"critical,CA:FALSE" but "Any Purpose CA : Yes" ?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

"critical,CA:FALSE" but "Any Purpose CA : Yes" ?

Martin Kraemer
When creating a certificate using an openssl CA, I specify the x509v3
extension basicConstraints = critical,CA:FALSE.
Looking at the generated certificate using

% openssl x509 -noout -text -purpose -in nonca.pem
...
            X509v3 Basic Constraints: critical
                CA:FALSE  <====================
...
Certificate purposes:
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : Yes
S/MIME signing CA : No
S/MIME encryption : Yes
S/MIME encryption CA : No
CRL signing : No
CRL signing CA : No
Any Purpose : Yes
Any Purpose CA : Yes  <==================
OCSP helper : Yes
OCSP helper CA : No

How can this be, CA usage is "critical"ly forbidden, yet the CA
usage for "Any Purpose" is possible ??? Is this an openssl problem,
or a misunderstanding on my side?

Irritated,

   Martin
--
<[hidden email]>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: "critical,CA:FALSE" but "Any Purpose CA : Yes" ?

Dr. Stephen Henson
On Tue, Jul 05, 2005, Martin Kraemer wrote:

> When creating a certificate using an openssl CA, I specify the x509v3
> extension basicConstraints = critical,CA:FALSE.
> Looking at the generated certificate using
>
> % openssl x509 -noout -text -purpose -in nonca.pem
> ...
>             X509v3 Basic Constraints: critical
>                 CA:FALSE  <====================
> ...
> Certificate purposes:
> SSL client : Yes
> SSL client CA : No
> SSL server : Yes
> SSL server CA : No
> Netscape SSL server : Yes
> Netscape SSL server CA : No
> S/MIME signing : Yes
> S/MIME signing CA : No
> S/MIME encryption : Yes
> S/MIME encryption CA : No
> CRL signing : No
> CRL signing CA : No
> Any Purpose : Yes
> Any Purpose CA : Yes  <==================
> OCSP helper : Yes
> OCSP helper CA : No
>
> How can this be, CA usage is "critical"ly forbidden, yet the CA
> usage for "Any Purpose" is possible ??? Is this an openssl problem,
> or a misunderstanding on my side?
>

The "Any Purpose" setting is something which lets anything through and
performs no checks at all. It was put there originally as a way for people to
use broken certificates if they had no other choice and could live with the
consequences. This setting has to be explicitly requested in code: meaning it
can't be accidentally set.

Since then CA checks have been made mandatory in the code even if "Any
Purpose" is set. So if you actually tried to use that certificate as a CA it
would be rejected.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: "critical,CA:FALSE" but "Any Purpose CA : Yes" ?

Martin Kraemer
In reply to this post by Martin Kraemer
> Since then CA checks have been made mandatory in the code even if "Any
> Purpose" is set. So if you actually tried to use that certificate as a CA it
> would be rejected.

If that is so, then how can the following happen (with a recent
openssl-dev):

% openssl version -a
OpenSSL 0.9.9-dev XX xxx XXXX
built on: Wed Jun 29 12:31:27 CEST 2005
platform: BSD-x86-elf
options:  bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx)
compiler: gcc -DOPENSSL_THREADS -pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DSHA1_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM
OPENSSLDIR: "/usr/local/ssl"

% openssl x509 -in [hidden email] -noout -text -purpose
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c0:ed:2a:bc:67:03:2a:69:c3:46:23:49:dd:a8:c3:a0
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=XY, O=BTG Development CA (3), OU=Basic CA, CN=David Deer/emailAddress=[hidden email]
        Validity
            Not Before: Jul  5 11:05:50 2005 GMT
            Not After : Jul  7 11:05:50 2005 GMT
        Subject: C=XY, O=BTG Development CA (3), OU=Basic CA, CN=Martin Kraemer/emailAddress=[hidden email]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:...:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:40:46:89:F2:60:86:3A:23:80:CF:46:E2:B5:B4:48:BA:44:94:0F
            X509v3 Authority Key Identifier:
                keyid:23:B4:0C:4C:FA:26:E3:76:3B:02:7F:DC:CC:8D:24:D7:48:8C:95:E7
                DirName:/C=XY/O=BTG Development CA (3)/CN=David Deer/emailAddress=[hidden email]
                serial:C4:A5:4C:5D:BB:C3:89:C7:F8:8B:94:49:D8:C1:E2:0C

            X509v3 Subject Alternative Name:
                email:[hidden email]
            X509v3 Issuer Alternative Name:
                email:[hidden email]
            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Key Usage:
                Digital Signature, Non Repudiation, Key Encipherment, Key Agreement
            X509v3 CRL Distribution Points:
                URI:http://ca.example.com/ca/3/basic_C4A54C5DBBC389C7F88B9449D8C1E20C.crl

            Netscape CA Revocation Url:
                http://ca.example.com/ca/3/basic_C4A54C5DBBC389C7F88B9449D8C1E20C.crl
            Netscape Comment:
                created by BaDCA
            1.3.6.1.4.1.18060.101.1:
                committer
    Signature Algorithm: sha1WithRSAEncryption
        37:...:9a
Certificate purposes:
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : Yes
S/MIME signing CA : No
S/MIME encryption : Yes
S/MIME encryption CA : No
CRL signing : No
CRL signing CA : No
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : No

% openssl ca -config openssl.cnf -cert [hidden email] -keyfile [hidden email] -verbose -in [hidden email]
Using configuration from openssl.cnf
Enter pass phrase for [hidden email]:
...
9 entries loaded from the database
generating index
message digest is md5
policy is policy_match
next serial number is 0123456789ABCDEF0123456789ABCDF5
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=Martin Kraemer/emailAddress=[hidden email]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:...:29
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: md5WithRSAEncryption
        53:...:60
Check that the request matches the signature
Signature ok
The subject name appears to be ok, checking data base for clashes
Everything appears to be ok, creating and signing the certificate
Successfully added extensions from config
Certificate Details:
        Serial Number:
            01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:f5
        Validity
            Not Before: Jul  5 15:33:22 2005 GMT
            Not After : Jul  5 15:33:22 2006 GMT
        Subject:
            commonName                = Martin Kraemer
            emailAddress              = [hidden email]
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            Netscape Comment:
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier:
                C4:40:46:89:F2:60:86:3A:23:80:CF:46:E2:B5:B4:48:BA:44:94:0F
            X509v3 Authority Key Identifier:
                keyid:C4:40:46:89:F2:60:86:3A:23:80:CF:46:E2:B5:B4:48:BA:44:94:0F
                DirName:/C=XY/O=BTG Development CA (3)/OU=Basic CA/CN=David Deer/emailAddress=[hidden email]
                serial:C0:ED:2A:BC:67:03:2A:69:C3:46:23:49:DD:A8:C3:A0

Certificate is to be certified until Jul  5 15:33:22 2006 GMT (365 days)
Sign the certificate? [y/n]:y


1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
writing new certificates
writing ./demoCA/newcerts/0123456789ABCDEF0123456789ABCDF5.pem
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:23:45:67:89:ab:cd:ef:01:23:45:67:89:ab:cd:f5
        Signature Algorithm: md5WithRSAEncryption
        Issuer: C=XY, O=BTG Development CA (3), OU=Basic CA, CN=Martin Kraemer/emailAddress=[hidden email]
        Validity
            Not Before: Jul  5 15:33:22 2005 GMT
            Not After : Jul  5 15:33:22 2006 GMT
        Subject: CN=Martin Kraemer/emailAddress=[hidden email]
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (2048 bit)
                Modulus (2048 bit):
                    00:...:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            Netscape Comment:
                OpenSSL Generated Certificate
            X509v3 Subject Key Identifier:
                C4:40:46:89:F2:60:86:3A:23:80:CF:46:E2:B5:B4:48:BA:44:94:0F
            X509v3 Authority Key Identifier:
                keyid:C4:40:46:89:F2:60:86:3A:23:80:CF:46:E2:B5:B4:48:BA:44:94:0F
                DirName:/C=XY/O=BTG Development CA (3)/OU=Basic CA/CN=David Deer/emailAddress=[hidden email]
                serial:C0:ED:2A:BC:67:03:2A:69:C3:46:23:49:DD:A8:C3:A0

    Signature Algorithm: md5WithRSAEncryption
        12:...:aa
-----BEGIN CERTIFICATE-----
MIIEUzCCAzugAwIBAgIQASNFZ4mrze8BI0VniavN9TANBgkqhkiG9w0BAQQFADB8
MQswCQYDVQQGEwJHQjEfMB0GA1UEChMWQVNGIERldmVsb3BtZW50IENBICgzKTER
MA8GA1UECxMIQmFzaWMgQ0ExFzAVBgNVBAMTDk1hcnRpbiBLcmFlbWVyMSAwHgYJ
KoZIhvcNAQkBFhFtYXJ0aW5AYXBhY2hlLm9yZzAeFw0wNTA3MDUxNTMzMjJaFw0w
NjA3MDUxNTMzMjJaMDsxFzAVBgNVBAMTDk1hcnRpbiBLcmFlbWVyMSAwHgYJKoZI
hvcNAQkBFhFtYXJ0aW5AYXBhY2hlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANfxtNJRRCMBuP79GjcCJH5vue9S00CfjMi8MAnAJMtOYkKg3VPb
ovtmmGmLmlrcXOc4J4heiw4QUNnBTaLlEdn/+iZD8KPF42EI+Au6dZZOSxI2X59P
HDViLj68zXOk1n0Li/aBU5RrFfn1DTUvQBb4xH5zpAOn0e9juLqp8fMOaJ/DUwwH
LITGzE9vis6NCcwglomgWn/+QaTY8NuWNr0sLN97P4L1BKF4SuwZU/oO+mpR4H1a
kDdWEhNKOLoNSCdeBsnp4jlnwceBzNmfXYP1UJcmBQpOcECtDMtbn52FaywcIGYI
+mYKzSXCLpw5aKs9A6V+UKzmPRL323DD9CkCAwEAAaOCARAwggEMMAkGA1UdEwQC
MAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRl
MB0GA1UdDgQWBBTEQEaJ8mCGOiOAz0bitbRIukSUDzCBsQYDVR0jBIGpMIGmgBTE
QEaJ8mCGOiOAz0bitbRIukSUD6F7pHkwdzELMAkGA1UEBhMCR0IxHzAdBgNVBAoT
FkFTRiBEZXZlbG9wbWVudCBDQSAoMykxETAPBgNVBAsTCEJhc2ljIENBMRMwEQYD
VQQDEwpEYXZpZCBSZWlkMR8wHQYJKoZIhvcNAQkBFhBkcmVpZEBhcGFjaGUub3Jn
ghEAwO0qvGcDKmnDRiNJ3ajDoDANBgkqhkiG9w0BAQQFAAOCAQEAEoAsNUfSPO/H
w/sGE5teuXcH88rawJpNO+UuhQdBn19H4IpIoiI9Ftio09ku9rY0Wctpc8GEN1eO
ZAwmbwjDsBhI40TSQkQP9cCryehAkuwBVvcyvajPRQwRryZEQGfYMl18oGoZiX0X
llGG3eio1luUmLDO7hjBwEdN+8MQYburwpIzJHo86Zs5+8bWa5iCKZk/DGtjjOD2
eFx5+6ybcOg6vHE1YUlq5b/fzgUQ5azxiMMKDhGX0sMD9ZphGkIc0u3Z2uAQDPEM
6Zlab//NaiDgkCsjbqzV39EzOmmZEexht1k71V7J/nYarXQ1gfh33M2k1AEqmCeN
U9QWqJUKqg==
-----END CERTIFICATE-----
Data Base Updated

It should have rejected the client/server cert for CA use, no?

  Martin
--
<[hidden email]>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: "critical,CA:FALSE" but "Any Purpose CA : Yes" ?

Martin Kraemer
On Tue, Jul 05, 2005 at 05:45:09PM +0200, Martin Kraemer wrote:
> If that is so, then how can the following happen (with a recent
> openssl-dev):

Oops - it can because here, the "critical" flag is missing. Sorry.

  Martin
--
<[hidden email]>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: "critical,CA:FALSE" but "Any Purpose CA : Yes" ?

Dr. Stephen Henson
In reply to this post by Martin Kraemer
On Tue, Jul 05, 2005, Martin Kraemer wrote:

> > Since then CA checks have been made mandatory in the code even if "Any
> > Purpose" is set. So if you actually tried to use that certificate as a CA it
> > would be rejected.
>
> If that is so, then how can the following happen (with a recent
> openssl-dev):
>
[example of ca utility]

The 'ca' utility doesn't currently check the validity of the CA certificate it
is signing with. So it will happily sign with an invalid CA but the
verification routines will reject it.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]