openssl 0.9.8: 3rd level certificates verification problem

I run into "invalid CA certificate" (X509_V_ERR_INVALID_CA) error when I
was trying to
verify a third level certificates with OpenSSL 0.9.8. It seems that the
code in check_chain_extensions()
function in crypto/x509/x509_vfy.c file assumes that either certificate
must be directly signed by CA
certificate or it must have EXFLAG_PROXY flag (see code around lines
504-520 and must_be_ca
flag processing above). Note that second level certificates are verified
correctly and the same
third level certificates verified just fine with OpenSSL 0.9.6/0.9.7

I would appreciate if someone can check if this is an expected behavior
for OpenSSL
(and then I will have to find a workaround) or it is a bug (and then
I'll be a happy camper
waiting for next OpenSSL release).

Thank you in advance,
Aleksey Sanin





______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

Aleksey Sanin writes:

I'm not sure what you mean with "second level" and "third level", so let me
explain in my own words.

A chain of certificates, from CA you trust to the certificate you hold has
to look like one of these:

(CAx = CA (number x), EE = End Entitity, PRx = Proxy (number x))

CA1 -> ... -> CAn -> EE

CA1 -> ... -> CAn -> EE -> PR1 -> ... -> PRn

(you can have only one CA and only one PR)

So it's correct that a EE certificate has to be signed by a CA and that any
CA has to be signed by a CA (itself or another).  It's also correct that a
proxy certificate has to be signed by the EE certificate or another proxy
certificate.

What in all this do you call "third level certificate"?

I'd be happy to look at your chain of certificates if needed.

Cheers,
Richard

 -----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                       http://richard.levitte.org/ 

"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
                                               -- C.S. Lewis

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

Thanks for quick response and explanations! You are right, the
second certificate in the chain did not have CA ext flag set and
0.9.8 did not like it while 0.9.6/0.9.7 ignore this problem.
Very strange that I missed this till now :(

Thanks again,
Aleksey


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

Aleksey Sanin writes:

> Thanks for quick response and explanations! You are right, the
> second certificate in the chain did not have CA ext flag set and
> 0.9.8 did not like it while 0.9.6/0.9.7 ignore this problem.

Yup, it's true, OpenSSL has become tougher on non-compliant CA certificates.

 -----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                       http://richard.levitte.org/ 

"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
                                               -- C.S. Lewis

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

On Fri, Jul 08, 2005 at 10:52:47AM +0200, Richard Levitte wrote:

> Aleksey Sanin writes:
>
> >Thanks for quick response and explanations! You are right, the
> >second certificate in the chain did not have CA ext flag set and
> >0.9.8 did not like it while 0.9.6/0.9.7 ignore this problem.
>
> Yup, it's true, OpenSSL has become tougher on non-compliant CA
> certificates.

Should we call not allowing CA certs with CA:FALSE or a Key Usage that
does not include certificate signing "less buggy", rather than "tougher"?

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

Victor Duchovni writes:

> Should we call not allowing CA certs with CA:FALSE or a Key Usage that
> does not include certificate signing "less buggy", rather than "tougher"?

Sure :-).

Cheers,
Richard

 -----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

--
Richard Levitte                         [hidden email]
                                       http://richard.levitte.org/ 

"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
                                               -- C.S. Lewis

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]