[openssl-dev] [openssl.org #3721] Patch for additional checking of self-signed certificates

Short, Todd via RT rt at openssl.org
Mon Mar 2 18:06:05 UTC 2015 

This code is currently being used by Akamai to check for the validity of certificates.

I find it highly unusual for multiple certificates to have the same SubjectDN to be valid simultaneously.
All those certificates would need to have a unique serial number; but the Issuer’s serial number is is not included in the certificate, so there’s no easy way to determine the issuing certificate.

To validate those chains, the signature would have to be validated using the public key of each certificate that matches the Issuer. That can be an expensive proposition, and there are clients that will give up after the first failure.

Have you seen any chains like this IRL?

Do you know of any CA that have their chains set up like this?

--
-Todd Short
// tshort at akamai.com<mailto:tshort at akamai.com>
// “One if by land, two if by sea, three if by the Internet."

On Feb 27, 2015, at 5:31 PM, Brian Smith <brian at briansmith.org<mailto:brian at briansmith.org>> wrote:

Short, Todd via RT <rt at openssl.org<mailto:rt at openssl.org>> wrote:
Check that in matching issuer/subject certs, that a self-signed subject also has a self-signed issuer.
Given that the subject certificate is self-signed, it means that the issuer and the subject are the same certificate. This change verifies that.

Github link:
https://github.com/akamai/openssl/commit/faff94b732472616828fe724e09053f134ebb88b

Could you explain this more?

In your patch, there is a comment that says "Input certificate
(subject) is self signed." But, the test is that the issuer name
equals the subject name. That means the certificate is self-*issued*,
not self-*signed*.

Consider this chain:

{ Subject=Foo, Issuer=Foo, Key=Key1, Signed by Key2 }
{ Subject=Foo, Issuer=Foo, Key=Key2, Signed by Key3 }
{ Subject=Foo, Issuer=Foo, Key=Key3, Signed by Key3, Trust Anchor }

All three certificates are self-issued. The issuer of the first
certificate is not self-signed but it is self-issued. But, it being
self-issued doesn't matter because it isn't a trust anchor.

Consider this chain:

{ Subject=Foo, Issuer=Foo, Key=Key1, Signed by Key1 }
{ Subject=Foo, Issuer=Bar, Key=Key1, Signed by Key2 }
{ Subject=Bar, Issuer=Bar, Key=Key2, Signed by Key2, Trust Anchor }

The first certificate is self-signed and self-issued. It's issuer is
not self-signed or self-issued, so your patch would reject this chain.
But, this is a valid chain.

Cheers,
Brian
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

More information about the openssl-dev mailing list