From 5ae4ceb92c2ae6c677b1de2c477dce71a4d94716 Mon Sep 17 00:00:00 2001 From: Viktor Dukhovni Date: Sun, 10 Jul 2016 20:36:02 -0400 Subject: [PATCH] Perform DANE-EE(3) name checks by default In light of potential UKS (unknown key share) attacks on some applications, primarily browsers, despite RFC761, name checks are by default applied with DANE-EE(3) TLSA records. Applications for which UKS is not a problem can optionally disable DANE-EE(3) name checks via the new SSL_CTX_dane_set_flags() and friends. Reviewed-by: Rich Salz --- crypto/x509/x509_vfy.c | 4 + doc/ssl/SSL_CTX_dane_enable.pod | 47 +++++++++- include/internal/dane.h | 2 + include/openssl/ssl.h | 7 ++ include/openssl/x509_vfy.h | 1 + ssl/ssl_lib.c | 37 ++++++++ test/danetest.c | 6 +- test/danetest.in | 147 +++++++++++++++++++++----------- 8 files changed, 200 insertions(+), 51 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 469a0a8693..ee1c9af977 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2765,6 +2765,10 @@ static int dane_verify(X509_STORE_CTX *ctx) /* Callback invoked as needed */ if (!check_leaf_suiteb(ctx, cert)) return 0; + /* Callback invoked as needed */ + if ((dane->flags & DANE_FLAG_NO_DANE_EE_NAMECHECKS) == 0 && + !check_id(ctx)) + return 0; /* Bypass internal_verify(), issue depth 0 success callback */ ctx->error_depth = 0; ctx->current_cert = cert; diff --git a/doc/ssl/SSL_CTX_dane_enable.pod b/doc/ssl/SSL_CTX_dane_enable.pod index 7923bf49a9..fb535ec527 100644 --- a/doc/ssl/SSL_CTX_dane_enable.pod +++ b/doc/ssl/SSL_CTX_dane_enable.pod @@ -3,7 +3,9 @@ =head1 NAME SSL_CTX_dane_enable, SSL_CTX_dane_mtype_set, SSL_dane_enable, -SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa - +SSL_dane_tlsa_add, SSL_get0_dane_authority, SSL_get0_dane_tlsa +SSL_CTX_dane_set_flags, SSL_CTX_dane_clear_flags, +SSL_dane_set_flags, SSL_dane_clear_flags - enable DANE TLS authentication of the remote TLS server in the local TLS client @@ -21,6 +23,10 @@ TLS client int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector, uint8_t *mtype, unsigned const char **data, size_t *dlen); + unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags); + unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags); + unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags); + unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags); =head1 DESCRIPTION @@ -124,6 +130,33 @@ The B parameter is set to a short-term internal-copy of the associated data field and must not be freed by the application. Applications that need long-term access to this field need to copy the content. +SSL_CTX_dane_set_flags() and SSL_dane_set_flags() can be used to enable +optional DANE verification features. +SSL_CTX_dane_clear_flags() and SSL_dane_clear_flags() can be used to disable +the same features. +The B argument is a bitmask of the features to enable or disable. +The B set for an B context are copied to each B handle +associated with that context at the time the handle is created. +Subsequent changes in the context's B have no effect on the B set +for the handle. + +At present, the only available option is B +which can be used to disable server name checks when authenticating via +DANE-EE(3) TLSA records. +For some applications, primarily web browsers, it is not safe to disable name +checks due to "unknown key share" attacks, in which a malicious server can +convince a client that a connection to a victim server is instead a secure +connection to the malicious server. +The malicious server may then be able to violate cross-origin scripting +restrictions. +Thus, despite the text of RFC7671, name checks are by default enabled for +DANE-EE(3) TLSA records, and can be disabled in applications where it is safe +to do so. +In particular, SMTP and XMPP clients should set this option as SRV and MX +records already make it possible for a remote domain to redirect client +connections to any server of its choice, and in any case SMTP and XMPP clients +do not execute scripts downloaded from remote servers. + =head1 RETURN VALUES The functions SSL_CTX_dane_enable(), SSL_CTX_dane_mtype_set(), @@ -142,6 +175,10 @@ non-negative value indicates the chain depth at which the TLSA record matched a chain certificate, or the depth of the top-most certificate, when the TLSA record is a full public key that is its signer. +The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(), +SSL_dane_set_flags() and SSL_dane_clear_flags() return the B in effect +before they were called. + =head1 EXAMPLE Suppose "smtp.example.com" is the MX host of the domain "example.com", and has @@ -171,6 +208,14 @@ the lifetime of the SSL connection. if (SSL_dane_enable(ssl, dane_tlsa_domain) <= 0) /* handle error */ + + /* + * For many applications it is safe to skip DANE-EE(3) namechecks. Do not + * disable the checks unless "unknown key share" attacks pose no risk for + * your application. + */ + SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS); + if (!SSL_add1_host(ssl, nexthop_domain)) /* handle error */ SSL_set_hostflags(ssl, X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS); diff --git a/include/internal/dane.h b/include/internal/dane.h index 65bf24439d..a1cb5488ba 100644 --- a/include/internal/dane.h +++ b/include/internal/dane.h @@ -57,6 +57,7 @@ struct dane_ctx_st { const EVP_MD **mdevp; /* mtype -> digest */ uint8_t *mdord; /* mtype -> preference */ uint8_t mdmax; /* highest supported mtype */ + unsigned long flags; /* feature bitmask */ }; /* @@ -71,6 +72,7 @@ struct ssl_dane_st { uint32_t umask; /* Usages present */ int mdpth; /* Depth of matched cert */ int pdpth; /* Depth of PKIX trust */ + unsigned long flags; /* feature bitmask */ }; #define DANETLS_ENABLED(dane) \ diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 3d44a4f246..ce7110da59 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1499,6 +1499,13 @@ __owur int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector, * offline testing in test/danetest.c */ SSL_DANE *SSL_get0_dane(SSL *ssl); +/* + * DANE flags + */ +unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags); +unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags); +unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags); +unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags); __owur int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm); __owur int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm); diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h index 4e44e1daea..183889a2f1 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h @@ -376,6 +376,7 @@ int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name); * offline testing in test/danetest.c */ void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane); +#define DANE_FLAG_NO_DANE_EE_NAMECHECKS (1L << 0) /* X509_VERIFY_PARAM