New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: reject UTF-8 names #26362

Open
FiloSottile opened this Issue Jul 13, 2018 · 4 comments

Comments

Projects
None yet
4 participants
@FiloSottile
Member

FiloSottile commented Jul 13, 2018

Certificates should only have punycode in them, but we tolerate and match UTF-8 if provided. Make this stricter after checking it doesn't break a lot of CT and BoringSSL already rejects them.

@FiloSottile FiloSottile added this to the Go1.12 milestone Jul 13, 2018

@robpike

This comment has been minimized.

Contributor

robpike commented Jul 13, 2018

Can you please be more precise in what the restrictions should be? "UTF-8 names" is not a clear target, as ASCII for instance is a subset of UTF-8.

@mdp

This comment has been minimized.

mdp commented Sep 18, 2018

The restriction is that certain x509 extensions should be encoded as an IA5String, which is a restricted character set(Essentially 0x0-0x80 ASCII). Currently, golang's x509 package performs validation checks on IA5String encoding, but it's not complete. It's still possible to encode several of the Subject Alternative Name extensions ("Domains" "EmailAddresses") as non-IA5Stings. There's also no check on the "URIs" field, but due to URL.String() being called before encoding, it's escaped and therefore won't contain any characters outside of the IA5String set.

One thing to be aware of, the Common Name on an X509 certificate doesn't actually have an IA5String restriction on encoding. You need to use punycode if you're creating an SSL certificate, but RFC 5280 states that "Standard naming attributes, such as common name, employ the DirectoryString type, which supports internationalized names through a variety of language encodings. Conforming implementations MUST support UTF8String and PrintableString."

@mdp

This comment has been minimized.

mdp commented Sep 19, 2018

As far as comparisons go, Certificate.VerifyHostname(host string) will not reject comparisons for non-punycode hostnames in the latest release of go - Go Playground example

However, a recent change (4f9ec2c#diff-14a36701d822b09a804f852a229dfc23R910), was introduced which will result in the rejection of CommonName's with non-ASCII characters in them - caused by validHostname(c.Subject.CommonName)

That being said, if the certificate has a non-ASCII character in the DNSName SAN extension, it will still do the comparison and match. Example below:

c := &x509.Certificate{
        DNSNames: []string{"göögle.com"},
	Subject: pkix.Name{
		CommonName: "göögle.com",
	},
}

err := c.VerifyHostname("göögle.com")
if err == nil {
	fmt.Println("VerifyHostname(göögle.com) should have failed, did not")
} else {
	fmt.Printf("VerifyHostname(göögle.com) failed - %q", err)
}
@gopherbot

This comment has been minimized.

gopherbot commented Oct 12, 2018

Change https://golang.org/cl/141837 mentions this issue: crypto/x509: reject UTF-8 names from VerifyHost

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment