crypto/tls: VerifyClientCertIfGiven with "bad" client certificate

[yelkabetz]

Go version

go version go1.21.11 linux/amd64

Output of go env in your module/workspace:

GO111MODULE=''
GOARCH='amd64'
GOBIN=''
GOCACHE='/home/.cache/go-build'
GOENV='/home/.config/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='amd64'
GOHOSTOS='linux'
GOINSECURE=''
GOMODCACHE='/home/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='linux'
GOPATH='/home/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/home/dn/sdk/go1.21.11'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/home/sdk/go1.21.11/pkg/tool/linux_amd64'
GOVCS=''
GOVERSION='go1.21.11'
GCCGO='gccgo'
GOAMD64='v1'
AR='ar'
CC='gcc'
CXX='g++'
CGO_ENABLED='1'
GOMOD='/dev/null'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -m64 -pthread -Wl,--no-gc-sections -fmessage-length=0 -ffile-prefix-map=/tmp/go-build3756811533=/tmp/go-build -gno-record-gcc-switches'

What did you do?

I ran a server configured with multiple client authentication modes, one of which is verify-if-given using VerifyClientCertIfGiven. To test its behavior, I used a client that presented an invalid certificate—meaning the certificate could not be verified by the server's stored CA. Given that I expected the TLS handshake to fail.

What did you see happen?

The TLS handshake did not fail. Instead it continued to the application authentication logic, and when I checked the certificate metadata, I noticed that len(tlsInfo.State.PeerCertificates) was equal to zero, treating it like certificate not provided at all.

What did you expect to see?

Per the official docs Im expecting that it should be return and failed (and not fallback) since once client provide a certificate it should be a valid one to the stored CA:

// VerifyClientCertIfGiven indicates that a client certificate should be requested
// during the handshake, but does not require that the client sends a
// certificate. If the client does send a certificate it is required to be
// valid.
VerifyClientCertIfGiven

[gabyhelp]

Related Issues

• crypto/tls: RequireAndVerifyClientCert is not working as intended. #63120 (closed)
• crypto/tls: client tls 1.3 handshake doesn't return bad certificate error #56371 (closed)
• crypto/tls: RequireAndVerifyClientCert is not working as intended. #63122 (closed)
• crypto/tls: client did not fail when lack of a certificate and server requires one #59012 (closed)
• crypto/tls: client auth failure alert codes can be improved #52113 (closed)
• crypto/tls: RequireAndVerifyClientCert not rejecting bad client cert on 1.10 that it was on 1.9 #23884 (closed)
• crypto/tls: Dial to server with invalid client certificates succeeds and allows writes on tip, but not in 1.12 #32202 (closed)
• crypto/tls: recent TLS 1.3 changes appear to break cases where client cert should be rejected #28779 (closed)
• crypto/tls: improve invalid client certificate error message #35190 (closed)
• net/http: Client cert auth with TLSClientConfig Certificates is not working while using GetCertificates works #34258 (closed)

_{(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)}

[cagedmantis]

yelkabetz, go1.21 is not longer supported. Are you experiencing the same issue with go1.22 or go1.23?

[yelkabetz]

@cagedmantis, same in go1.22

[cagedmantis]

cc @FiloSottile @rolandshoemaker @golang/security