which includes a collection of certificates and validation options.
This is akin to what is used in the trust stores of Mozilla Firefox,
or Apple's and Microsoft's certificate stores, ...
-By default all self-signed certificates in the trust store
+By default all apparently self-signed certificates in the trust store
are considered to be trust anchors, for all or for specified purposes.
+For efficiency reasons, apparently self-signed certificates (based on certificate metadata)
+are not subjected to cryptographic self-signature check.
+A certificate is apparently self-signed if and only if all of the following conditions are met:
+
+=over 4
+
+=item *
+
+it is self-issued, i.e., its C<subject> and C<issuer> fields are equal,
+
+=item *
+
+the algorithm identifiers of its public key and signature match,
+
+=item *
+
+if it has an authorityKeyIdentifier (AKID) extension containing the C<keyIdentifier> field,
+its value matches the subjectKeyIdentifier (SKID) extension if present,
+
+=item *
+
+if it has an AKID containing the C<authorityCertSerialNumber> field,
+its value equals the serial number of the certificate, and
+
+=item *
+
+if it has an AKID containing the C<authorityCertIssuer> field
+and its C<GeneralNames> include at least one C<directoryName>,
+the first such name equals the C<issuer> field of the certificate.
+
+=back
+
Independent of any extended key usage (EKU) X.509v3 extension included,
from the OpenSSL perspective a trust anchor certificate should be augmented
with local trust attributes, giving an explicit designation for which
the EKU associated with the intended purpose
or it does not have any positive trust attribute
and one of the following compatibility conditions apply:
-It is self-signed or the B<-partial_chain> option is given
+It is apparently self-signed or the B<-partial_chain> option is given
(which corresponds to the B<X509_V_FLAG_PARTIAL_CHAIN> flag being set).
=back
The subject alternative names (SAN) and issuer alternative names given in
subjectAltName or issuerAltName extensions are not relevant for chain building.
-Once a self-signed certificate has been added, chain construction stops.
+Once a apparently self-signed certificate has been added, chain construction stops.
In this case it must fully match a trust anchor, otherwise chain building fails.
A candidate issuer certificate matches a subject certificate
The third step is to check the trust settings on the last certificate or
trust anchor, which typically is given as a self-signed root CA certificate.
If specified, it must be trusted for the given use.
-For compatibility, a self-signed certificate
+For compatibility, an apparently self-signed certificate
with no trust attributes is considered to be valid for all uses.
The fourth, and final, step is to check the validity of the certificate chain.
=item *
The authorityKeyIdentifier must be given for X.509v3 certs unless they
-are self-signed.
+are apparently self-signed.
=item *
=item B<-check_ss_sig>
Verify the signature of
-the last certificate in a chain if the certificate is supposedly self-signed.
+the last certificate in a chain if the certificate is apparently self-signed.
This is prohibited and will result in an error if it is a non-conforming CA
certificate with key usage restrictions not including the keyCertSign bit.
This verification is disabled by default because it doesn't add any security.
Parse I<file> as a set of one or more certificates.
Each of them qualifies as trusted if has a suitable positive trust attribute
-or it is self-signed or the B<-partial_chain> option is specified.
+or it is apparently self-signed or the B<-partial_chain> option is specified.
This option implies the B<-no-CAfile>, B<-no-CApath>, and B<-no-CAstore> options
and it cannot be used with the B<-CAfile>, B<-CApath> or B<-CAstore> options, so
only certificates specified using the B<-trusted> option are trust anchors.
projects / thirdparty / openssl.git / commitdiff
