Check self-signed certificate names and signatures

net/data/ssl/scripts/generate-bad-self-signed.sh

Index: net/data/ssl/scripts/generate-bad-self-signed.sh
diff --git a/net/data/ssl/scripts/generate-bad-self-signed.sh b/net/data/ssl/scripts/generate-bad-self-signed.sh
new file mode 100755
index 0000000000000000000000000000000000000000..b1668e0fad267d83bf7b1d94be5bc74c19b38efe
--- /dev/null
+++ b/net/data/ssl/scripts/generate-bad-self-signed.sh
@@ -0,0 +1,72 @@
+#!/bin/bash
+
+# Copyright 2013 The Chromium Authors. All rights reserved.

[svaldez, 2016/05/20 17:54:53]

2016

[dadrian, 2016/05/20 19:01:22]

Done.

+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# This script generates a set of test (end-entity, intermediate, root)

[estark, 2016/05/20 18:37:53]

looks like this comment needs to be updated

[dadrian, 2016/05/20 19:01:21]

Done.

+# certificates that can be used to test fetching of an intermediate via AIA.
+
+try() {
+  "$@" || (e=$?; echo "$@" > /dev/stderr; exit $e)
+}
+
+try rm -rf out
+try mkdir out
+
+openssl genrsa -out out/bad-self-signed.key 2048
+touch out/bad-self-signed-index.txt
+
+# Create two certificate requests with the same key, but different subjects
+SUBJECT_NAME="req_self_signed_a" \
+  try openssl req \
+    -new \
+    -key out/bad-self-signed.key \
+    -out out/ss-a.req \
+    -config ee.cnf
+
+SUBJECT_NAME="req_self_signed_b" \
+  try openssl req \
+    -new \
+    -key out/bad-self-signed.key \
+    -out out/ss-b.req \
+    -config ee.cnf
+
+# Create a normal self-signed certificate from one of these requests
+try openssl x509 \
+  -req \
+  -in out/ss-a.req \
+  -out out/bad-self-signed-root-a.pem \
+  -signkey out/bad-self-signed.key \
+  -days 3650
+
+# Now, for the crazy part. We need to find a section of the signature to modify
+# so that the names match but the signature doesn't. We do this by replacing the
+# first four bytes of the signature with the bytes 0xdead.
+
+# Find the first four hex-encoded bytes of the signature
+bytes=$(
+  openssl x509 -in out/bad-self-signed-root-a.pem -text -noout \
+    | grep -A 1 sha256WithRSA \
+    | tail -n 1 \
+    | tr -d ' ' \
+    | tr -d ':' \
+    | head -c 4)
+
+# Find those bytes in the DER-encoded certificate, and replace them with 'dead'
+openssl x509 -in out/bad-self-signed-root-a.pem -outform DER \
+  | xxd \
+  | sed "s|$bytes|dead|g" \
+  | xxd -r \
+  | openssl x509 -inform DER -outform PEM -out out/self-signed-invalid-sig.pem
+
+# Make a "self-signed" certificate with mismatched names
+try openssl x509 \
+  -req \
+  -in out/ss-b.req \
+  -out out/self-signed-invalid-name.pem \
+  -days 3650 \
+  -CA out/bad-self-signed-root-a.pem \
+  -CAkey out/bad-self-signed.key \
+  -CAserial out/bad-self-signed-serial.txt \
+  -CAcreateserial