Re: NameConstraints are not being applied (or I don't know how to enforce them?)

[jeff]

I tested this openssl 1.0.0. Error 34 is gone now but now error 47 shows
up which shows the name constraint is being applied. However, it's being
applied or verified in a way that I don't understand.
To show you I have simplified the test. Generating only one end
certificate and specifying one very simple name constraint. 
The name constraint is chosen in a way to eliminate an guess work and
unspecified matching requirements.

Here are some relevant output. The test scripts are attached.

Command output:
$ ./testnameconst.sh 2>/dev/null
OpenSSL 1.0.0a 1 Jun 2010
error 47 at 0 depth lookup:permitted subtree violation
ERROR: Good cert should have been verified but it didn't

End entity (Good) cert:
        Version: 3 (0x2)
        Serial Number: 17 (0x11)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, CN=SUB CA
        Subject: O=good, CN=Good
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment, Key Agreement
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication


subCA cert:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: CN=Root CA, C=US
        Validity
            Not Before: Jun  5 03:10:07 2010 GMT
            Not After : Jun  5 03:10:07 2011 GMT
        Subject: C=US, ST=NY, O=SubCa, CN=SubCA

        X509v3 extensions:
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Name Constraints: critical
                Permitted:
                  DirName: CN = Good, O = good



This email contains Morega Systems Inc. Privileged and Confidential information.
# OpenSSL configuration file for NameConstraint Test
#

HOME                    = .
RANDFILE                = $ENV::HOME/.rnd

[ ca ]
default_ca      = CA_default

[ CA_default ]
dir             = .
new_certs_dir   = $dir/
crl_dir         = $dir/
database        = $dir/index
certificate     = $dir/rootcacert.pem
serial          = $dir/serial
private_key     = $dir/rootcakey.pem
RANDFILE        = $dir/.rand
x509_extensions = cert_ext
unique_subject  = no
name_opt        = ca_default
cert_opt        = ca_default
default_crl_days= 30
default_days    = 365
default_md      = sha1
preserve        = no
policy          = policy_default
email_in_dn             = no
msie_hack               = no
copy_extensions = none

[ policy_default ]
countryName             = optional
stateOrProvinceName     = optional
organizationName        = optional
organizationalUnitName  = optional
commonName              = supplied
emailAddress            = optional

[ req ]
default_bits            = 1024
default_keyfile         = ./rootcakey.pem
default_md              = sha1
prompt                  = no
distinguished_name      = root_ca_distinguished_name
string_mask = nombstr

[ root_ca_distinguished_name ]
commonName = Root CA
countryName = US

[ cert_ext ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
basicConstraints = critical,CA:FALSE
keyUsage = critical, keyCertSign, cRLSign
extendedKeyUsage=clientAuth

[ root_ca_ext ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
keyUsage = critical, keyCertSign, cRLSign
basicConstraints = critical,CA:TRUE

[ trusted_ca_ext ]
# Extensions for the Sub CA
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid:always,issuer:always
keyUsage = critical, keyCertSign, cRLSign
basicConstraints = critical,CA:TRUE,pathlen:0
nameConstraints = critical,@name_const_section

[ name_const_section ]
#excluded;dirName=excluded_trust_ca_DN
permitted;dirName=permitted_trust_ca_DN

[ excluded_trust_ca_DN ]
O=bad

[ permitted_trust_ca_DN ]
CN=Good
O=good

# OpenSSL configuration file for NameConstraint Test
#

HOME                    = .
RANDFILE                = $ENV::HOME/.rnd

[ ca ]
default_ca      = SUBCA_default

[ SUBCA_default ]
dir             = .
new_certs_dir   = $dir/
crl_dir         = $dir/
database        = $dir/subcaindex
certificate     = $dir/subcacert.pem
serial          = $dir/subcaserial
private_key     = $dir/subcakey.pem
RANDFILE        = $dir/.rand
x509_extensions = cert_ext
unique_subject  = no
name_opt        = ca_default
cert_opt        = ca_default
default_crl_days= 30
default_days    = 365
default_md      = sha1
preserve        = no
policy          = policy_default
email_in_dn             = no
msie_hack               = no
copy_extensions = none

[ policy_default ]
countryName             = optional
stateOrProvinceName     = optional
organizationName        = optional
organizationalUnitName  = optional
commonName              = supplied
emailAddress            = optional

[ req ]
default_bits            = 1024
default_keyfile         = ./subcakey.pem
default_md              = sha1
prompt                  = no
distinguished_name      = sub_ca_distinguished_name
string_mask = nombstr

[ sub_ca_distinguished_name ]
commonName = SUB CA
countryName = US

[ cert_ext ]
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
basicConstraints = critical,CA:FALSE
keyUsage = critical,digitalSignature, keyEncipherment, keyAgreement
extendedKeyUsage=clientAuth

testnameconst.sh
Description: application/shellscript