functions */ diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 08e36733fc..4fafd18987 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -108,6 +108,9 @@ static int dane_ctx_enable(struct dane_ctx_st *dctx) int n = ((int) mdmax) + 1; /* int to handle PrivMatch(255) */ size_t i; + if (dctx->mdevp != NULL) + return 1; + mdevp = OPENSSL_zalloc(n * sizeof(*mdevp)); mdord = OPENSSL_zalloc(n * sizeof(*mdord)); @@ -182,6 +185,7 @@ static int ssl_dane_dup(SSL *to, SSL *from) return 1; dane_final(&to->dane); + to->dane.flags = from->dane.flags; to->dane.dctx = &to->ctx->dane; to->dane.trecs = sk_danetls_record_new_null(); @@ -542,6 +546,7 @@ SSL *SSL_new(SSL_CTX *ctx) RECORD_LAYER_init(&s->rlayer, s); s->options = ctx->options; + s->dane.flags = ctx->dane.flags; s->min_proto_version = ctx->min_proto_version; s->max_proto_version = ctx->max_proto_version; s->mode = ctx->mode; @@ -802,6 +807,22 @@ int SSL_CTX_dane_enable(SSL_CTX *ctx) return dane_ctx_enable(&ctx->dane); } +unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags) +{ + unsigned long orig = ctx->dane.flags; + + ctx->dane.flags |= flags; + return orig; +} + +unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags) +{ + unsigned long orig = ctx->dane.flags; + + ctx->dane.flags &= ~flags; + return orig; +} + int SSL_dane_enable(SSL *s, const char *basedomain) { SSL_DANE *dane = &s->dane; @@ -845,6 +866,22 @@ int SSL_dane_enable(SSL *s, const char *basedomain) return 1; } +unsigned long SSL_dane_set_flags(SSL *ssl, unsigned long flags) +{ + unsigned long orig = ssl->dane.flags; + + ssl->dane.flags |= flags; + return orig; +} + +unsigned long SSL_dane_clear_flags(SSL *ssl, unsigned long flags) +{ + unsigned long orig = ssl->dane.flags; + + ssl->dane.flags &= ~flags; + return orig; +} + int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki) { SSL_DANE *dane = &s->dane; diff --git a/test/danetest.c b/test/danetest.c index d473b12689..aea3a7a43e 100644 --- a/test/danetest.c +++ b/test/danetest.c @@ -329,6 +329,7 @@ static int test_tlsafile(SSL_CTX *ctx, const char *basename, STACK_OF(X509) *chain; int ntlsa; int ncert; + int noncheck; int want; int want_depth; int off; @@ -341,7 +342,8 @@ static int test_tlsafile(SSL_CTX *ctx, const char *basename, continue; ++testno; - if (sscanf(line, "%d %d %d %d%n", &ntlsa, &ncert, &want, &want_depth, &off) != 4 + if (sscanf(line, "%d %d %d %d %d%n", + &ntlsa, &ncert, &noncheck, &want, &want_depth, &off) != 5 || !allws(line + off)) { fprintf(stderr, "Expected tlsa count, cert count and result" " at test %d of %s\n", testno, path); @@ -355,6 +357,8 @@ static int test_tlsafile(SSL_CTX *ctx, const char *basename, SSL_free(ssl); return -1; } + if (noncheck) + SSL_dane_set_flags(ssl, DANE_FLAG_NO_DANE_EE_NAMECHECKS); for (i = 0; i < ntlsa; ++i) { if ((line = read_to_eol(f)) == NULL || !tlsa_import_rr(ssl, line)) { diff --git a/test/danetest.in b/test/danetest.in index 485c98657c..0cedf10a2a 100644 --- a/test/danetest.in +++ b/test/danetest.in @@ -9,7 +9,7 @@ # # The first line in each block takes the form: # -# +# # # It is followed by lines of the form: # @@ -49,7 +49,7 @@ ## -- Anonymous and "never valid" leaf certificate DANE-EE(3) tests # 1 -1 1 0 0 +1 1 1 0 0 3 0 1 588FD5F414E3327EAFE3169DC040AE161247D1296BF38304AB9CF464850A1365 subject= issuer= @@ -64,7 +64,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 2 -1 1 0 0 +1 1 1 0 0 3 1 1 