Skip to content

crypto/x509: AKID and issuer SKID are not checked to match #40679

New issue
New issue
Closed
Closed
crypto/x509: AKID and issuer SKID are not checked to match#40679
Labels
FrozenDueToAgeNeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
 
Unplanned
@PeterNovotney

Description

@PeterNovotney
PeterNovotney
opened on Aug 10, 2020

What version of Go are you using (go version)?

go1.14.6

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

It reproduces on the playground.

What did you do?

https://play.golang.org/p/SBdIYeRXuOB verification succeeds for this certificate chain where the AIK keyid on the leaf certificate does not match the issuer ID.

What did you expect to see?

OpenSSL verify rejects this certificate chain due to the AIK KeyId and Issuer ID mismatch.

This can be verified with: openssl verify -CAfile ca.pem passing.pem
where ca.pem and passing.pem are the same x.509 certs that are in the playground example.

I expected Go x.509 Verify to also fail the chain.

What did you see instead?

Go x.509 Verify succeeds

Activity

networkimprov

networkimprov commented on Aug 10, 2020

@networkimprov
networkimprov
on Aug 10, 2020

cc @FiloSottile @katiehockman

FiloSottile
changed the title [-]Go crypto/x509.Verify does not check that AIK keyid matches issuer ID, but OpenSSL Verify does[/-] [+]crypto/x509: AKID and issuer SKID are not checked to match[/+] on Aug 11, 2020
FiloSottile

FiloSottile commented on Aug 11, 2020

@FiloSottile
FiloSottile
on Aug 11, 2020
Contributor

The spec does not require a match, we can check what the other good verifiers do (Chrome and moz::pkix) and match that.

andybons
added
NeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
on Aug 11, 2020
andybons
added this to the Unplanned milestone on Aug 11, 2020
rolandshoemaker

rolandshoemaker commented on Aug 16, 2020

@rolandshoemaker
rolandshoemaker
on Aug 16, 2020
Member

Chromium allows mismatches, but during chain building prioritizes potential issuers with matching SKID/AKID above those with mismatches (see https://source.chromium.org/chromium/chromium/src/+/master:net/cert/internal/path_builder.cc;l=113?q=subject_key_identifier&ss=chromium%2Fchromium%2Fsrc&start=11). A similar approach to this is suggested in https://go-review.googlesource.com/c/go/+/232993.

Mozilla::pkix just ignores SKID/AKID matching entirely.

rolandshoemaker

rolandshoemaker commented on Sep 29, 2020

@rolandshoemaker
rolandshoemaker
on Sep 29, 2020
Member

With https://go-review.googlesource.com/c/go/+/232993 landed this is now expected behavior and matches what Chromium does.

rolandshoemaker
closed this as completedon Sep 29, 2020
networkimprov

networkimprov commented on Sep 29, 2020

@networkimprov
networkimprov
on Sep 29, 2020

See also #30079

golang
locked and limited conversation to collaborators on Sep 29, 2021
gopherbot
added
FrozenDueToAge
on Sep 29, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    FrozenDueToAgeNeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @andybons@networkimprov@FiloSottile@rolandshoemaker@gopherbot

        Issue actions
          crypto/x509: AKID and issuer SKID are not checked to match · Issue #40679 · golang/go