crypto/tls: Check all certificates in the path.

Currently we only check the leaf node's issuer against the list of distinguished names in the server's CertificateRequest message. This will fail if the client certiciate has more than one certificate in the path and the leaf node issuer isn't in the list of distinguished names, but the issuer's issuer was in the distinguished names. R=agl, agl CC=gobot, golang-dev https://golang.org/cl/9795043

crypto/tls: Check all certificates in the path.
Currently we only check the leaf node's issuer against the list of distinguished names in the server's CertificateRequest message. This will fail if the client certiciate has more than one certificate in the path and the leaf node issuer isn't in the list of distinguished names, but the issuer's issuer was in the distinguished names. R=agl, agl CC=gobot, golang-dev https://golang.org/cl/9795043
ca986a2c · John Shahid · Adam Langley · 9fae8658 · ca986a2c · ca986a2c
Commit ca986a2c authored May 29, 2013 by John Shahid Committed by Adam Langley May 29, 2013
Showing with 940 additions and 24 deletions

src/pkg/crypto/tls/handshake_client.go src/pkg/crypto/tls/handshake_client.go +28 -24

src/pkg/crypto/tls/handshake_client_test.go src/pkg/crypto/tls/handshake_client_test.go +912 -0

No files found.
--- a/src/pkg/crypto/tls/handshake_client.go
+++ b/src/pkg/crypto/tls/handshake_client.go
@@ -165,7 +165,7 @@ func (c *Conn) clientHandshake() error {
 		}
 	}
-	var certToSend *Certificate
+	var chainToSend *Certificate
 	var certRequested bool
 	certReq, ok := msg.(*certificateRequestMsg)
 	if ok {
@@ -197,37 +197,41 @@ func (c *Conn) clientHandshake() error {
 		// where SignatureAlgorithm is RSA and the Issuer is in
 		// certReq.certificateAuthorities
 	findCert:
-		for i, cert := range c.config.Certificates {
+		for i, chain := range c.config.Certificates {
 			if !rsaAvail {
 				continue
 			}
-			leaf := cert.Leaf
+			for j, cert := range chain.Certificate {
-			if leaf == nil {
+				x509Cert := chain.Leaf
-				if leaf, err = x509.ParseCertificate(cert.Certificate[0]); err != nil {
+				// parse the certificate if this isn't the leaf
+				// node, or if chain.Leaf was nil
+				if j != 0 || x509Cert == nil {
+					if x509Cert, err = x509.ParseCertificate(cert); err != nil {
 						c.sendAlert(alertInternalError)
 						return errors.New("tls: failed to parse client certificate #" + strconv.Itoa(i) + ": " + err.Error())
 					}
 				}
-			if leaf.PublicKeyAlgorithm != x509.RSA {
+				if x509Cert.PublicKeyAlgorithm != x509.RSA {
-				continue
+					continue findCert
 				}
 				if len(certReq.certificateAuthorities) == 0 {
 					// they gave us an empty list, so just take the
 					// first RSA cert from c.config.Certificates
-				certToSend = &cert
+					chainToSend = &chain
-				break
+					break findCert
 				}
 				for _, ca := range certReq.certificateAuthorities {
-				if bytes.Equal(leaf.RawIssuer, ca) {
+					if bytes.Equal(x509Cert.RawIssuer, ca) {
-					certToSend = &cert
+						chainToSend = &chain
 						break findCert
 					}
 				}
 			}
+		}
 		msg, err = c.readHandshake()
 		if err != nil {
@@ -246,8 +250,8 @@ func (c *Conn) clientHandshake() error {
 	// certificate to send.
 	if certRequested {
 		certMsg = new(certificateMsg)
-		if certToSend != nil {
+		if chainToSend != nil {
-			certMsg.certificates = certToSend.Certificate
+			certMsg.certificates = chainToSend.Certificate
 		}
 		finishedHash.Write(certMsg.marshal())
 		c.writeRecord(recordTypeHandshake, certMsg.marshal())
@@ -263,7 +267,7 @@ func (c *Conn) clientHandshake() error {
 		c.writeRecord(recordTypeHandshake, ckx.marshal())
 	}
-	if certToSend != nil {
+	if chainToSend != nil {
 		certVerify := new(certificateVerifyMsg)
 		digest := make([]byte, 0, 36)
 		digest = finishedHash.serverMD5.Sum(digest)

--- a/src/pkg/crypto/tls/handshake_client_test.go
+++ b/src/pkg/crypto/tls/handshake_client_test.go