Skip to content

pathological🔗

pathological::multiple-chains-expired-intermediate🔗

Produces the following chain:

root 2 -> intermediate (expired) -> root -> EE

Both roots are trusted. A chain should be built successfully, disregarding the expired intermediate certificate and the second root. This scenario is known as the "chain of pain"; for further reference, see https://www.agwa.name/blog/post/fixing_the_addtrust_root_expiration.

Expected result Validation kind Validation time Features Importance Conflicts Download
SUCCESS SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 N/A
gnutls-certtool-3.7.3 ❌ (unexpected failure) Chain verification output: Not verified. The certificate is NOT trusted. The certificate chain uses expired certificate.
certvalidator-0.11.1 N/A
pyca-cryptography-43.0.1 N/A
rustls-webpki N/A
openssl-3.2.3 N/A
openssl-3.0.15 N/A
openssl-3.3.2 N/A
openssl-3.1.7 N/A
openssl-3.4.0 N/A
rust-webpki N/A
openssl-1.1 N/A

pathological::intermediate-cycle-distinct-cas🔗

Produces the following invalid chain:

root -/-> (ICA' <-> ICA'') -> EE

ICA' and ICA'' are separate logical CAs that sign for each other. Neither chains up to the root.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 N/A
gnutls-certtool-3.7.3 Chain verification output: Not verified. The certificate is NOT trusted. The certificate issuer is unknown. The name in the certificate does not match the expected.
certvalidator-0.11.1 Unable to build a validation path for the certificate "Common Name: example.com" - no issuer matching "Common Name: intermediate-cycle-distinct-ca1" was found
pyca-cryptography-43.0.1 validation failed: CandidatesExhausted(Other("chain construction exceeds max depth"))
rustls-webpki UnknownIssuer
openssl-3.2.3 unable to get local issuer certificate
openssl-3.0.15 unable to get local issuer certificate
openssl-3.3.2 unable to get local issuer certificate
openssl-3.1.7 unable to get local issuer certificate
openssl-3.4.0 unable to get local issuer certificate
rust-webpki UnknownIssuer
openssl-1.1 unable to get local issuer certificate

pathological::intermediate-cycle-distinct-cas-max-depth🔗

Produces the following invalid chain:

root -/-> (ICA' <-> ICA'') -> EE

ICA' and ICA'' are separate logical CAs that sign for each other. Neither chains up to the root.

This testcase is identical to intermediate-cycle-distinct-cas, except that it specifies a large explicit max depth.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 🚧 max chain depth not supported
gnutls-certtool-3.7.3 Chain verification output: Not verified. The certificate is NOT trusted. The certificate issuer is unknown. The name in the certificate does not match the expected.
certvalidator-0.11.1 Unable to build a validation path for the certificate "Common Name: example.com" - no issuer matching "Common Name: intermediate-cycle-distinct-ca1" was found
pyca-cryptography-43.0.1 validation failed: CandidatesExhausted(Other("current depth calculation overflowed"))
rustls-webpki UnknownIssuer
openssl-3.2.3 unable to get local issuer certificate
openssl-3.0.15 unable to get local issuer certificate
openssl-3.3.2 unable to get local issuer certificate
openssl-3.1.7 unable to get local issuer certificate
openssl-3.4.0 unable to get local issuer certificate
rust-webpki UnknownIssuer
openssl-1.1 unable to get local issuer certificate

pathological::intermediate-cycle-same-logical-ca🔗

Produces the following invalid chain:

root -/-> (ICA <-> ICA) -> EE

The two ICA certificates are from the same logical CA (same subject), but have different keys and sign for each other, forming a cycle. Neither chains up to the root.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A N/A undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 N/A
gnutls-certtool-3.7.3 Chain verification output: Not verified. The certificate is NOT trusted. The certificate issuer is unknown. The name in the certificate does not match the expected.
certvalidator-0.11.1 Unable to build a validation path for the certificate "Common Name: example.com" - no issuer matching "Common Name: intermediate-cycle-same-logical-ca" was found
pyca-cryptography-43.0.1 validation failed: CandidatesExhausted(Other("Certificate is missing required extension"))
rustls-webpki UnknownIssuer
openssl-3.2.3 unable to get local issuer certificate
openssl-3.0.15 unable to get local issuer certificate
openssl-3.3.2 unable to get local issuer certificate
openssl-3.1.7 unable to get local issuer certificate
openssl-3.4.0 unable to get local issuer certificate
rust-webpki UnknownIssuer
openssl-1.1 unable to get local issuer certificate

pathological::nc-dos-1🔗

Produces the following pathological chain:

root [many constraints] -> EE [many names]

The root CA contains 2048 permits and excludes name constraints, which are checked against the EE's 2048 SANs and 2048 subjects. This is typically rejected by implementations due to quadratic blowup, but is technically valid.

This testcase is extended from OpenSSL's (many-names1.pem, many-constraints.pem) testcase, via https://github.com/openssl/openssl/pull/4393.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A denial-of-service undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
certvalidator-0.11.1 ❌ (unexpected success) N/A
pyca-cryptography-43.0.1 validation failed: FatalError("Exceeded maximum name constraint check limit")
rustls-webpki leaf cert: X.509 parse failed
openssl-3.2.3 unspecified certificate verification error
openssl-3.0.15 unspecified certificate verification error
openssl-3.3.2 unspecified certificate verification error
openssl-3.1.7 unspecified certificate verification error
openssl-3.4.0 unspecified certificate verification error
rust-webpki leaf cert: X.509 parse failed
openssl-1.1 unspecified certificate verification error

pathological::nc-dos-2🔗

Produces the following pathological chain:

root [many constraints] -> EE [many names]

The root CA contains over 2048 permits and excludes name constraints, which are checked against the EE's 2048 SANs. This is typically rejected by implementations due to quadratic blowup, but is technically valid.

This testcase is extended from OpenSSL's (many-names2.pem, many-constraints.pem) testcase, via https://github.com/openssl/openssl/pull/4393.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A denial-of-service undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
certvalidator-0.11.1 The path could not be validated because the end-entity certificate contains the following unsupported critical extension: subject_alt_name
pyca-cryptography-43.0.1 validation failed: FatalError("Exceeded maximum name constraint check limit")
rustls-webpki MaximumNameConstraintComparisonsExceeded
openssl-3.2.3 unspecified certificate verification error
openssl-3.0.15 unspecified certificate verification error
openssl-3.3.2 unspecified certificate verification error
openssl-3.1.7 unspecified certificate verification error
openssl-3.4.0 unspecified certificate verification error
rust-webpki UnknownIssuer
openssl-1.1 unspecified certificate verification error

pathological::nc-dos-3🔗

Produces the following pathological chain:

root [many constraints] -> EE [many names]

The root CA contains over 2048 permits and excludes name constraints, which are checked against the EE's 2048 subjects (not SANS). This is typically rejected by implementations due to quadratic blowup, but is technically valid.

This testcase is a reproduction of OpenSSL's (many-names3.pem, many-constraints.pem) testcase, via https://github.com/openssl/openssl/pull/4393.

Expected result Validation kind Validation time Features Importance Conflicts Download
FAILURE SERVER N/A denial-of-service undetermined N/A PEM bundle
Harness Result Context
gocryptox509-go1.22.7 N/A
gnutls-certtool-3.7.3 ❌ (unexpected success) Chain verification output: Verified. The certificate is trusted.
certvalidator-0.11.1 ❌ (unexpected success) N/A
pyca-cryptography-43.0.1 validation failed: Other("Certificate is missing required extension")
rustls-webpki subject name validation failed
openssl-3.2.3 unspecified certificate verification error
openssl-3.0.15 unspecified certificate verification error
openssl-3.3.2 unspecified certificate verification error
openssl-3.1.7 unspecified certificate verification error
openssl-3.4.0 unspecified certificate verification error
rust-webpki UnknownIssuer
openssl-1.1 unspecified certificate verification error