Skip to content



Tests CVE-2024-0567.

Produces the following valid trust graph:

leaf -> A1 -> (A <-> B <-> C) -> Root A

In other words: leaf is signed by intermediate A1, which in turn is signed by A, which is mutually cross-signed by CAs B and C. This naively results in a cycle, which can be resolved because A is also present as a self-signed root in the trusted set.

B and C also have subordinate CAs (B1 and C1), but these do not factor into the constructed chain.

Affects GnuTLS prior to 3.8.3.

This testcase is an independent recreation of the testcase in the patch, for CABF conformance.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
pyca-cryptography-42.0.8 N/A
rust-webpki N/A
gocryptox509-go1.22.4 N/A
openssl-3.3.1 N/A
openssl-3.1.6 N/A
certvalidator-0.11.1 ❌ (unexpected failure) The path could not be validated because the end-entity certificate contains the following unsupported critical extension: subject_alt_name
openssl-3.2.2 N/A
openssl-1.1 N/A
gnutls-certtool-3.7.3 ❌ (unexpected failure) Chain verification output: Not verified. The certificate is NOT trusted. The name in the certificate does not match the expected.
rustls-webpki N/A
openssl-3.0.14 N/A