Open
Bug 238146
Opened 21 years ago
Updated 2 years ago
CERT_IsCACert() misidentifies v3 self-signed certs as CAs
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
REOPENED
People
(Reporter: jgmyers, Unassigned)
Details
(Keywords: regression)
Attachments
(1 file)
1.49 KB,
patch
|
nelson
:
review-
|
Details | Diff | Splinter Review |
The fix to bug 178692 has caused a regression in PSM where it miscategorizes all
self-signed certs as Certificate Authorities. Not all self-signed certs are
capable of signing other certs, thus are not CA certs.
Comment 1•21 years ago
|
||
John, I think you meant the fix to bug 171224 has caused
this regression, right?
Assignee: wchang0222 → MisterSSL
Keywords: regression
Reporter | ||
Comment 2•21 years ago
|
||
Correct, it was the fix to bug 171224 that caused the regression.
Reporter | ||
Comment 3•21 years ago
|
||
Someone would also need to audit all the other calls to CERT_IsCACert() to
check whether or not they also want to test cert->isRoot
Comment 4•21 years ago
|
||
Not all self-signed certs are categorized as CAs. Only those which do not have
extensions or trust settings restricting them from being CAs are. The cert in
question must not have the basicConstraints or nsCertType extensions present, in
which case it is valid as a CA, even if that is not its intended usage.
Reporter | ||
Comment 5•21 years ago
|
||
Per RFC 3280 4.2.1.10 paragraph 4, certificates that do not have a basic
constraints extension are not usable as CAs. So certificates which omit both
the basicConstraints and nsCertType extensions are not valid for use as CAs.
Comment 6•21 years ago
|
||
The cert in question is an X509 v1 cert. As such, it has no extensions.
It cannot have a basic constraints extension. Yet that does not mean that
it cannot be a CA cert or a root CA cert.
NSS has always chosen to identify self-issued X509 v1 certs as root CA certs.
Indeed many of the trusted root CA certs are precisely self issued v1 certs.
Such certs may also be used for non-CA purposes, if they are trusted for
those purposes, e.g. trusted as SSL "peers" or SMIME "peers".
The cited statement in RCC 3280 applies to X509 v3 certs. It applies
to certs conforming to that profile. V1 certs to not conform to the profile.
They are still widely used as root CA certs today, and are grandfathered in.
The real issue, in this case, is that there is a software company whose
software produces self-issed self-signed v1 certs for SSL servers.
Those certs always have serial number zero, by the way.
Once the certs are marked as trusted for use as SSL peers, NSS has no
trouble with them ... until the user inevitably generates a second cert
with the same subject (and issuer) names, which also has serial number zero.
Then it runs afoul of thd duplicate issuer and serial problem.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → INVALID
Reporter | ||
Comment 7•21 years ago
|
||
CERT_IsCACert() will identify an extensionless v3 self-signed cert as a CA cert.
It should only do so for v1 and v2 certs.
Status: RESOLVED → REOPENED
Resolution: INVALID → ---
Summary: CERT_IsCACert() misidentifies self-signed certs as CAs → CERT_IsCACert() misidentifies v3 self-signed certs as CAs
Comment 8•21 years ago
|
||
John, have you established that there are NO trusted v3 root CA certs
that lack basic constraints?
Comment 9•21 years ago
|
||
Comment on attachment 144459 [details] [diff] [review]
Simplistic fix
"We could do that, but it would be wrong." R.M. Nixon
Attachment #144459 -
Flags: review-
Comment 10•21 years ago
|
||
This bug doesn't block 178692, as the latter involves an X509 v1 cert.
This bug is low priority, since an X509 v3 cert without the relevant
extensions would be an invalid cert (unless it was a root CA cert),
and any bug about such a cert would probably get closed as invalid.
No longer blocks: 178692
Priority: -- → P3
Reporter | ||
Comment 11•21 years ago
|
||
Of the current builtin CA certficates, "entrust.net Certification Authority
(2048)" lacks a basic constraints extension, but has a Netscape Certificate Type
extension indicating CA usage. The remaining either have a basic constraints
extension or are v1.
X.509 v3 certs are permitted to lack the basic constraints (and NS cert type
extensions) when they are not intended to be used as CA certs. So valid v3
non-CA certs will get miscategorized as CA certs.
Comment 12•21 years ago
|
||
If they are self-issued, and lack auth key ID extensions, yes it does.
Does PKIX allow self-signed, self-issued non-CA certs?
Reporter | ||
Comment 13•21 years ago
|
||
I don't see how RFC 3280 prohibits self-signed certs or requires self-signed
non-CA certs to have either the Authority Key Identifer or Subject Key
Identifier extension. Perhaps you could give a citation?
Updated•19 years ago
|
QA Contact: bishakhabanerjee → jason.m.reid
Updated•19 years ago
|
QA Contact: jason.m.reid → libraries
Updated•3 years ago
|
Assignee: nelson → nobody
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•