[axtls-general] X509_VFY_ERROR_BASIC_CONSTRAINT with Amazon CA Root Cert

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

I'm using this library as third party software included in Thingworx C Edge SDK and I'm getting the above error in x509.c when using an Amazon Server.

Has anyone else seen this? It's related to new code added at the end of 2016.

I have narrowed it down to the fact that if the pathLenConstraint is not present in the cert, the relevant variable appears to get the value zero, and so fails the x509_verify function.

The Amazon Cert does not specify the pathLenConstraint, and so it is unlimited, i.e. no constraint on pathLen.

https://tools.ietf.org/html/rfc5280#page-39

"Where pathLenConstraint does not appear, no limit is imposed."

Excerpt from the code in x509.c:
cert->basic_constraint_pathLenConstraint has value 0 after reading the Amazon CA Cert but should be the MAX number

Code Snippet from x509.c x509_v3_basic_constraints function:

    if (asn1_next_obj(cert, &offset, ASN1_OCTET_STRING) < 0 ||
                asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0 ||
                asn1_get_bool(cert, &offset, &x509_ctx->basic_constraint_cA) < 0 ||
                asn1_get_int(cert, &offset,
                                &x509_ctx->basic_constraint_pathLenConstraint) < 0)
    {
        ret = X509_NOT_OK;
    }

There are a couple of problems with this.

  1.  The Sequence can be of zero length (in the case of non-CA certs)
  2.  The pathLenConstraint is optional

Potential Fix, as follows, not yet compiled or verified:

    int lenSeq=0;

    /*Assign Defaults in case not specified
    basic_constraint_cA will already by zero by virtue of the calloc */
    x509_ctx->basic_constraint_cA = 0;
    /*basic_constraint_pathLenConstraint is unlimited by default.
    10000 is just a large number (limits.h is not already included) */
    x509_ctx->basic_constraint_pathLenConstraint = 10000;

    if ((asn1_next_obj(cert, &offset, ASN1_OCTET_STRING) < 0) ||
            ((lenSeq = asn1_next_obj(cert, &offset, ASN1_SEQUENCE)) < 0))
    {
        ret = X509_NOT_OK;
    }

    /* If the Sequence Length is greater than zero,
    continue with the basic_constraint_cA */
    if ((lenSeq>0)&&(asn1_get_bool(cert, &offset,
            &x509_ctx->basic_constraint_cA) < 0))
    {
        ret = X509_NOT_OK;
    }

    /* If the Sequence Length is greater than 3, it has more content than
    the basic_constraint_cA bool, so grab the pathLenConstraint */
    if ((lenSeq>3) && (asn1_get_int(cert, &offset,
            &x509_ctx->basic_constraint_pathLenConstraint) < 0))
    {
        ret = X509_NOT_OK;
    }

Examples of Basic Constraints Octet String in Certs and their decode:

AmazonRootCA1

493  66:     [3] {
495  64:       SEQUENCE {
497  15:         SEQUENCE {
499   3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
504   1:           BOOLEAN TRUE
507   5:           OCTET STRING 30 03 01 01 FF
       :           }

ASN1_SEQUENCE : 30
SEQUENCE LENGTH : 03
ASN1_BOOLEAN : 01
BOOLEAN LENGTH : 01
BOOLEAN VALUE : FF (TRUE)

=> pathLen unlimited!
------------------------------------

BaltimoreCyberTrustRoot
579  18:         SEQUENCE {
581   3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
586   1:           BOOLEAN TRUE
589   8:           OCTET STRING 30 06 01 01 FF 02 01 03
       :           }

ASN1_SEQUENCE : 30
SEQUENCE LENGTH : 06
ASN1_BOOLEAN : 01
BOOLEAN LENGTH : 01
BOOLEAN VALUE : FF (TRUE) (CA Value)
ASN1_INT : 02
INT LENGTH : 01
INT VALUE : 03 (pathLenConstraint Value)
--------------------------------------

*.invma.net
 812   12:         SEQUENCE {
 814    3:           OBJECT IDENTIFIER basicConstraints (2 5 29 19)
 819    1:           BOOLEAN TRUE
 822    2:           OCTET STRING 30 00
         :           }

ASN1_SEQUENCE : 30
SEQUENCE LENGTH : 00

=> CA False by default
pathLen is don't care when CA is false
--------------------------------------

Thanks,

John