Sending of CERTIFICATE REQUEST messages does not correspond to manual

NEW
Unassigned

Status

NSS
Test
P3
normal
a year ago
7 months ago

People

(Reporter: Frantisek Sumsal, Unassigned)

Tracking

trunk

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

a year ago
User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0
Build ID: 20170126153103



Actual results:

selfserv's behavior of requesting client certificates does not correspond to manual:
# selfserv -h
...
-r flag is interepreted as follows:
    1 -r  means request, not require, cert on initial handshake.
    2 -r's mean request  and require, cert on initial handshake.
    3 -r's mean request, not require, cert on second handshake.
    4 -r's mean request  and require, cert on second handshake.
...

When -r or -rr is set, to request (and require) client certificate on initial handshake, the CERTIFICATE REQUEST message is sent on both handshakes:

# /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -rr -H 1 -c :C02F -n rsa-server
# gnutls-cli --rehandshake --x509cafile <(cat $(x509Cert ca) ${C_SUBCA[$idx]}) --x509keyfile rsa-client/key.pem --x509certfile rsa-client/cert.pem --port 4433 -d 500 localhost
...
## Epoch #1
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0xb25820]: CERTIFICATE (11) was received. Length 2453[2857], frag offset 0, frag length: 2453, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
...
|<4>| HSK[0xb25820]: SERVER KEY EXCHANGE (12) was received. Length 329[400], frag offset 0, frag length: 329, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
|<4>| HSK[0xb25820]: Selected ECC curve SECP256R1 (2)
|<4>| HSK[0xb25820]: verify handshake data: using RSA-SHA256
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0xb25820]: CERTIFICATE REQUEST (13) was received. Length 63[67], frag offset 0, frag length: 63, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
...
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0xb25820]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375

## Epoch #2
...
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0xb25820]: CERTIFICATE (11) was received. Length 2453[2857], frag offset 0, frag length: 2453, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
...
|<4>| HSK[0xb25820]: SERVER KEY EXCHANGE (12) was received. Length 329[400], frag offset 0, frag length: 329, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
|<4>| HSK[0xb25820]: Selected ECC curve SECP256R1 (2)
|<4>| HSK[0xb25820]: verify handshake data: using RSA-SHA256
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0xb25820]: CERTIFICATE REQUEST (13) was received. Length 63[67], frag offset 0, frag length: 63, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
...
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0xb25820]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0

Nevertheless, when -rrr or -rrrr is used, to request (and require) client certificate on the second handshake, the CERTIFICATE REQUEST is not sent at all:

# /usr/lib64/nss/unsupported-tools/selfserv -d sql:./nssdb/ -p 4433 -V tls1.0: -rrrr -H 1 -c :C030 -n rsa-server
# gnutls-cli --rehandshake --x509cafile <(cat $(x509Cert ca) ${C_SUBCA[$idx]}) --x509keyfile rsa-client/key.pem --x509certfile rsa-client/cert.pem --port 4433 -d 500 localhost
...
## Epoch #1
...
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0x1d0f820]: CERTIFICATE (11) was received. Length 2453[2790], frag offset 0, frag length: 2453, sequence: 0
...
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0x1d0f820]: SERVER KEY EXCHANGE (12) was received. Length 329[333], frag offset 0, frag length: 329, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
|<4>| HSK[0x1d0f820]: Selected ECC curve SECP256R1 (2)
|<4>| HSK[0x1d0f820]: verify handshake data: using RSA-SHA256
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0x1d0f820]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0
...

## Epoch #2
...
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0x1d0f820]: CERTIFICATE (11) was received. Length 2453[2790], frag offset 0, frag length: 2453, sequence: 0
...
|<4>| HSK[0x1d0f820]: SERVER KEY EXCHANGE (12) was received. Length 329[333], frag offset 0, frag length: 329, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1375
|<4>| HSK[0x1d0f820]: Selected ECC curve SECP256R1 (2)
|<4>| HSK[0x1d0f820]: verify handshake data: using RSA-SHA256
|<3>| ASSERT: gnutls_buffers.c:1138
|<4>| HSK[0x1d0f820]: SERVER HELLO DONE (14) was received. Length 0[0], frag offset 0, frag length: 1, sequence: 0
|<3>| ASSERT: gnutls_buffers.c:1129
...

Tested on the current master (3.31 Beta).

Updated

8 months ago
Status: UNCONFIRMED → NEW
Ever confirmed: true
Bulk change per wleung.
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.