05C66146D7909EAE2379825F6D0F5284146B79598DA12E403DC29C33147CF33E subject= issuer= @@ -79,7 +79,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 3 -1 1 0 0 +1 1 1 0 0 3 0 2 42BEE929852C8063A0D619B53D0DD35703BBAD2FC25F2055F737C7A14DDFEA544491F8C00F50FA083BD0AD1B5C98529994FF811BBA5E5170CC6EE9F3ED5563E1 subject= issuer= @@ -94,7 +94,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 4 -1 1 0 0 +1 1 1 0 0 3 1 2 D91A3E5DC34879CD77AD1E989F56FA78FACADF05EF8D445EDF5652BD58EE392C87C02F84C0119D62309041F2D5128A73399DF25D1F47BCD497357EAF1A1009A3 subject= issuer= @@ -109,7 +109,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 5 -1 1 65 -1 +1 1 1 65 -1 3 0 1 588FD5F414E3327EAFE3169DC040AE161247D1296BF38304AB9CF464850A1366 subject= issuer= @@ -124,7 +124,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 6 -1 1 65 -1 +1 1 1 65 -1 3 1 1 05C66146D7909EAE2379825F6D0F5284146B79598DA12E403DC29C33147CF33F subject= issuer= @@ -139,7 +139,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 7 -1 1 65 -1 +1 1 1 65 -1 3 0 2 42BEE929852C8063A0D619B53D0DD35703BBAD2FC25F2055F737C7A14DDFEA544491F8C00F50FA083BD0AD1B5C98529994FF811BBA5E5170CC6EE9F3ED5563E2 subject= issuer= @@ -154,7 +154,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= -----END CERTIFICATE----- # 8 -1 1 65 -1 +1 1 1 65 -1 3 1 2 D91A3E5DC34879CD77AD1E989F56FA78FACADF05EF8D445EDF5652BD58EE392C87C02F84C0119D62309041F2D5128A73399DF25D1F47BCD497357EAF1A1009A4 subject= issuer= @@ -171,7 +171,7 @@ yBKzbWcWMavIefhyAiEAsIia0rOBTuZL3dWn9qmN6kPLQ1BJRpy1CkQEy97uH9Y= ## -- DANE-?? chain tests -- # 9 -1 3 0 0 +1 3 0 0 0 3 0 1 BEDC04764CECAE80AEE454D332758F50847DCA424216466E4012E0DEAE1F2E5F subject= /CN=example.com issuer= /CN=Issuer CA @@ -218,7 +218,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 10 -1 3 0 0 +1 3 0 0 0 3 1 1 3111668338043DE264D0256A702248696C9484B6221A42740F920187B4C61838 subject= /CN=example.com issuer= /CN=Issuer CA @@ -265,7 +265,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 11 -1 3 0 0 +1 3 0 0 0 3 0 2 F756CCD61F3CA50D017653911701CA0052AF0B29E273DD263DD23643D86D4369D03686BD1369EF54BB2DC2DAE3CE4F05AF39D54648F94D54AA86B259AEAD9923 subject= /CN=example.com issuer= /CN=Issuer CA @@ -312,7 +312,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 12 -1 3 0 0 +1 3 0 0 0 3 1 2 CB861AF6DDED185EE04472A9092052CCC735120C34785E72C996C94B122EBA6F329BE630B1B4C6E2756E7A75392C21E253C6AEACC31FD45FF4595DED375FAF62 subject= /CN=example.com issuer= /CN=Issuer CA @@ -359,7 +359,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 13 -1 3 0 1 +1 3 0 0 1 2 0 1 0DAA76425A1FC398C55A643D5A2485AE4CC2B64B9515A75054722B2E83C31BBD subject= /CN=example.com issuer= /CN=Issuer CA @@ -406,7 +406,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 14 -1 3 0 1 +1 3 0 0 1 2 1 1 65A457617072DA3E7F1152471EB3D406526530097D0A9AA34EB47C990A1FCDA3 subject= /CN=example.com issuer= /CN=Issuer CA @@ -453,7 +453,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 15 -1 3 0 1 +1 3 0 0 1 2 0 2 6BC0C0F2500320A49392910965263A3EBDD594173D3E36CCE38A003D2EC3FAFBC315EDB776CD3139637DF494FB60359601542A4F821BF0542F926E6270C9762C subject= /CN=example.com issuer= /CN=Issuer CA @@ -500,7 +500,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 16 -1 3 0 1 +1 3 0 0 1 2 1 2 1F484106F765B6F1AC483CC509CDAD36486A83D1BA115F562516F407C1109303658408B455824DA0785A252B205DBEECB1AFB5DB869E8AAC242091B63F258F05 subject= /CN=example.com issuer= /CN=Issuer CA @@ -547,7 +547,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 17 -1 3 0 2 +1 3 0 0 2 2 0 1 FE7C8E01110627A782765E468D8CB4D2CC7907EAC4BA5974CD92B540ED2AAC3C subject= /CN=example.com issuer= /CN=Issuer CA @@ -594,7 +594,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 18 -1 3 0 2 +1 3 0 0 2 2 1 1 91D942E4A2D4226DDAF28CADAA7F13018E4ED0D9A43A529247E51C965188576C subject= /CN=example.com issuer= /CN=Issuer CA @@ -641,7 +641,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 19 -1 3 0 2 +1 3 0 0 2 2 0 2 361029F20A3B59DAFAAF05D41811EFC1A9439B972BC6B9D7F13BC5469570E49ACAE0CB0C877C75D58346590EA950AC7A39AED6E8AA8004EA7F5DE3AB9462047E subject= /CN=example.com issuer= /CN=Issuer CA @@ -688,7 +688,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 20 -1 3 0 2 +1 3 0 0 2 2 1 2 5F414D4D7BFDF22E39952D9F46C51370FDD050F10C55B4CDB42E40FA98611FDE23EEE9B23315EE1ECDB198C7419E9A2D6742860E4806AF45164507799C3B452E subject= /CN=example.com issuer= /CN=Issuer CA @@ -737,7 +737,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF ## -- PKIX-?? chain tests -- # 21 -1 2 0 0 +1 2 0 0 0 1 0 1 BEDC04764CECAE80AEE454D332758F50847DCA424216466E4012E0DEAE1F2E5F subject= /CN=example.com issuer= /CN=Issuer CA @@ -770,7 +770,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== -----END CERTIFICATE----- # 22 -1 2 0 0 +1 2 0 0 0 1 1 1 3111668338043DE264D0256A702248696C9484B6221A42740F920187B4C61838 subject= /CN=example.com issuer= /CN=Issuer CA @@ -803,7 +803,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== -----END CERTIFICATE----- # 23 -1 3 0 0 +1 3 0 0 0 1 0 2 F756CCD61F3CA50D017653911701CA0052AF0B29E273DD263DD23643D86D4369D03686BD1369EF54BB2DC2DAE3CE4F05AF39D54648F94D54AA86B259AEAD9923 subject= /CN=example.com issuer= /CN=Issuer CA @@ -850,7 +850,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 24 -1 3 0 0 +1 3 0 0 0 1 1 2 CB861AF6DDED185EE04472A9092052CCC735120C34785E72C996C94B122EBA6F329BE630B1B4C6E2756E7A75392C21E253C6AEACC31FD45FF4595DED375FAF62 subject= /CN=example.com issuer= /CN=Issuer CA @@ -897,7 +897,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 25 -1 2 0 1 +1 2 0 0 1 0 0 1 0DAA76425A1FC398C55A643D5A2485AE4CC2B64B9515A75054722B2E83C31BBD subject= /CN=example.com issuer= /CN=Issuer CA @@ -930,7 +930,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== -----END CERTIFICATE----- # 26 -1 2 0 1 +1 2 0 0 1 0 1 1 65A457617072DA3E7F1152471EB3D406526530097D0A9AA34EB47C990A1FCDA3 subject= /CN=example.com issuer= /CN=Issuer CA @@ -963,7 +963,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== -----END CERTIFICATE----- # 27 -1 3 0 1 +1 3 0 0 1 0 0 2 6BC0C0F2500320A49392910965263A3EBDD594173D3E36CCE38A003D2EC3FAFBC315EDB776CD3139637DF494FB60359601542A4F821BF0542F926E6270C9762C subject= /CN=example.com issuer= /CN=Issuer CA @@ -1010,7 +1010,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 28 -1 3 0 1 +1 3 0 0 1 0 1 2 1F484106F765B6F1AC483CC509CDAD36486A83D1BA115F562516F407C1109303658408B455824DA0785A252B205DBEECB1AFB5DB869E8AAC242091B63F258F05 subject= /CN=example.com issuer= /CN=Issuer CA @@ -1057,7 +1057,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 29 -1 2 0 2 +1 2 0 0 2 0 0 1 FE7C8E01110627A782765E468D8CB4D2CC7907EAC4BA5974CD92B540ED2AAC3C subject= /CN=example.com issuer= /CN=Issuer CA @@ -1090,7 +1090,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== -----END CERTIFICATE----- # 30 -1 2 0 2 +1 2 0 0 2 0 1 1 91D942E4A2D4226DDAF28CADAA7F13018E4ED0D9A43A529247E51C965188576C subject= /CN=example.com issuer= /CN=Issuer CA @@ -1123,7 +1123,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== -----END CERTIFICATE----- # 31 -1 3 0 2 +1 3 0 0 2 0 0 2 361029F20A3B59DAFAAF05D41811EFC1A9439B972BC6B9D7F13BC5469570E49ACAE0CB0C877C75D58346590EA950AC7A39AED6E8AA8004EA7F5DE3AB9462047E subject= /CN=example.com issuer= /CN=Issuer CA @@ -1170,7 +1170,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF -----END CERTIFICATE----- # 32 -1 3 0 2 +1 3 0 0 2 0 1 2 5F414D4D7BFDF22E39952D9F46C51370FDD050F10C55B4CDB42E40FA98611FDE23EEE9B23315EE1ECDB198C7419E9A2D6742860E4806AF45164507799C3B452E subject= /CN=example.com issuer= /CN=Issuer CA @@ -1220,7 +1220,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF # 33 # Missing intermediate CA -1 1 20 0 +1 1 0 20 0 1 0 1 BEDC04764CECAE80AEE454D332758F50847DCA424216466E4012E0DEAE1F2E5F subject= /CN=example.com issuer= /CN=Issuer CA @@ -1240,7 +1240,7 @@ GoTXBNutM50ph9QYUtxZNvISlHBjkRGB # 34 # Missing PKIX intermediate, provided via DNS -2 1 0 0 +2 1 0 0 0 1 1 1 3111668338043DE264D0256A702248696C9484B6221A42740F920187B4C61838 0 0 0 308201683082010DA003020102020102300A06082A8648CE3D04030230123110300E06035504030C07526F6F742043413020170D3135313231333233323030395A180F33303135303431353233323030395A30143112301006035504030C094973737565722043413059301306072A8648CE3D020106082A8648CE3D030107034200047D4BAE18B49F5DC69D0A3C85C66A3E2119DE92CFAD081FAD55C12D510EC97B6C00E13695A8D9713548FE60DF15573390433E2A1BD92DB4B7AA016EC6185DC5AFA350304E301D0603551D0E041604147AB75A3CD295CA5DF7C5150916E18FF5CC376A15301F0603551D23041830168014E4BD405F052A820DDF9883F93D7D3F90AAEC723F300C0603551D13040530030101FF300A06082A8648CE3D0403020349003046022100831DCD882DA8785D50E41020898C0248879DDDF72D701D1DC1DE6BE08155B43E022100B84B2FB519C4CD3CBC791603D4488F7707597DB7980D9C173E7FDD0ECD7CA308 subject= /CN=example.com @@ -1261,7 +1261,7 @@ GoTXBNutM50ph9QYUtxZNvISlHBjkRGB # 35 # Wrong leaf digest -1 3 65 -1 +1 3 0 65 -1 1 0 2 F756CCD61F3CA50D017653911701CA0052AF0B29E273DD263DD23643D86D4369D03686BD1369EF54BB2DC2DAE3CE4F05AF39D54648F94D54AA86B259AEAD9924 subject= /CN=example.com issuer= /CN=Issuer CA @@ -1309,7 +1309,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF # 36 # Wrong intermediate digest -1 2 65 -1 +1 2 0 65 -1 0 0 1 0DAA76425A1FC398C55A643D5A2485AE4CC2B64B9515A75054722B2E83C31BBE subject= /CN=example.com issuer= /CN=Issuer CA @@ -1343,7 +1343,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== # 37 # Wrong root digest -1 2 65 -1 +1 2 0 65 -1 0 0 1 FE7C8E01110627A782765E468D8CB4D2CC7907EAC4BA5974CD92B540ED2AAC3D subject= /CN=example.com issuer= /CN=Issuer CA @@ -1379,7 +1379,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== # 38 # DANE-EE(3) beats DANE-TA(2) -1 3 0 0 +1 3 0 0 0 3 1 2 CB861AF6DDED185EE04472A9092052CCC735120C34785E72C996C94B122EBA6F329BE630B1B4C6E2756E7A75392C21E253C6AEACC31FD45FF4595DED375FAF62 2 1 2 5F414D4D7BFDF22E39952D9F46C51370FDD050F10C55B4CDB42E40FA98611FDE23EEE9B23315EE1ECDB198C7419E9A2D6742860E4806AF45164507799C3B452E subject= /CN=example.com @@ -1428,7 +1428,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF # 39 # DANE-TA(2) depth 1 beats DANE-TA(2) depth 2 -1 3 0 1 +1 3 0 0 1 2 1 2 1F484106F765B6F1AC483CC509CDAD36486A83D1BA115F562516F407C1109303658408B455824DA0785A252B205DBEECB1AFB5DB869E8AAC242091B63F258F05 