t8m, yep, I'll do a cleanup pass, squashing commits and putting more text in the commit(s) that remain after (at least partly) squashing. Hope you saw that there are already descriptions at issue discussion level, in particular #1418 (comment). I'll also try to separate concerns, which I fear is only partially possible, so likely the new commits each representing a specific (sub-)issue will need to be hierarchical, i.e., not split-able into independent PRs. Cherry-picking to 1.1.1 l presume should be no problem, but likely best done after this PR has been reviewed and is stable/approved. BTW, @bernd-edlinger, your change request is already fulfilled. |
Maybe it's useful to have some self-issued certs that are not self-signed? And one that has a keyUsage without the keyCertSig. And maybe some other variants. |
I don't understand the logic behind |
Only with partial_chain. Otherwise, self-issued certs are not trust-anchors. Trust-anchors need to be self-signed. |
The logic allows intermediate certificates to be added to the trust store, without them being trusted, they just represent better versions of the issuer for chain construction. Windows has an "intermediate certificate store" for this, but OpenSSL does not. We could in principle require all trust-anchors to be stored as "TRUSTED CERTIFICATE" objects with suitable auxiliary trust EKUs, but that's hard to do without major compatibility breakage. |
CAs should generally have keyCertSig, whether they're self-issued, cross (intermediate) or self-signed. |
We already have an example of such an interesting cert among the test certs: You may have noticed that in this PR I've extended the so far single test case for it in
by four further ones:
where in the last one provides a concrete example of the usefulness of
|
Thanks to all how have taken part so far in discussing this PR! I've just finished all action items (including two change requests) that came up this way:
Moreover, I've
|
313035f
to
c85c05e
Compare
a89aa3c
to
7862695
Compare
7862695
to
ab88738
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks OK to me now.
However, my review is for master only. There should be a separate PR for 1.1.1 (if desired), and ideally much smaller. This PR looks much too expansive for a stable release. If there's a minimal change that's compelling for 1.1.1, I'll consider that. |
Thanks a lot @vdukhovni!
I agree. I will come up with a somewhat minimal backport. |
…d certs etc. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
This prepares some corrections and improves readability (coding style). Among others, it adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
by adding CA basic constraints, CA key usage, and key IDs to the cert and by add -partial_chain to the verify call that trusts this cert Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
…ssed X25519 certs Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
candidate issuer cert cannot be the same as the subject cert 'x' Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
…k_issued() Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix Fixes #1418 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
… X509_verify.pod Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
…a1 == NULL' Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from #10587)
Pushed - thanks again @vdukhovni and all others who took part discussing this, also on #1418. |
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
This is already merged. |
…k_issued() Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix. As prerequisites, this adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). This is a backport of the core of PR openssl#10587. Fixes openssl#1418
…k_issued() Move check that cert signing is allowed from x509v3_cache_extensions() to where it belongs: internal_verify(), generalize it for proxy cert signing. Correct and simplify check_issued(), now checking self-issued (not: self-signed). Add test case to 25-test_verify.t that demonstrates successful fix. As prerequisites, this adds the static function check_sig_alg_match() and the internal functions x509_likely_issued() and x509_signing_allowed(). This is a backport of the core of PR #10587. Fixes #1418 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from #12357)
Fixes #1418. See discussion there.