Hello, OpenSSL version: OpenSSL 1.0.1c 10 May 2012
When trying to verify the signature of a CRL using the openssl crl app with the -CApath option, CRL's issuer certificate cannot be properly found in the CApath-folder in case there exists multiple certificates with the same subject name but different subject key ids. Please not that each CRL has the its Authority Key ID matching its resp. issuer certificate's Subject Key ID. Here is a simple test case: * One root CA (cacerts/root.crt.pem) signing two intermediate CAs (cacerts/inter1.crt.pem and cacerts/inter2.crt.pem). * The 2 CAs have the same subject name, but different Subject Key Ids. * Each of the intermediate CAs issue a single CRL (cacerts/inter1.crl.pem and cacerts/inter2.crl.pem). * Both CRLs have the crl_extensions enabled with the "authorityKeyIdentifier=keyid:always,issuer:always" parameter. Place all the certificates in the same folder. Perform c_rehash. Run following: openssl crl -in cacerts/inter1.crl.pem -CApath cacerts/ -noout openssl crl -in cacerts/inter2.crl.pem -CApath cacerts/ -noout One of these 2 will fail. Since both CRLs have the same issuer_hash, there exist 2 symlinks with different indices: <issuer_hash>.0 and <issuer_hash>.1 . The command described above will succeed for the CRL having the corresponding issuer certificate indexed first (.0) and the command will fail for the CRL with the issuer certificate indexed second (.1). Note that running: openssl crl -in cacerts/inter1.crl.pem -CAfile cacerts/inter1.crt.pem -noout openssl crl -in cacerts/inter2.crl.pem -CAfile cacerts/inter2.crt.pem -noout both verify succeed. Here-attached my 3 certificates along with the 2 CRLs.
openssl_crl_CApath_bug.tar.gz
Description: GNU Zip compressed data
To my understanding, openssl crl -CApath should verify in both cases any of the 2 CRLs, hence, check also the Subject Key IDs of the certificates when matching the subject_name of the certificate. On the opposite, openssl verify -crl_check finds the proper CRL with the proper authority key id. Why does not openssl crl do the same? Is it a bug? If you have any further question, don't hesitate to contact me by email. Please keep me posted on the evolution of this request. Kind regards, Franck -- franck youssef junior engineer [email protected]