2 1 2 5F414D4D7BFDF22E39952D9F46C51370FDD050F10C55B4CDB42E40FA98611FDE23EEE9B23315EE1ECDB198C7419E9A2D6742860E4806AF45164507799C3B452E subject= /CN=example.com @@ -1477,7 +1477,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF # 40 # DANE-TA(2) depth 2 beats PKIX-TA(0) depth 1 -1 3 0 2 +1 3 0 0 2 2 0 1 FE7C8E01110627A782765E468D8CB4D2CC7907EAC4BA5974CD92B540ED2AAC3C 0 0 1 0DAA76425A1FC398C55A643D5A2485AE4CC2B64B9515A75054722B2E83C31BBD subject= /CN=example.com @@ -1526,7 +1526,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF # 41 # DANE-TA(2) depth 2 beats PKIX-EE depth 0 -1 3 0 2 +1 3 0 0 2 2 0 1 FE7C8E01110627A782765E468D8CB4D2CC7907EAC4BA5974CD92B540ED2AAC3C 0 0 1 0DAA76425A1FC398C55A643D5A2485AE4CC2B64B9515A75054722B2E83C31BBD subject= /CN=example.com @@ -1575,7 +1575,7 @@ vBCcrtNYKWa/JfwFmOq6bHk8WNzDU3zF # 42 # DANE-TA(2) Full(0) root "from DNS": -1 2 0 2 +1 2 0 0 2 2 0 0 308201643082010BA003020102020101300A06082A8648CE3D04030230123110300E06035504030C07526F6F742043413020170D3135313231333233313330385A180F33303135303431353233313330385A30123110300E06035504030C07526F6F742043413059301306072A8648CE3D020106082A8648CE3D03010703420004D1DA578FD18FB86456B0D91B5656BDD68D4DDBD250E337571127C75E0560F41D0AF91BFAF8805F80C28C026A14D4FE8C30A9673B9EC0C05A84AA810D1341B76CA350304E301D0603551D0E04160414E4BD405F052A820DDF9883F93D7D3F90AAEC723F301F0603551D23041830168014E4BD405F052A820DDF9883F93D7D3F90AAEC723F300C0603551D13040530030101FF300A06082A8648CE3D040302034700304402206869E6AA9F9B4D4BF308091A5A7AB2C30E3619B0D75E528819468E4BB926F4C9022017F1B8458611966FBC109CAED3582966BF25FC0598EABA6C793C58DCC3537CC5 subject= /CN=example.com issuer= /CN=Issuer CA @@ -1609,7 +1609,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== # 43 # DANE-TA(2) Full(0) intermediate "from DNS": -1 1 0 1 +1 1 0 0 1 2 0 0 308201683082010DA003020102020102300A06082A8648CE3D04030230123110300E06035504030C07526F6F742043413020170D3135313231333233323030395A180F33303135303431353233323030395A30143112301006035504030C094973737565722043413059301306072A8648CE3D020106082A8648CE3D030107034200047D4BAE18B49F5DC69D0A3C85C66A3E2119DE92CFAD081FAD55C12D510EC97B6C00E13695A8D9713548FE60DF15573390433E2A1BD92DB4B7AA016EC6185DC5AFA350304E301D0603551D0E041604147AB75A3CD295CA5DF7C5150916E18FF5CC376A15301F0603551D23041830168014E4BD405F052A820DDF9883F93D7D3F90AAEC723F300C0603551D13040530030101FF300A06082A8648CE3D0403020349003046022100831DCD882DA8785D50E41020898C0248879DDDF72D701D1DC1DE6BE08155B43E022100B84B2FB519C4CD3CBC791603D4488F7707597DB7980D9C173E7FDD0ECD7CA308 subject= /CN=example.com issuer= /CN=Issuer CA @@ -1629,7 +1629,7 @@ GoTXBNutM50ph9QYUtxZNvISlHBjkRGB # 44 # DANE-TA(2) SPKI(1) Full(0) intermediate "from DNS": -1 1 0 0 +1 1 0 0 0 2 1 0 3059301306072A8648CE3D020106082A8648CE3D030107034200047D4BAE18B49F5DC69D0A3C85C66A3E2119DE92CFAD081FAD55C12D510EC97B6C00E13695A8D9713548FE60DF15573390433E2A1BD92DB4B7AA016EC6185DC5AF subject= /CN=example.com issuer= /CN=Issuer CA @@ -1649,7 +1649,7 @@ GoTXBNutM50ph9QYUtxZNvISlHBjkRGB # 45 # DANE-TA(2) SPKI(1) Full(0) root "from DNS": -1 2 0 1 +1 2 0 0 1 2 1 0 3059301306072A8648CE3D020106082A8648CE3D03010703420004D1DA578FD18FB86456B0D91B5656BDD68D4DDBD250E337571127C75E0560F41D0AF91BFAF8805F80C28C026A14D4FE8C30A9673B9EC0C05A84AA810D1341B76C subject= /CN=example.com issuer= /CN=Issuer CA @@ -1684,7 +1684,7 @@ GcTNPLx5FgPUSI93B1l9t5gNnBc+f90OzXyjCA== # 46 # Mismatched name "example.org", should still succeed given a # DANE-EE(3) match. -1 3 0 0 +1 3 1 0 0 3 1 1 ee1477190203f5d8b4767f4451b89e7367cdec7f6965a4988227983562ac8270 subject= CN = example.org issuer= CN = CA2 @@ -1733,7 +1733,7 @@ fEevg+GOsr1P6nNMCAsQd9NwsvTQ+jm+TBArWQ== # 47 # Mismatched name "example.org", should fail despite a DANE-TA(2) # match for the intermediate CA. -1 3 62 1 +1 3 0 62 1 2 1 1 946af0956378efaba7ee1bbedc17af110ea8de19c079a98e77398724a3708a1f subject= CN = example.org issuer= CN = CA2 @@ -1782,7 +1782,7 @@ fEevg+GOsr1P6nNMCAsQd9NwsvTQ+jm+TBArWQ== # 48 # Mismatched name "example.org", should fail despite a DANE-TA(2) # match for the root CA. -1 3 62 2 +1 3 0 62 2 2 1 1 34474f2fbc39da44dfbd11215bdafadf9507406c04de1f65dbd2a1bc4f2165cc subject= CN = example.org issuer= CN = CA2 @@ -1827,3 +1827,52 @@ FoAUFFv7+que2ySx6ZtqShlPBNmTwBcwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQD AgNJADBGAiEAumhPWZ37swl10awM/amX+jv0UlUyJBf8RGA6QMG5bwICIQDbinER fEevg+GOsr1P6nNMCAsQd9NwsvTQ+jm+TBArWQ== -----END CERTIFICATE----- + +# 49 +# Mismatched name "example.org", should fail when name checks +# are not disabled for DANE-EE(3). +1 3 0 62 0 +3 1 1 ee1477190203f5d8b4767f4451b89e7367cdec7f6965a4988227983562ac8270 +subject= CN = example.org +issuer= CN = CA2 +notBefore=Feb 6 22:39:47 2016 GMT +notAfter=Feb 7 22:39:47 2116 GMT +-----BEGIN CERTIFICATE----- +MIIBkDCCATWgAwIBAgIBAjAKBggqhkjOPQQDAjAOMQwwCgYDVQQDDANDQTIwIBcN +MTYwMjA2MjIzOTQ3WhgPMjExNjAyMDcyMjM5NDdaMBYxFDASBgNVBAMMC2V4YW1w +bGUub3JnMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/YCEn0pxClPTvpjioxU4 +ajopRa4j/6XTqxy9zqn1AcMCiVWp6j22B6RpLmKEHoRHQxFzebd2juTXIDq81CID +z6N6MHgwHQYDVR0OBBYEFOrSA+2YKXa5KR6k0687CZuhai5OMB8GA1UdIwQYMBaA +FLTY4vqgjcQ01aCcB8AYVbUhEU7VMAkGA1UdEwQCMAAwEwYDVR0lBAwwCgYIKwYB +BQUHAwEwFgYDVR0RBA8wDYILZXhhbXBsZS5vcmcwCgYIKoZIzj0EAwIDSQAwRgIh +AKSsLwlidPiSrgda6XWihov4D4KHu6ZX3ZAAZ2uiBAefAiEArCq5WiO3Zeunl0Ct +PyDiaL1QKbJ7lnqPQCS1o8xn+RI= +-----END CERTIFICATE----- +subject= CN = CA2 +issuer= CN = Root CA2 +notBefore=Feb 6 22:39:13 2016 GMT +notAfter=Feb 7 22:39:13 2116 GMT +-----BEGIN CERTIFICATE----- +MIIBYjCCAQigAwIBAgIBAjAKBggqhkjOPQQDAjATMREwDwYDVQQDDAhSb290IENB +MjAgFw0xNjAyMDYyMjM5MTNaGA8yMTE2MDIwNzIyMzkxM1owDjEMMAoGA1UEAwwD +Q0EyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEYr6zgBxpsxA31IFiGyb6uaGC +CQdNMyJfDgqCihsU1eOEuauzXO7tydCbjfRmhqQK1EGd254IjcGY+37tZEbvPKNQ +ME4wHQYDVR0OBBYEFLTY4vqgjcQ01aCcB8AYVbUhEU7VMB8GA1UdIwQYMBaAFBRb ++/qrntsksembakoZTwTZk8AXMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSAAw +RQIgX2fmMykyiuryf1AeKyc1j8HgmM8u/nyQfJnTCwvYUcECIQC6JHd3ybV9eJQo +7sfr/jV+rRlZY2iaRv160BWYd82L7g== +-----END CERTIFICATE----- +subject= CN = Root CA2 +issuer= CN = Root CA2 +notBefore=Feb 6 22:38:48 2016 GMT +notAfter=Feb 7 22:38:48 2116 GMT +-----BEGIN CERTIFICATE----- +MIIBaDCCAQ2gAwIBAgIBATAKBggqhkjOPQQDAjATMREwDwYDVQQDDAhSb290IENB +MjAgFw0xNjAyMDYyMjM4NDhaGA8yMTE2MDIwNzIyMzg0OFowEzERMA8GA1UEAwwI +Um9vdCBDQTIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATlTxAPKteg+L1LmxMl +sbAFMxj6/322nR5RRGeF07KZRBFPaFZLgwZ1DuNrwM3wxxNdUyoZ6iAyDmwNf3K1 +42/Uo1AwTjAdBgNVHQ4EFgQUFFv7+que2ySx6ZtqShlPBNmTwBcwHwYDVR0jBBgw +FoAUFFv7+que2ySx6ZtqShlPBNmTwBcwDAYDVR0TBAUwAwEB/zAKBggqhkjOPQQD +AgNJADBGAiEAumhPWZ37swl10awM/amX+jv0UlUyJBf8RGA6QMG5bwICIQDbinER +fEevg+GOsr1P6nNMCAsQd9NwsvTQ+jm+TBArWQ== +-----END CERTIFICATE----- -- 2.25.1