iOS Ignores Critical X509v3 Name Constraints

Originator:karl
Number:rdar://18461300 Date Originated:25-Sep-2014 03:36 PM
Status:Duplicate of 10112492 (Open) Resolved:
Product:iOS Product Version:8.0
Classification:Security Reproducible:Always
 
18461300Open
18461300iOS Ignores Critical X509v3 Name Constraints
iOSState: Open
Rank:No Value
Alfred Karl Kornel25-Sep-2014 03:36 PM

Summary: iOS does not seem to enforce DNS Name Constraints specified by a root certificate.  That's fine, as long as such constraints are not marked as critical.  If iOS encounters a trusted root containing a critical Name Constraints extension, iOS will still allow connections to servers whose SSL certificate does not match the name constraints of the issuing CA.

Steps to Reproduce: 1: Install the CA from the following URL: https://www.dropbox.com/s/8dlt80xypxu18a1/buttonmash_ca.pem?dl=0
The Settings app will warn that the CA cannot be verified.  That is OK.
2: Browse to the following site: https://buttonmash.karl.kornel.us
3: Browse to the following site: https://buttonmash.karl.kornel.name

Expected Results: I expected Safari to refuse to load either site, because the sites were using certs issued by a root containing a critical extension which iOS is not able to honor.

Actual Results: Safari displayed both web pages, including the lock icon indicating that the connection was secure.

Version: iOS 8.0 (12A365)

Notes: The test servers I made which demonstrate this issue will probably not be up for more than 30 days, unless I can remember to regenerate the CRL for the test CA.

Configuration: IPhone 5 16 GB Sprint

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!