search

jglobus / JGlobus

jGlobus is a collection of Java client libraries for Globus® Toolkit security, GRAM, and GridFTP.
http://www.globus.org/toolkit/jglobus/
Apache License 2.0
24 stars 44 forks source link

JGlobus incorrectly refuses proxies with key usage #160

Closed maarten-litmaath closed 5 years ago

maarten-litmaath commented 7 years ago

Dear JGlobus developers, recently it was discovered that JGlobus refuses proxies that have the non-repudiation flag set in the key usage. This issue is at least affecting proxy certificates from the GridCanada CA and thereby users from the ATLAS experiment at CERN.

The matter has been discussed in a GGUS ticket (not world-readable):

https://ggus.eu/index.php?mode=ticket_info&ticket_id=124650#update#30

The gist of that discussion follows here:

Andrea Ceccanti:

27 Oct 2016 09:30:52 (SRM-ppshead) [] SSL handshake with 206.12.1.168:47986 failed: Path validation failed: Path validation failed for CN=1389744797, CN=Di Qing, OU=triumf.ca, O=Grid, C=CA: Proxy violation: Key usage is asserted.

This looks like a JGlobus error, likely produced here:

https://github.com/jglobus/JGlobus/blob/57531fe9839547bc4f02dee5cfcf2d82e262ded8/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java#L540

and it seems that the non-repudiation is indeed the issue :/

OTOH, on the RFC I do not find anywhere that non-repudiation should not be set.

The only thing I find is:

"If the Proxy Issuer certificate has the KeyUsage extension, the Digital Signature bit MUST be asserted."

Paul Millar:

The requirement not to set these key-usage bits in jGlobus exists since the entire codebase was added to git, in August 2010.

My checkout of the 'gsi' module from the Globus CVS server:

:pserver:anonymous@cvs.globus.org:/home/globdev/CVS/globus-packages

has a file proxy/proxy_core/source/library/globus_gsi_proxy.c that includes the following fragment in the function globus_l_gsi_proxy_sign_key:

/* clear bits specified in draft */

ASN1_BIT_STRING_setbit(usage, 1, 0); /* Non Repudiation / ASN1_BIT_STRING_setbit(usage, 5, 0); / Certificate Sign */

My guess is that a draft version of the RFC required these bits be cleared from a proxy certificate.

If Andrea now cannot find a reference to that in the final RFC, it seems this requirement was dropped during the review process, but that the Globus code to generate the proxy continues to clear these bits, if set in the parent certificate.

Andrea Ceccanti:

yes Globus clears those bits when creating a proxy, and this is not harmful per se.

The problem in JGlobus, and only there AFAIU, is that the library requires the bits to be clear when validating a proxy.

Maarten Litmaath:

it seems a quick fix would be to have this line commented out for now:

https://github.com/jglobus/JGlobus/blob/57531fe9839547bc4f02dee5cfcf2d82e262ded8/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java#L541

Can you look into that? Thanks!

maarten-litmaath commented 6 years ago

Fixed versions have been released by OSG for EL6 and EL7 already in 2017:

https://jira.opensciencegrid.org/browse/SOFTWARE-2807

--> https://repo.opensciencegrid.org/osg/3.3/