verify and the authority and issuer serial number mismatch error

Wed, 03 Aug 2011 09:06:16 -0700 

I have a chain that fails to verify:

brs% openssl verify -verbose -issuer_checks -CAfile serversTA.pem -untrusted 
'servers->users.pem' dua.pem 
dua.pem: CN = config, CN = DSA Manager
error 29 at 0 depth lookup:subject issuer mismatch
CN = config, CN = DSA Manager
error 31 at 0 depth lookup:authority and issuer serial number mismatch
CN = config, CN = DSA Manager
error 29 at 0 depth lookup:subject issuer mismatch
CN = config, CN = DSA Manager
error 29 at 0 depth lookup:subject issuer mismatch
CN = config, CN = DSA Manager
error 29 at 0 depth lookup:subject issuer mismatch
CN = config, CN = DSA Manager
error 20 at 0 depth lookup:unable to get local issuer certificate

I think that's because dua.pem contains an AKID that does not match
'servers->users.pem' (it contains keyID, issuer and serial number).

That's true but it's deliberate: servers->users.pem is a cross
certificate (issued by serversTA.pem).

The key matches (servers->users.pem has a public key that's the same as
the public key of the actual issuer of dua.pem).

Isn't OpenSSL just wrong in doing this?  X.509 (2008) says

    Certification authorities shall assign certificate serial numbers
    such that every (issuer, certificate serial number) pair uniquely
    identifies a single certificate. The keyIdentifier form can be used
    to select CA certificates during path construction. The
    authorityCertIssuer, authoritySerialNumber pair can only be used to
    provide preference to one certificate over others during path
    construction.

Isn't OpenSSL's use of authoritySerialNumber to reject the certificate
technically incorrect (according to X.509, though I don't see anything
in RFC 5280 permitting it either)?

Presumably it's ordinarily harmless: OpenSSL's default config doesn't
set authorityCertIssuer, authoritySerialNumber in AKID, and ordinarily
everything would match up fine anyway.

So to find a problem you'd need a setup with this not recommended AKID
and cross certificates.  So, lucky me!

Presumably there's no test of this in PKITS?
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to