TrueNAS CA issues corrupted certificates when certificates issued by IMPORTED CA

tregubovav.dev · July 28, 2024, 12:59am

I imported intermediate CA issued by another (off-line) CA to the TrueNAS Scale and tried to issue TLS Certificates from imported CA. Result - this CA issues invalid certificates.
After some investigation I found that TrueNAS shuffles RDNs order of the Issuer’s DN in the issued certificate which makes it invalid.
I also issued certificate via openssl using the same CA certificate, private key and CSR, and got the valid certificate.

Below are details

CA Certificate (truncated)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:e8:22:b8:66:40:5f:1d:34:9b:b7:05:f7:73:ba:23:77:58:06:9d
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=US, O=Home, OU=Home Root CA, CN=Home Root CA
        Validity
            Not Before: Jul 27 19:38:55 2024 GMT
            Not After : Jul 27 19:38:55 2044 GMT
        Subject: C=US, O=Home, OU=Home Root CA, CN=Home Intermediate CA
        Subject Public Key Info:
        ...
        X509v3 extensions:
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Subject Key Identifier:
                CD:E4:56:30:7F:60:CE:5E:19:5A:0F:8C:68:05:71:C2:AB:01:3B:79
            X509v3 Authority Key Identifier:
                D0:54:62:09:E5:3E:F9:E3:53:12:3D:F1:41:D9:88:CC:05:34:F6:D0

Certificate issued via TrueNAS (truncated)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:e1:0d:4b:ee:53:af:8f:c2:d6:5a:61:8f:a9:45:50:35:47:1d:23
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: CN = Home Identity CA, C = US, O = Home, OU = Home Root CA
        Validity
            Not Before: Jul 27 19:46:09 2024 GMT
            Not After : Aug 28 19:46:09 2025 GMT
        Subject: CN = test, C = US, ST = NY, L = NY, O = Home, OU = Home Identity CA, emailAddress = aa@bb.cc
        Subject Public Key Info:
        ...
        X509v3 extensions:
            X509v3 Subject Alternative Name:
                DNS:test
            X509v3 Subject Key Identifier:
                8A:51:D6:C1:2E:D4:FD:C6:A9:0E:27:50:DF:21:32:2E:28:07:00:8B

Certificate issued by openssl (truncated)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:4e:23:8e:9f:bc:12:2e:d4:39:83:5d:af:d5:a6:81:ad:90:f4:be
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C=US, O=Home, OU=Home Root CA, CN=Home Identity CA

        Validity
            Not Before: Jul 27 20:55:48 2024 GMT
            Not After : Aug 28 20:55:48 2025 GMT
        Subject: C=US, ST=NY, L=NY, O=Home, OU=Home Identity CA, CN=test
        Subject Public Key Info:
        ...
        X509v3 extensions:
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Subject Key Identifier:
                8A:51:D6:C1:2E:D4:FD:C6:A9:0E:27:50:DF:21:32:2E:28:07:00:8B
            X509v3 Authority Key Identifier:
                CD:E4:56:30:7F:60:CE:5E:19:5A:0F:8C:68:05:71:C2:AB:01:3B:79

Comparing CA Subject and certificates Issuer fields we clearly see that CA Imported to TrueNAS modifies Issuer DN:

CA Subject: Subject: C=US, O=Home, OU=Home Root CA, CN=Home Intermediate CA
TrueNAS issued certificate: Issuer: CN = Home Identity CA, C = US, O = Home, OU = Home Root CA is not equal to CA Subject. Order of RDN changed (CN RDN moved from the end to the beginning).
openssl issued certificate" Issuer: C=US, O=Home, OU=Home Root CA, CN=Home Identity CA is equal to CA Subject.

This clearly shows that the certificate issued by CA imported to TrueNAS can not be validated against CA as certificate’s ‘Issuer’ DN and CA Subject DN can’t be compared.

The discussion `X509_NAME_cmp()` not conforming to RFC 5280 · Issue #18611 · openssl/openssl · GitHub confirms that the order of RDNs in DNs comparison operation is important.

Steps to reproduce

Create Root and Intermediate CA externally (for example use OpenSSL Tutorial: Advanced PKI — OpenSSL PKI Tutorial).
Import Root CA certificate to TrueNAS Certificate Authorities
Make sure you can use this CA independently of TrueNAS as well for validation purposes.
Import Intermediate CA certificate and private key to TrueNAS Certificate Authorities.
Create HTTPS Certificate CSR and Sign it using imported CA in TrueNAS
Download and validate certificate.
For example using openssl:

openssl verify -trusted root_ca.crt  -untrusted intermediate_ca.crt certificate.crt

Validation is failed with message like below:

CN = test, C = US, ST = NY, L = NY, O = Home, OU = Home Identity CA, emailAddress = aa@bb.cc
error 20 at 0 depth lookup: unable to get local issuer certificate
error certificate.crt: verification failed.

Download CSR from TrueNAS and Sign certificate using Intermediate CA externally (for example using openssl from tutorial by link above).
Validate this certificate, for example using openssl:

openssl verify -trusted root_ca.crt  -untrusted intermediate_ca.crt certificate.crt

Validation is successed with message like below:
certificate.crt: OK

SmallBarky · July 28, 2024, 1:15am

Is the spaces significant? Is ‘C=US’ the equivelent of ‘C = US’. The Subject: and Issuer: appear to have spaces compared to the other two examples, besides ‘out of order’

tregubovav.dev · July 28, 2024, 1:23am

The problem is: TrueNAS code changes DN defined in CA’s certificate Subject attribute and insert “tampered” DN to the Issuer attribute in the issued certificate.
CA MUST insert own Subject attribute to the ‘Issuer’ attribute of issued certificate in unmodified form.

However, spaces in DNs do not matter. Below are parsed DNs:

CA (truncated)

   47:d=2  hl=2 l=  82 cons:   SEQUENCE
   49:d=3  hl=2 l=  11 cons:    SET
   51:d=4  hl=2 l=   9 cons:     SEQUENCE
   53:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
   58:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :US
   62:d=3  hl=2 l=  13 cons:    SET
   64:d=4  hl=2 l=  11 cons:     SEQUENCE
   66:d=5  hl=2 l=   3 prim:      OBJECT            :organizationName
   71:d=5  hl=2 l=   4 prim:      UTF8STRING        :Home
   77:d=3  hl=2 l=  21 cons:    SET
   79:d=4  hl=2 l=  19 cons:     SEQUENCE
   81:d=5  hl=2 l=   3 prim:      OBJECT            :organizationalUnitName
   86:d=5  hl=2 l=  12 prim:      UTF8STRING        :Home Root CA
  100:d=3  hl=2 l=  29 cons:    SET
  102:d=4  hl=2 l=  27 cons:     SEQUENCE
  104:d=5  hl=2 l=   3 prim:      OBJECT            :commonName
  109:d=5  hl=2 l=  20 prim:      UTF8STRING        :Home Intermediate CA

Certificate issued by TrueNAS

   47:d=2  hl=2 l=  78 cons:   SEQUENCE
   49:d=3  hl=2 l=  25 cons:    SET
   51:d=4  hl=2 l=  23 cons:     SEQUENCE
   53:d=5  hl=2 l=   3 prim:      OBJECT            :commonName
   58:d=5  hl=2 l=  16 prim:      UTF8STRING        :Home Identity CA
   76:d=3  hl=2 l=  11 cons:    SET
   78:d=4  hl=2 l=   9 cons:     SEQUENCE
   80:d=5  hl=2 l=   3 prim:      OBJECT            :countryName
   85:d=5  hl=2 l=   2 prim:      PRINTABLESTRING   :US
   89:d=3  hl=2 l=  13 cons:    SET
   91:d=4  hl=2 l=  11 cons:     SEQUENCE
   93:d=5  hl=2 l=   3 prim:      OBJECT            :organizationName
   98:d=5  hl=2 l=   4 prim:      UTF8STRING        :Home
  104:d=3  hl=2 l=  21 cons:    SET
  106:d=4  hl=2 l=  19 cons:     SEQUENCE
  108:d=5  hl=2 l=   3 prim:      OBJECT            :organizationalUnitName
  113:d=5  hl=2 l=  12 prim:      UTF8STRING        :Home Root CA

tregubovav.dev · July 28, 2024, 4:10am

Jira Bug has been created