Skip to content

UnsolicitedCertificateTypeExtension is not RFC 7250 compliant #2257

New issue
New issue
Closed
Closed
UnsolicitedCertificateTypeExtension is not RFC 7250 compliant#2257
@ripatel-fd

Description

@ripatel-fd
ripatel-fd
opened on Dec 4, 2024

Checklist

  • I've searched the issue tracker for similar bugs.

Describe the bug

Consider the following scenario:

  • a rustls server using X.509 certificates
  • a third party client advertising both X.509 certificates and Raw Public Keys as supported client certificate types

If this client attempts to connect to the rustls server, the handshake will fail with TLS alert "handshake failure" and message "UnsolicitedCertificateTypeExtension".

This is not RFC 7250 compliant.

To Reproduce

Steps to reproduce the behavior:

  1. Run a rustls server with a X.509 cert and Raw Public Key support disabled
  2. Craft a ClientHello with a client_certificate_types extension advertising both X.509 and Raw Public Keys (RFC 7250)
  3. Attempt to connect

Applicable Version(s)

rustls 0.23.16

Expected behavior

The client and server share a supported certificate type (both understand X.509).

According to RFC 7250 Section 4.2, the server should then behave as follows:

  • Don't send an alert (RFC 7250 makes no specific allowances to fail if both peers support X.509)
  • Respond with the client_certificate_type extension in ServerHello; set the cert type to X.509
  • Same for server_certificate_type

Additional context

Here's an example of this failure in the wild. Below is a ClientHello sent by third party software

DEBUG  12-04 20:24:30.682265 1431788 f0   0    src/waltz/tls/fd_tls.c(1013): HEXDUMP "client hello" (194 bytes at 0x7fffe35689b0)
        0000:  01 00 00 be 03 03 76 b0 fc 10 9e b7 09 a3 0f 1c  ......v.........
        0010:  7c 1d 98 8e f6 38 4a ad 12 60 0d e8 75 ce 80 a0  |....8J..`..u...
        0020:  54 2f cc 00 44 ea 00 00 02 13 01 01 00 00 93 00  T/..D...........
        0030:  2b 00 03 02 03 04 00 33 00 26 00 24 00 1d 00 20  +......3.&.$... 
        0040:  bd c5 6b dd 45 85 c6 e2 a4 f5 aa 02 f9 7f 05 81  ..k.E...........
        0050:  a5 f4 42 83 3e 7a 73 e1 15 8d 9b 7c 42 ae 6b 31  ..B.>zs....|B.k1
        0060:  00 0a 00 04 00 02 00 1d 00 0d 00 04 00 02 08 07  ................
        0070:  00 10 00 0d 00 0b 0a 73 6f 6c 61 6e 61 2d 74 70  .......solana-tp
        0080:  75 00 39 00 2f 01 02 43 e8 03 02 45 c0 04 08 ff  u.9./..C...E....
        0090:  ff ff ff ff ff ff ff 07 02 44 d0 08 01 00 09 01  .........D......
        00a0:  00 0a 01 00 0b 02 40 64 0c 00 0f 08 8e 54 e4 ca  ......@d.....T..
        00b0:  1f 2e 30 2e 00 14 00 03 02 02 00 00 13 00 03 02  ..0.............
        00c0:  02 00                                            ..
DEBUG   12-04 20:24:30.682831 1431788 f0   0    src/waltz/quic/fd_quic.c(1673): initial pkt_number: 0
WARNING 12-04 20:24:30.682838 1431788 f0   0    src/waltz/quic/fd_quic.c(5524): fd_quic_frame_handle_conn_close_frame - error_code: 296  frame_type: 0  reason: peer is incompatible: UnsolicitedCertificateTypeExtension

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions