ubuntu@select-lobster:~/reproducer$ openssl verify -CAfile CA/rootCA_cert.pem -untrusted CA/subCA_cert.pem user1_cert.pem
C = DE, O = Test Org, CN = Test User
error 20 at 0 depth lookup: unable to get local issuer certificate
error user1_cert.pem: verification failed
We see verification fail, due to CA:FALSE,pathlen:0 basicConstraints.
I then enabled -proposed, and installed openssl and libssl1.1 version
1.1.1f-1ubuntu2.4
If we then repeat the certificate validation:
ubuntu@select-lobster:~/reproducer$ openssl verify -CAfile CA/rootCA_cert.pem -untrusted CA/subCA_cert.pem user1_cert.pem
user1_cert.pem: OK
The certificates validate properly.
Additionally, if we examine the new unit tests added to openssl's testsuite in
the buildlog for focal:
Performing verification for Focal
Generating the ssl certificates, and reproducing the problem with version
1.1.1f-1ubuntu2.3 from -updates.
ubuntu@ select- lobster: ~$ sudo apt-cache policy openssl | grep Installed select- lobster: ~$ mkdir reproducer select- lobster: ~$ cd reproducer select- lobster: ~/reproducer$ mkdir CA select- lobster: ~/reproducer$ cat << EOF >> rootCA.cnf ed_name ed_name ] keyCertSign, cRLSign ifier = hash ntifier = keyid:always select- lobster: ~/reproducer$ cat << EOF >> subCA.cnf ed_name ed_name ] CA:TRUE, pathlen: 0 keyCertSign, cRLSign ifier = hash ntifier = keyid:always select- lobster: ~/reproducer$ cat << EOF >> user.cnf ed_name ed_name ] CA:FALSE, pathlen: 0 digitalSignatur e,keyAgreement serverAuth ifier = hash ntifier = keyid:always select- lobster: ~/reproducer$ openssl genpkey -algorithm RSA-PSS -out rootCA_key.pem -pkeyopt rsa_keygen_ bits:2048 ....... ....... .+++++ select- lobster: ~/reproducer$ openssl req -config rootCA.cnf -set_serial 01 -new -batch -sha256 -nodes -x509 -days 9125 -out CA/rootCA_cert.pem -key rootCA_key.pem -sigopt rsa_padding_ mode:pss -sigopt rsa_pss_saltlen:-1 select- lobster: ~/reproducer$ openssl genpkey -algorithm RSA-PSS -out subCA_key.pem -pkeyopt rsa_keygen_ bits:2048 select- lobster: ~/reproducer$ openssl req -config subCA.cnf -new -out subCA_req.pem -key subCA_key.pem -sigopt rsa_padding_ mode:pss -sigopt rsa_pss_saltlen:-1 select- lobster: ~/reproducer$ openssl x509 -req -sha256 -in subCA_req.pem -CA CA/rootCA_cert.pem -CAkey rootCA_key.pem -out CA/subCA_cert.pem -CAserial rootCA_serial.txt -CAcreateserial -extfile subCA.cnf -extensions usr_cert -days 4380 -sigopt rsa_padding_ mode:pss -sigopt rsa_pss_saltlen:-1 select- lobster: ~/reproducer$ c_rehash CA select- lobster: ~/reproducer$ openssl genpkey -algorithm RSA-PSS -out user1_key.pem -pkeyopt rsa_keygen_ bits:2048 ....... .....++ +++ ....... ....... ....+++ ++ select- lobster: ~/reproducer$ openssl req -config user.cnf -new -out user1_req.pem -key user1_key.pem -sigopt rsa_padding_ mode:pss -sigopt rsa_pss_saltlen:-1 select- lobster: ~/reproducer$ openssl x509 -req -sha256 -in user1_req.pem -CA CA/subCA_cert.pem -CAkey subCA_key.pem -out user1_cert.pem -CAserial subCA_serial.txt -CAcreateserial -extfile user.cnf -extensions usr_cert -days 1825 -sigopt rsa_padding_ mode:pss -sigopt rsa_pss_saltlen:-1
Installed: 1.1.1f-1ubuntu2.3
ubuntu@
ubuntu@
ubuntu@
ubuntu@
> [ req ]
> prompt = no
> distinguished_name = req_distinguish
> x509_extensions = usr_cert
>
> [ req_distinguish
> C = DE
> O = Test Org
> CN = Test RSA PSS Root-CA
>
> [ usr_cert ]
> basicConstraints = critical,CA:TRUE
> keyUsage = critical,
> subjectKeyIdent
> authorityKeyIde
> EOF
ubuntu@
> [ req ]
> prompt = no
> distinguished_name = req_distinguish
> x509_extensions = usr_cert
>
> [ req_distinguish
> C = DE
> O = Test Org
> CN = Test RSA PSS Sub-CA
>
> [ usr_cert ]
> basicConstraints = critical,
> keyUsage = critical,
> subjectKeyIdent
> authorityKeyIde
> EOF
ubuntu@
> [ req ]
> prompt = no
> distinguished_name = req_distinguish
> x509_extensions = usr_cert
>
> [ req_distinguish
> C = DE
> O = Test Org
> CN = Test User
>
> [ usr_cert ]
> basicConstraints = critical,
> keyUsage = critical,
> extendedKeyUsage = clientAuth,
> subjectKeyIdent
> authorityKeyIde
> EOF
ubuntu@
.......
............+++++
ubuntu@
ubuntu@
........+++++
....+++++
ubuntu@
ubuntu@
Signature ok
subject=C = DE, O = Test Org, CN = Test RSA PSS Sub-CA
Getting CA Private Key
ubuntu@
Doing CA
ubuntu@
.......
.......
ubuntu@
ubuntu@
Signature ok
subject=C = DE, O = Test Org, CN = Test User
Getting CA Private Key
Now, we verify the certificates:
ubuntu@ select- lobster: ~/reproducer$ openssl verify -CAfile CA/rootCA_cert.pem -untrusted CA/subCA_cert.pem user1_cert.pem
C = DE, O = Test Org, CN = Test User
error 20 at 0 depth lookup: unable to get local issuer certificate
error user1_cert.pem: verification failed
We see verification fail, due to CA:FALSE,pathlen:0 basicConstraints.
I then enabled -proposed, and installed openssl and libssl1.1 version
1.1.1f-1ubuntu2.4
If we then repeat the certificate validation:
ubuntu@ select- lobster: ~/reproducer$ openssl verify -CAfile CA/rootCA_cert.pem -untrusted CA/subCA_cert.pem user1_cert.pem
user1_cert.pem: OK
The certificates validate properly.
Additionally, if we examine the new unit tests added to openssl's testsuite in
the buildlog for focal:
https:/ /launchpadlibra rian.net/ 537505620/ buildlog_ ubuntu- focal-amd64. openssl_ 1.1.1f- 1ubuntu2. 4_BUILDING. txt.gz
we see:
../../. ./test/ certs/ee- pathlen. pem: OK shlib_wrap. sh ../../apps/openssl verify -auth_level 1 -purpose sslserver -trusted ../../. ./test/ certs/root- cert.pem -untrusted ../../. ./test/ certs/ca- cert.pem ../../. ./test/ certs/ee- pathlen. pem => 0 ./test/ certs/ee- pathlen. pem: verification failed shlib_wrap. sh ../../apps/openssl verify -auth_level 1 -purpose sslserver -x509_strict -trusted ../../. ./test/ certs/root- cert.pem -untrusted ../../. ./test/ certs/ca- cert.pem ../../. ./test/ certs/ee- pathlen. pem => 2
../../util/
ok 84 - accept non-ca with pathlen:0 by default
CN = server.example
error 41 at 0 depth lookup: invalid or inconsistent certificate extension
error ../../.
../../util/
ok 85 - reject non-ca with pathlen:0 with strict flag
Both tests pass with "ok", so the feature is working as intended in both standard and strict mode.
Since everything is in order, I am happy to mark verified for Focal.