Closed Bug 1645369 Opened 5 years ago Closed 5 years ago

NSS allows X.509v2/1 certificates in TLS 1.2 connections using client certificate authentication.

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.53
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1648172

People

(Reporter: mario.korth, Unassigned)

Details

Attachments

(1 file)

versionOneTwo.zip
21.67 KB, application/zip
Details
Attached file versionOneTwo.zip

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Steps to reproduce:

Create a nssdb in which the supplied root certificate is trusted (./certutil -A -d /cert/keydb/nssdb/ -t "TC,," -n rootv3 -i /cert/inputCerts/rootv3.pem) and add an arbitrary certificate which nss can use as the server certificate (./pk12util -d /cert/keydb/nssdb/ -K 123456 -i /cert/inputCerts/rsav3.p12 -W 123456).

For convenience I attached a zip of my nssdb used during testing.

If you got no ready to run NSS installation use the attached dockerfile to build a fitting image with the following command:
docker build -t nss-3.53-server -f Dockerfile-3.53 .

Then start the container with this command:
docker run -it --rm -p 4433:4444 -v $(pwd):/cert nss-3.53-server

Navigate to /src/dist/Debug/bin/
Copy all content of /src/dist/Debug/lib/ to /lib

Start the nss selfserv utility with the following command line to require client certificate authentication:
./selfserv -n "TLS-Scanner CCA Leaf Certificate (ROOTv3_CAv3_LEAF_RSAv3) - RUB" -p 4444 -w 123456 -d /cert/keydb/nssdb/ -r -r

Connect to the server using the supplied certificates, e.g. using OpenSSL s_client:
openssl s_client -connect localhost:4433 -cert ROOTv3_CAv3_LEAF_RSAv2__leaf_certificate1.pem -key rsakey_2.pem -CAfile ROOTv3_CAv3_LEAF_RSAv2__ca_certificate1.pem -tls1_2

For the certificates and keys please see the attached zip archive.

Actual results:

NSS considered the certificates valid and accepted the TLS connection.

Expected results:

NSS should reject version one and two certificates in TLS 1.2 handshakes since the specification explicitly requires X.509v3 certificates.

https://tools.ietf.org/html/rfc5246#section-7.4.6

selfserv uses the legacy verifier which will never conform to modern verification standards. Duplicate of bug 1648172.

Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: