[openssl.org #3349] Bug report: X509_check_akid() identifies non-self-signed certificate as its own issuer

[Stephan Mühlstrasser via RT]

I posted this test case for function X509_check_akid() on the 
openssl-users mailing list, but got no reaction, therefore I'm 
submitting it now as a defect for triaging.

Test case:

1) Certificate that has an Authority Key Identifier extension (save as 
file "testcert.pem"):

-----BEGIN CERTIFICATE-----
MIIBvzCCASigAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdUZXN0
IENBMB4XDTE0MDUwMjA5MDI1OFoXDTE0MDYwMTA5MDI1OFowFDESMBAGA1UEAwwJ
VGVzdCBDZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCwnv66JvZTVaf
Z3tqMo5od80yv9J0rxUMlAPXFiRM3P/JgDjW5NVIt2Ryaqwd7qZFN1f0HpcQAM5m
SJsQpi8ZxbfGB9BIt7SgRuKdj5ntDX1WJ84gl4C8R2t75B8d0WrJBJUYL2XCOEnu
S0RpfxvLZryH8Pr48Wp8NM6gONAjgQIDAQABoyMwITAfBgNVHSMEGDAWgBQLHOwh
WWaA9y49g7bt77DLa5/RKjANBgkqhkiG9w0BAQsFAAOBgQB7Md75mT3aHcR1vyf7
q8t5+x2JzbXxY3bSF1eRreaC65luDGwHrwd8e6vsYQGfOL35Q9lz+6eJRQWFsLkV
LoILyOEJlfJIN2hX7ZOphTsQ4xhgUanBtQBh7a3if4ywF6YMS8XgBwCxXcmrndGm
OZLjSWhsx6spsyLl56iduRWtzQ==
-----END CERTIFICATE-----

2) Test program that loads the certificate and invokes X509_check_akid() 
for the certificate with its own Authority Key Identifier (all error 
checks omitted for brevity):

------------ snip ---------------
/*
  * Test program for X509_check_akid()
  *
  * The program loads a certificate that has the
  * "X509v3 Authority Key Identifier" and invokes X509_check_akid()
  * with this authority key identifier and the certificate itself.
  */

#include <stdio.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/pem.h>

int
main()
{
     BIO *pem;
     const char *file = "testcert.pem";
     X509 *cert;
     int akid_check;

     pem = BIO_new(BIO_s_file());

     BIO_read_filename(pem, file);

     cert = PEM_read_bio_X509_AUX(pem, NULL, NULL, NULL);

     X509_check_purpose(cert, -1, -1);

     akid_check = X509_check_akid(cert, cert->akid);

     printf("X509_check_akid result %d '%s'\n", akid_check,
             X509_verify_cert_error_string(akid_check));

     return 0;
}
------------------- snip ---------------

Actual result:

When compiled and executed with a current OpenSSL build from the 
OpenSSL_1_0_2-stable branch the program prints:

X509_check_akid result 0 'ok'

Expected result:

X509_check_akid() should return an error code because the certificate 
actually cannot be identified as its own issuer via the X509v3 Authority 
Key Identifier extension.

Background:

The test case scenario actually occurs in an application that uses 
X509_verify_cert() where certain checks are disabled through a callback 
function applied with X509_STORE_set_verify_cb(). A certificate is 
incorrectly identified as the CRL issuer certificate through this behavior.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org