crypto/x509: reject critical AKI

Updates #65085

Change-Id: I8cc60990737d582edf4f7f85ec871f5e42f82b78
Reviewed-on: https://go-review.googlesource.com/c/go/+/562341
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Cherry Mui <[email protected]>
Auto-Submit: Roland Shoemaker <[email protected]>
Reviewed-by: Filippo Valsorda <[email protected]>

Author: rolandshoemaker

src/crypto/x509/parser.go

@@ -723,6 +723,10 @@ func processExtensions(out *Certificate) error {
 
 			case 35:
 				// RFC 5280, 4.2.1.1
+				if e.Critical {
+					// Conforming CAs MUST mark this extension as non-critical
+					return errors.New("x509: authority key identifier incorrectly marked critical")
+				}
 				val := cryptobyte.String(e.Value)
 				var akid cryptobyte.String
 				if !val.ReadASN1(&akid, cryptobyte_asn1.SEQUENCE) {

src/crypto/x509/x509_test.go

@@ -4011,6 +4011,31 @@ func TestGob(t *testing.T) {
 	}
 }
 
+func TestRejectCriticalAKI(t *testing.T) {
+	template := Certificate{
+		SerialNumber: big.NewInt(1),
+		Subject:      pkix.Name{CommonName: "Cert"},
+		NotBefore:    time.Unix(1000, 0),
+		NotAfter:     time.Unix(100000, 0),
+		ExtraExtensions: []pkix.Extension{
+			{
+				Id:       asn1.ObjectIdentifier{2, 5, 29, 35},
+				Critical: true,
+				Value:    []byte{1, 2, 3},
+			},
+		},
+	}
+	certDER, err := CreateCertificate(rand.Reader, &template, &template, rsaPrivateKey.Public(), rsaPrivateKey)
+	if err != nil {
+		t.Fatalf("CreateCertificate() unexpected error: %v", err)
+	}
+	expectedErr := "x509: authority key identifier incorrectly marked critical"
+	_, err = ParseCertificate(certDER)
+	if err == nil || err.Error() != expectedErr {
+		t.Fatalf("ParseCertificate() unexpected error: %v, want: %s", err, expectedErr)
+	}
+}
+
 func TestRejectCriticalAIA(t *testing.T) {
 	template := Certificate{
 		SerialNumber: big.NewInt(1),