[oss-security] please verify unusual x.509 constraints are handled

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Oct 31 11:04:21 CET 2012

On Wed, Oct 31, 2012 at 9:22 AM, Daniel Kahn Gillmor
<dkg at fifthhorseman.net> wrote:
> The attached message was sent earlier this year to oss-security,
> implying that gnutls does not properly honor pathLenConstraint:
>   http://openwall.com/lists/oss-security/2012/06/27/5
> I'm unable to replicate the reported results with GnuTLS 2.8.6 (debian
> squeeze), 3.0.22 (debian sid) or 3.1 (debian experimental).
> What i see is (sid and experimental):
> 0 dkg at pip:/tmp/certtest$ cat local-cert.pem Mengsk.pem
> sms.hallym.ac.kr.pem CA134040001.pem GPKIRootCA.pem | certtool -e
> Loaded 5 certificates, 1 CAs and 0 CRLs
>         Subject: C=KR,O=Government of Korea,OU=GPKI,CN=CA134040001
>         Issuer: C=KR,O=Government of Korea,OU=GPKI,CN=GPKIRootCA
>         Output: Not verified.

I haven't checked why the verification fails, but he is right that we
don't honor the pathLenConstrains and the CertSign and CRLsign
keyUsage bits for CAs. The issue with being strict on X.509
verification is that if other implementations aren't people think it
is a bug. We had that when we enforced the keyUsage bits for digital
signature and encryption. It would be good to enforce those
restrictions though.


More information about the Gnutls-help mailing list