Extended key usage keyAgreement bit in certificate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The following commit changed the behavior of checking the extended key
usage bits in a server certificate when using X509_PURPOSE_SSL_SERVER:

http://marc.info/?l=openssl-cvs&m=132759007026375&w=2

This commit was put into 1.0.2 on April 6, 2012.  Therefore, 1.0.1 and
1.0.2 behave differently in this regard.  When using 1.0.2, the server
certificate needs to include the keyAgreement bit.  Otherwise the client
will reject the server certificate when checking the purpose
(X509_PURPOSE_SSL_SERVER).

Does this behavior in 1.0.2 comply with RFC 5246?  Reading section 7.4.2
on pages 47/48, the server certificate should include the keyAgreement
bit when using DH key exchange cipher suites.  The wording on page 48 is: 

      DH_DSS             Diffie-Hellman public key; the keyAgreement bit
      DH_RSA             MUST be set if the key usage extension is
                         present.

Given there's no other mention of using the keyAgreement bit in RFC
5246, does this imply the keyAgreement bit doesn't need to be set when
not using a DH cipher suite?  Given the commit noted above will always
check the keyAgreement bit, and the logic in v3_purp.c is unaware of the
negotiated cipher suite,  would this be considered a bug?  If not, would
it be appropriate to back-port this commit to 1.0.1 so that we would
have consistent behavior between 1.0.1 and 1.0.2?





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux