php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #42886 openssl_x509_checkpurpose returns int(0) on valid public certificate
Submitted: 2007-10-08 10:52 UTC Modified: 2009-09-04 07:44 UTC
Votes:4
Avg. Score:4.2 ± 0.8
Reproduced:3 of 4 (75.0%)
Same Version:2 (66.7%)
Same OS:0 (0.0%)
From: tokul at users dot sourceforge dot net Assigned: pajoye (profile)
Status: Not a bug Package: OpenSSL related
PHP Version: 5CVS-2008-11-01 OS: Linux Debian Etch
Private report: No CVE-ID: None
 [2007-10-08 10:52 UTC] tokul at users dot sourceforge dot net
Description:
------------
According to last chapter in openssl_x509_checkpurpose() manual function should return true, false or int(-1). Synopsis line shows that function returns integer.

If I check public certificate file with OpenSSL binary (openssl x509 -purpose -in certfile.pem), it shows purposes as
----
SSL client : Yes
SSL client CA : No
SSL server : Yes
SSL server CA : No
Netscape SSL server : Yes
Netscape SSL server CA : No
S/MIME signing : Yes
S/MIME signing CA : No
S/MIME encryption : Yes
S/MIME encryption CA : No
CRL signing : Yes
CRL signing CA : No
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : No
----

If I check it with PHP 
----
var_dump(openssl_x509_checkpurpose(file_get_contents('./certfile.pem'),X509_PURPOSE_SMIME_SIGN));
---
it returns int(0). Int(0) is evaluated as boolean false in PHP.

Tested PHP 5.2.0 and PHP 5.2-dev (200710080830). OpenSSL 0.9.8c (Debian 0.9.8c-4 package). Used Thawte free email certificate for testing. Certificate is valid from 2007.02.24 till 2008.02.24. System clock is correct.


Reproduce code:
---------------
var_dump(openssl_x509_checkpurpose(file_get_contents('./certfile.pem'),X509_PURPOSE_SMIME_SIGN));


Expected result:
----------------
bool(true) or int(1)

Actual result:
--------------
int(0)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2008-10-31 08:49 UTC] pajoye@php.net
Please provide a sample certificate to reproduce this problem or the values you used to create a similar certificate.
 [2008-11-01 21:13 UTC] tokul at users dot sourceforge dot net
php 5.2-200811011530

Test result is the same. It is impossible to verify purpose of certificate, because function returns integer value which is evaluated as false even when certificate can be used for SMIME signatures.

I don't know options that Thawte used to generate certificate. I've accepted default options with 2048-bit encryption for Mozilla Firefox/Thunderbird.

Here goes already expired certificate used for initial bug report.

-----BEGIN CERTIFICATE-----
MIIC8DCCAlmgAwIBAgIQS8GxvbV7pghz0FD/I7rVVjANBgkqhkiG9w0BAQUFADBi
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vpbmcg
Q0EwHhcNMDcwMjI0MDYyMzA0WhcNMDgwMjI0MDYyMzA0WjBNMR8wHQYDVQQDExZU
aGF3dGUgRnJlZW1haWwgTWVtYmVyMSowKAYJKoZIhvcNAQkBFht0b2t1bEB1c2Vy
cy5zb3VyY2Vmb3JnZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQALcUK5moBKz5tHqYcquqb8seEKgzDbFJ3Nko8VEyVy1vnwKtHkNeXuMv1mbH
2dhkvI2JtWpNte36bzLErQHzZhnehAdRb3RIlLrASxkn4btidkWasYjqhtMI1sGL
D+7wFdC4rSfdYwRUto8zrB5FeoNakJre8gmljqwm18fh5ZMsiWboXdKVVCa8ALBk
P5dZ7gYElfNj3FJSjqo0Efs5yQn8EsY+uDNTH+y8HE5Sqq0mkuLw/7WIO5PCsQAF
xTsEo2dqnj3us9KGgNGkR4JRp17NPfNofLs26w7H2n3oAmjMaM51U5lpPOSh0Nm7
uwrpsWnE84Jm2I/9WhhuSOEJAgMBAAGjODA2MCYGA1UdEQQfMB2BG3Rva3VsQHVz
ZXJzLnNvdXJjZWZvcmdlLm5ldDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBQUA
A4GBAJlmrYGSeE00IK7WR+05BT0g6YigfIoKLbeTJu25oVHN8dBLU0Jjx5KZRfZQ
BCt/8CVBNxNwwKRQnQ36M4Hq0YLa+bBYq3pJPbL62Ffj7mLHhDkFvJw/sgQ1I7jH
URvzt58Hw3B34wEHzqnzcsFOPxNZN3aU4BTnbUBTUjkVVpuZ
-----END CERTIFICATE-----
 [2008-11-18 10:09 UTC] pajoye@php.net
It seems to be a bug in the openssl directly. I have tried with many different certs and many failed (including the one available in the openssl's demo directory).

I have to work on other things now, the fix may require to duplicate the x509_verify_cert code (partially or completely).

tested with 0.98g and 0.9.8i
 [2009-09-04 05:06 UTC] ryan+phpbugs at sleevi dot com
The problem is not resolved in PHP 5.2.6, provided you call it correctly.

openssl_x509_checkpurpose expects to be able to build a full chain of certificates to verify its purpose. Furthermore, it expects there to be a trusted certificate as part of the chain.

When invoked as 

var_dump(openssl_x509_checkpurpose(file_get_contents('./certfile.pem'). X509_PURPOSE_SMIME_SIGN));

this fails, because a chain cannot properly be built to a trusted root.

My test case involved:
  - Obtaining Using the Thawte intermediate and root certificates, obtained via http://www.thawte.com/repository/index.html 
  - Copying the contents of the Thawte Personal Freemail Issuing CA and Thawte Personal Freemail CA PEM files from that list into a new file, called 'chain.pem'. The certs were simply appended one after the other
  - Setting the system time to be during the validity period of the certificate (2007-10-10 00:00:00 GMT)
  - executing as
var_dump(openssl_x509_checkpurpose(file_get_contents('./certfile.pem'). X509_PURPOSE_SMIME_SIGN, array('./chain.pem'));
  - I received int(1) as the result

I do not believe the reporter's initial case should be supported. Purpose checking requires checking each of the CAs that issued the certificate to make sure there are no purpose constraints. The absence of the CA certificates makes this impossible, hence the failure.

If one wishes to obtain any X509 certificate extensions for a single certificate, openssl_x509_parse is able to provide this information. However, it should not be treated as authoritative, as it does not reflect the full chain policy being enforced for that certificate.

My OpenSSL version was 0.9.8f, running Linux kernel 2.6.14.6 and PHP 5.2.6. While these versions do differ from the original submission, with the above explanation, it should provide enough information to see if this does resolve the situation with purpose verification.
 [2009-09-04 06:40 UTC] pajoye@php.net
@ryan+phpbugs at sleevi dot com

Thanks for the detailed explanation. And you are right about the conclusions. That's also not something we should try to change from PHP (if there was a bug), that's openssl's job.
 [2009-09-04 07:44 UTC] tokul at users dot sourceforge dot net
I don't agree that bug is bogus.

1. /usr/bin/openssl works without any chain certificate arguments.
2. how am I supposed to know all chained certificates and why do I have to go through all the trouble of getting them in order to check certificates. function should use trusted system certificates like /usr/bin/openssl does (if /usr/bin/openssl does it).
3. Bug report also states that function returns integer value when one part of documentation states that it should return boolean or different integer value.

Even if bug report is bogus, documentation is still broken.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 13:01:28 2024 UTC