Closed mgomezch closed 10 years ago
well, I'm not sure if there's any standard to certificate chain reading. The only time I actually had to read 2 certificates in a chain, it ended up correct through this function. I think the right thing to do is not to expect any order by default, and reconstruct the chain dynamically (as you can find which issuer signed which subject). At the same time it would be great to also provide a way to override the mechanism and allow both order.
Something like:
data CertificateChainOrder =
LeafToRoot -- ^ first certificate in the file is the leaf
| RootToLeaf -- ^ first certificate in the file is the root
| ReconstructOrder -- ^ dynamically reconstruct the chain order.
closing for lack of further comment or actions.
At least the following code from
Network.TLS.X509
assumes (correctly) that the first item in a certificate chain is the leaf certificate:One way to make a
CertificateChain
is this action inNetwork.TLS.Credentials
:The function that actually reads the chain is defined thus in
Data.X509.File
:readPEMs
, fromData.PEM
, returns a list whose items are ordered as they appear in the file. However, notice the list produced byreadSignedObject
is built with(:)
andfoldl
, so it’ll be reversed.I believe the problem should be fixed by using instead the following definition:
(with
rights
fromData.Either
, of course)I’d submit a pull request, but I don’t really know the first thing about TLS, PEM or these packages, and I have no idea how to test whether this solution makes sense. This just bit me from pointing Keter’s HTTPS listener setup at a certificate file that includes the chain that signed it, as it picks up one of the chain certificates as if it were the leaf, and Keter (actually
warp-tls
) fails at setting up connections since the key usage extension in the chain certificate does not specify it can encipher keys.