Closed Bug 1645376 Opened 5 years ago Closed 5 years ago

NSS, during TLS client certificate authentication, accepts version one X.509 certificates with version two features.

Categories

(NSS :: Libraries, defect)

Product:
NSS
Component:
Libraries
Version:
3.53
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1648172

People

(Reporter: mario.korth, Unassigned)

Details

Attachments

(1 file)

versionOneUniqueIdentifiers.zip
19.70 KB, application/zip
Details

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Steps to reproduce:

Create a nssdb in which the supplied root certificate is trusted (./certutil -A -d /cert/keydb/nssdb/ -t "TC,," -n rootv3 -i /cert/inputCerts/rootv3.pem) and add an arbitrary certificate which nss can use as the server certificate (./pk12util -d /cert/keydb/nssdb/ -K 123456 -i /cert/inputCerts/rsav3.p12 -W 123456).

For convenience I attached a zip of my nssdb used during testing.

If you got no ready to run NSS installation use the attached dockerfile to build a fitting image with the following command:
docker build -t nss-3.53-server -f Dockerfile-3.53 .

Then start the container with this command:
docker run -it --rm -p 4433:4444 -v $(pwd):/cert nss-3.53-server

Navigate to /src/dist/Debug/bin/
Copy all content of /src/dist/Debug/lib/ to /lib

Start the nss selfserv utility with the following command line to require client certificate authentication:
./selfserv -n "TLS-Scanner CCA Leaf Certificate (ROOTv3_CAv3_LEAF_RSAv3) - RUB" -p 4444 -w 123456 -d /cert/keydb/nssdb/ -r -r

Connect to the server using the supplied certificates, e.g. using OpenSSL s_client:
openssl s_client -connect localhost:4433 -cert ROOTv3_CAv3_LEAF_RSAv1_UniqueIdentifiers__leaf_certificate1.pem -key rsakey_2.pem -CAfile ROOTv3_CAv3_LEAF_RSAv1_UniqueIdentifiers__ca_certificate1.pem

This might relate to https://bugzilla.mozilla.org/show_bug.cgi?id=1603034 but I'm not sure if this uses a different verification logic.

Actual results:

NSS considers the certificate as valid and accepted the handshake.

Expected results:

Due to the violation of https://tools.ietf.org/html/rfc5280#section-4.1.2.1 NSS should reject the certificate as only version 2 and 3 certificates may contain unique identifiers.

The legacy verifier, used by selfserv, doesn't conform to RFC 5280.

Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: