On 11/06/2019 12:50, Hareesh D wrote:
TLSv12 client is sending RSA certificate even when it dont have
digitalSignature bit in keyUsage extension. But RFC5246 sectiin-7.4.6
says its MUST condition for client to send RSA certificate with
digitalSignature bit set in keyUsage extension.
1. Though server is rejecting such certificates, not sure why client
sends such certificates even when there is MUST condition for this
point. Should client send empty certificate list instead of sending
wrong one? Client has the provision of sensing empty certificate list
when it don't have a suitable certificate according to certificate
request.
2. And also client is not checking the certificate_types requested in
certificate_message and also server not validating if the response is
according to the type requested. Consider server requesting only DSA
certificate. Client sending RSA certificate and server accepting it.
Is this behavior valid and according to RFC ?
There's an overarching OpenSSL policy that certificate checks are
done exclusively by the relying end (for client certs, that's the
server), except when certified end is trying to choose from
multiple certificates.
Thus with only one certificate available, the OpenSSL sends the
(untrusted, and in this case inappropriate) certificate, just in
case the server was somehow configured to make a special exception
for this particular case.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
