Ubuntu
openssl package

  1. Bug #1926254
  2. Comment #14

Comment 14 for bug 1926254

Revision history for this message
Matthew Ruffell (mruffell) wrote :

Performing verification for Groovy.

I went and generated the ssl certificates and attempted to verify them with
the openssl version 1.1.1f-1ubuntu4.3 from -updates.

ubuntu@deep-mako:~$ sudo apt-cache policy openssl | grep Installed
  Installed: 1.1.1f-1ubuntu4.3
ubuntu@deep-mako:~$ mkdir reproducer
ubuntu@deep-mako:~$ cd reproducer
ubuntu@deep-mako:~/reproducer$ mkdir CA
ubuntu@deep-mako:~/reproducer$ cat << EOF >> rootCA.cnf
> [ req ]
> prompt = no
> distinguished_name = req_distinguished_name
> x509_extensions = usr_cert
>
> [ req_distinguished_name ]
> C = DE
> O = Test Org
> CN = Test RSA PSS Root-CA
>
> [ usr_cert ]
> basicConstraints = critical,CA:TRUE
> keyUsage = critical,keyCertSign,cRLSign
> subjectKeyIdentifier = hash
> authorityKeyIdentifier = keyid:always
> EOF
 ubuntu@deep-mako:~/reproducer$ cat << EOF >> subCA.cnf
> [ req ]
> prompt = no
> distinguished_name = req_distinguished_name
> x509_extensions = usr_cert
>
> [ req_distinguished_name ]
> C = DE
> O = Test Org
> CN = Test RSA PSS Sub-CA
>
> [ usr_cert ]
> basicConstraints = critical,CA:TRUE,pathlen:0
> keyUsage = critical,keyCertSign,cRLSign
> subjectKeyIdentifier = hash
> authorityKeyIdentifier = keyid:always
> EOF
 ubuntu@deep-mako:~/reproducer$ cat << EOF >> user.cnf
> [ req ]
> prompt = no
> distinguished_name = req_distinguished_name
> x509_extensions = usr_cert
>
> [ req_distinguished_name ]
> C = DE
> O = Test Org
> CN = Test User
>
> [ usr_cert ]
> basicConstraints = critical,CA:FALSE,pathlen:0
> keyUsage = critical,digitalSignature,keyAgreement
> extendedKeyUsage = clientAuth,serverAuth
> subjectKeyIdentifier = hash
> authorityKeyIdentifier = keyid:always
> EOF
 ubuntu@deep-mako:~/reproducer$ openssl genpkey -algorithm RSA-PSS -out rootCA_key.pem -pkeyopt rsa_keygen_bits:2048
....+++++
............................+++++
ubuntu@deep-mako:~/reproducer$ openssl req -config rootCA.cnf -set_serial 01 -new -batch -sha256 -nodes -x509 -days 9125 -out CA/rootCA_cert.pem -key rootCA_key.pem -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1
ubuntu@deep-mako:~/reproducer$ openssl genpkey -algorithm RSA-PSS -out subCA_key.pem -pkeyopt rsa_keygen_bits:2048
..................................................+++++
.....................................+++++
ubuntu@deep-mako:~/reproducer$ openssl req -config subCA.cnf -new -out subCA_req.pem -key subCA_key.pem -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1
ubuntu@deep-mako:~/reproducer$ openssl x509 -req -sha256 -in subCA_req.pem -CA CA/rootCA_cert.pem -CAkey rootCA_key.pem -out CA/subCA_cert.pem -CAserial rootCA_serial.txt -CAcreateserial -extfile subCA.cnf -extensions usr_cert -days 4380 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1
Signature ok
subject=C = DE, O = Test Org, CN = Test RSA PSS Sub-CA
Getting CA Private Key
ubuntu@deep-mako:~/reproducer$ c_rehash CA
Doing CA
ubuntu@deep-mako:~/reproducer$ openssl genpkey -algorithm RSA-PSS -out user1_key.pem -pkeyopt rsa_keygen_bits:2048
...+++++
.............................................................+++++
ubuntu@deep-mako:~/reproducer$ openssl req -config user.cnf -new -out user1_req.pem -key user1_key.pem -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1
ubuntu@deep-mako:~/reproducer$ openssl x509 -req -sha256 -in user1_req.pem -CA CA/subCA_cert.pem -CAkey subCA_key.pem -out user1_cert.pem -CAserial subCA_serial.txt -CAcreateserial -extfile user.cnf -extensions usr_cert -days 1825 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1
Signature ok
subject=C = DE, O = Test Org, CN = Test User
Getting CA Private Key

Now going and verifying the certificates:

ubuntu@deep-mako:~/reproducer$ openssl verify -CAfile CA/rootCA_cert.pem -untrusted CA/subCA_cert.pem user1_cert.pem
C = DE, O = Test Org, CN = Test User
error 20 at 0 depth lookup: unable to get local issuer certificate
error user1_cert.pem: verification failed

We see verification failed, again on CA:FALSE,pathlen:0 basicConstraints.

Now if we enable -proposed and install openssl 1.1.1f-1ubuntu4.4.

$ openssl verify -CAfile CA/rootCA_cert.pem -untrusted CA/subCA_cert.pem user1_cert.pem
user1_cert.pem: OK

The certificate verifies properly. The problem is fixed.

Additionally, if we examine the new unit tests added to openssl's testsuite in
the buildlog for Groovy:

https://launchpadlibrarian.net/537503607/buildlog_ubuntu-groovy-amd64.openssl_1.1.1f-1ubuntu4.4_BUILDING.txt.gz

We see:

../../util/shlib_wrap.sh ../../apps/openssl verify -auth_level 1 -purpose sslserver -trusted ../../../test/certs/root-cert.pem -untrusted ../../../test/certs/ca-cert.pem ../../../test/certs/ee-pathlen.pem => 0
ok 84 - accept non-ca with pathlen:0 by default
CN = server.example
error 41 at 0 depth lookup: invalid or inconsistent certificate extension
error ../../../test/certs/ee-pathlen.pem: verification failed
../../util/shlib_wrap.sh ../../apps/openssl verify -auth_level 1 -purpose sslserver -x509_strict -trusted ../../../test/certs/root-cert.pem -untrusted ../../../test/certs/ca-cert.pem ../../../test/certs/ee-pathlen.pem => 2
ok 85 - reject non-ca with pathlen:0 with strict flag

Both tests pass with "ok", so the feature is working as intended in both standard and strict mode.

Since everything is in order, I am happy to mark verified for Groovy.