msquic icon indicating copy to clipboard operation
msquic copied to clipboard

Published 20 hours ago verified publisher icon microsoft

Test to verify that certificate chain is received in INDICATE_PEER_CERTIFICATE event

Open anrossi opened this issue 2 years ago • 1 comments

Describe the bug

The certificate chain buffer is null and zero length with PORTABLE_CERTIFICATES when the server should have sent its certificate chain.

Affected OS

  • [ ] All
  • [ ] Windows Server 2022
  • [ ] Windows 11
  • [ ] Windows Insider Preview (specify affected build below)
  • [X] Ubuntu
  • [ ] Debian
  • [ ] Other (specify below)

Additional OS information

No response

MsQuic version

main

Steps taken to reproduce bug

  1. Create server with certificate that has a chain
  2. Create client with the following flags INDICATE_CERTIFICATE_RECEIVED, NO_CERTIFICATE_VALIDATION, USE_PORTABLE_CERTIFICATES (on Linux), CLIENT
  3. Do a handshake between client and server.

Expected behavior

the INDICATE_PEER_CERTIFICATE event on the client should have a buffer with a PKCS7 containing the server's certificate chain, minus the leaf cert.

Actual outcome

The INDICATE_PEER_CERTIFICATE event fires with no server certificate chain; the buffer is null and the length is 0.

Additional details

No response

anrossi avatar May 19 '22 17:05 anrossi

#2738 fixes the issue this bug represents, but this is being kept around to track the need to write a test to prevent this scenario.

anrossi avatar May 23 '22 22:05 anrossi