[gnutls-devel] A certificate is verified by Gnutls but rejected by OpenSSL/PolarSSL

Yuting Chen chenyt at cs.sjtu.edu.cn
Thu Apr 2 19:00:46 CEST 2015


Hi, Nikos, I'm not very sure whether the certificate should or should not
pass validation. It is a challenging problem to design tests for testing
SSL tools. I used openssl to create 4000 valid or invalid test certificates
(but I failed to design test oracles). It is interesting that the
certificate is the only that can be accepted by Gnutls, but rejected by
openssl and polarssl. The validation results are:
(1) Gnutls:
Subject: C=GB,ST=Greater Manchester,L=Salford,O=Comodo CA Limited,CN=Secure
Certificate Services
Issuer: C=US,ST=CA,O=Internet Widgits Pty Ltd,CN=Frankencert CA
Checked against: C=US,ST=CA,O=Internet Widgits Pty Ltd,CN=Frankencert CA
Output: Verified. The certificate is trusted.

Subject: C=US,O=VeriSign\, Inc.,OU=Class 4 Public Primary Certification
Authority - G2,OU=(c) 1998 VeriSign\, Inc. - For authorized use
only,OU=VeriSign Trust Network
Issuer: C=GB,ST=Greater Manchester,L=Salford,O=Comodo CA Limited,CN=Secure
Certificate Services
Checked against: C=GB,ST=Greater Manchester,L=Salford,O=Comodo CA
Limited,CN=Secure Certificate Services
Output: Verified. The certificate is trusted.

Chain verification output: Verified. The certificate is trusted.

(2) Openssl:
140637590406816:error:04091077:rsa routines:INT_RSA_VERIFY:wrong signature
length:rsa_sign.c:175:
140637590406816:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
lib:a_verify.c:221:
ZZZZZZZZZZZZZComodo_Secure_Services_root.pem: C = US, O = "VeriSign, Inc.",
OU = Class 4 Public Primary Certification Authority - G2, OU = "(c) 1998
VeriSign, Inc. - For authorized use only", OU = VeriSign Trust Network
error 7 at 0 depth lookup:certificate signature failure

(3) PolarSSL:
  . Loading the CA root certificate ... ok (0 skipped)

  . Loading the certificate(s) ... ok
  . Peer certificate information    ...
      cert. version     : 1
      serial number     : 32:88:8E:9A:D2:F5:EB:13:47:F8:7F:C4:20:37:25:F8
      issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=Comodo
CA Limited, CN=Secure Certificate Services
      subject name      : C=US, O=VeriSign, Inc., OU=Class 4 Public Primary
Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized
use only, OU=VeriSign Trust Network
      issued  on        : 1998-05-18 00:00:00
      expires on        : 2028-08-01 23:59:59
      signed using      : RSA with SHA1
      RSA key size      : 1024 bits

  . Peer certificate information    ...
      cert. version     : 3
      serial number     : 01
      issuer name       : C=US, ST=CA, O=Internet Widgits Pty Ltd,
CN=Frankencert CA
      subject name      : C=GB, ST=Greater Manchester, L=Salford, O=Comodo
CA Limited, CN=Secure Certificate Services
      issued  on        : 2004-01-01 00:00:00
      expires on        : 2016-07-06 23:59:59
      signed using      : RSA with SHA1
      RSA key size      : 1024 bits
      basic constraints : CA=true
      key usage         : Digital Signature, Key Encipherment

  . Verifying X.509 certificate...
Verify requested for (Depth 0):
cert. version     : 1
serial number     : 32:88:8E:9A:D2:F5:EB:13:47:F8:7F:C4:20:37:25:F8
issuer name       : C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA
Limited, CN=Secure Certificate Services
subject name      : C=US, O=VeriSign, Inc., OU=Class 4 Public Primary
Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized
use only, OU=VeriSign Trust Network
issued  on        : 1998-05-18 00:00:00
expires on        : 2028-08-01 23:59:59
signed using      : RSA with SHA1
RSA key size      : 1024 bits
  ! self-signed or not signed by a trusted CA
 failed

On Thu, Apr 2, 2015 at 12:21 AM, Nikos Mavrogiannopoulos <nmav at gnutls.org>
wrote:

> On Wed, Apr 1, 2015 at 11:15 PM, Yuting Chen <chenyt at cs.sjtu.edu.cn>
> wrote:
> > I made a certificate and verified it using gnutls, openssl, and
> polarssl. It
> > can be verified by gnutls, but be rejected the other two due to
> certificate
> > signature failures. It is a special case because in many other cases in
> my
> > experiment, gnutls tends to "reject" certificates if openssl "rejects"
> them.
> > Can anyone help me find the reason (to ensure that gnutls has checked the
> > signature correctly)?
>
> Hello,
>  What is the issue in the certificate? Why it shouldn't be verified
> successfully?
>
> regards,
> Nikos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20150402/f53e5acd/attachment-0001.html>


More information about the Gnutls-devel mailing list