Require ClientAuth when verifying an X5cInsecure certificate#503
Require ClientAuth when verifying an X5cInsecure certificate#503
Conversation
The X5cInsecure certificate is used by step-ca to renew certificates without using mTLS, usually expired certificates. Certificate.Verify defaults to require ServerAuth if no KeyUsages is set as an option. But due to how these tokens are used, it makes more sense to require only ClientAuth. Related to smallstep/certificates#1843
| KeyUsages: []x509.ExtKeyUsage{ | ||
| x509.ExtKeyUsageClientAuth, | ||
| }, |
There was a problem hiding this comment.
Should ExtKeyUsageServerAuth be provided too, for backwards compatibility? I agree that it makes more sense to require just client auth, but there's a chance there's certs out there being used that don't have it set.
There was a problem hiding this comment.
I don't think so. This method is used as a replacement for mTLS when this cannot be performed, and the requirement for a client to do mTLS is to have x509.ExtKeyUsageClientAuth. See
https://github.com/golang/go/blob/1f6a983baf4b9a636e9e4bbd827fcb4d6ef4ebe0/src/crypto/tls/handshake_server.go#L892-L897
There was a problem hiding this comment.
I'm fine with merging it like this, but it still can be a breaking change in practice. Likely a fairly small chance, but still.
The X5cInsecure certificate is used by step-ca to renew certificates without using mTLS, usually expired certificates.
Certificate.Verifydefaults to require ServerAuth if no KeyUsages is set as an option. Due to how these tokens are used, it makes more sense to require only ClientAuth.Note that a few lines after this check is also made:
Related to smallstep/certificates#1843