[openssl-dev] Cannot verify self-signed certificates?
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Dec 17 01:17:02 UTC 2015
On Wed, Dec 16, 2015 at 06:56:59PM -0500, Viktor Dukhovni wrote:
> As a final note, with "-partial_chain" any certificate always verifies against
> itself regardless of purpose or basic constraints. Thus, for example:
>
> $ openssl verify -partial_chain -purpose crlsign foo.pem foo.pem
>
> will always succeed, provided foo.pem contains a certificate that does not
> fail to parse.
>
> I'm not quite sure why the purpose is ignored, it might be more useful
> if the purpose were still checked (after any explicit auxiliary trust
> settings via "BEGIN TRUSTED CERTIFICATE").
It is easy to restore checking the purpose, it seems likely that
suppression of that check was an oversight. However, I think that
if the leaf certificate is actually trusted and has auxiliary trust
settings, those probably should kick in, so the patch below is
likely not quite the whole story.
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 3acb374..864283e 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -617,8 +617,8 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
purpose = ctx->param->purpose;
}
- /* Check all untrusted certificates */
- for (i = 0; i < ctx->last_untrusted; i++) {
+ /* Check all untrusted certificates, and always the leaf cert */
+ for (i = 0; i == 0 || i < ctx->last_untrusted; i++) {
int ret;
x = sk_X509_value(ctx->chain, i);
if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL)
--
Viktor.
More information about the openssl-dev
mailing list