Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unit tests fail on macOS with Go 1.18 because of 1024-bit RSA test certificate #264

Closed
bdd opened this issue May 13, 2022 · 3 comments
Closed

Unit tests fail on macOS with Go 1.18 because of 1024-bit RSA test certificate #264

bdd opened this issue May 13, 2022 · 3 comments

Comments

@bdd
Copy link

bdd commented May 13, 2022

Problem:

TestConnect fails on macOS when using Go 1.18

% ~/go/bin/go1.18.1 test ./...
?   	github.com/square/certigo	[no test files]
--- FAIL: TestConnect (0.02s)
    cli_test.go:210:
        	Error Trace:	cli_test.go:210
        	Error:      	Not equal:
        	            	expected: "** TLS Connection **\nVersion: TLS 1.3\nCipher Suite: AES_128_GCM_SHA256 cipher\n\n** CERTIFICATE 1 **\nSerial: 64483185769360960274258770740570494187\nValid: 1970-01-01 00:00 UTC to 2084-01-29 16:00 UTC\nSignature: SHA256-RSA (self-signed)\nSubject Info:\n\tOrganization: Acme Co\nIssuer Info:\n\tOrganization: Acme Co\nBasic Constraints: CA:true\nKey Usage:\n\tDigital Signature\n\tKey Encipherment\n\tCert Sign\nExtended Key Usage:\n\tServer Auth\nDNS Names:\n\texample.com\nIP Addresses:\n\t127.0.0.1, ::1\nWarnings:\n\tSize of RSA key should be at least 2048 bits\n\nFailed to verify certificate chain:\n\tx509: certificate signed by unknown authority\n** TLS Connection **\nVersion: TLS 1.3\nCipher Suite: AES_128_GCM_SHA256 cipher\n\n** CERTIFICATE 1 **\nSerial: 64483185769360960274258770740570494187\nValid: 1970-01-01 00:00 UTC to 2084-01-29 16:00 UTC\nSignature: SHA256-RSA (self-signed)\nSubject Info:\n\tOrganization: Acme Co\nIssuer Info:\n\tOrganization: Acme Co\nBasic Constraints: CA:true\nKey Usage:\n\tDigital Signature\n\tKey Encipherment\n\tCert Sign\nExtended Key Usage:\n\tServer Auth\nDNS Names:\n\texample.com\nIP Addresses:\n\t127.0.0.1, ::1\nWarnings:\n\tSize of RSA key should be at least 2048 bits\n\nFailed to verify certificate chain:\n\tx509: certificate signed by unknown authority\n"
        	            	actual  : "** TLS Connection **\nVersion: TLS 1.3\nCipher Suite: AES_128_GCM_SHA256 cipher\n\n** CERTIFICATE 1 **\nSerial: 64483185769360960274258770740570494187\nValid: 1970-01-01 00:00 UTC to 2084-01-29 16:00 UTC\nSignature: SHA256-RSA (self-signed)\nSubject Info:\n\tOrganization: Acme Co\nIssuer Info:\n\tOrganization: Acme Co\nBasic Constraints: CA:true\nKey Usage:\n\tDigital Signature\n\tKey Encipherment\n\tCert Sign\nExtended Key Usage:\n\tServer Auth\nDNS Names:\n\texample.com\nIP Addresses:\n\t127.0.0.1, ::1\nWarnings:\n\tSize of RSA key should be at least 2048 bits\n\nFailed to verify certificate chain:\n\tx509: “Acme Co” certificate is using a broken key size\n** TLS Connection **\nVersion: TLS 1.3\nCipher Suite: AES_128_GCM_SHA256 cipher\n\n** CERTIFICATE 1 **\nSerial: 64483185769360960274258770740570494187\nValid: 1970-01-01 00:00 UTC to 2084-01-29 16:00 UTC\nSignature: SHA256-RSA (self-signed)\nSubject Info:\n\tOrganization: Acme Co\nIssuer Info:\n\tOrganization: Acme Co\nBasic Constraints: CA:true\nKey Usage:\n\tDigital Signature\n\tKey Encipherment\n\tCert Sign\nExtended Key Usage:\n\tServer Auth\nDNS Names:\n\texample.com\nIP Addresses:\n\t127.0.0.1, ::1\nWarnings:\n\tSize of RSA key should be at least 2048 bits\n\nFailed to verify certificate chain:\n\tx509: “Acme Co” certificate is using a broken key size\n"

        	            	Diff:
        	            	--- Expected
        	            	+++ Actual
        	            	@@ -27,3 +27,3 @@
        	            	 Failed to verify certificate chain:
        	            	-	x509: certificate signed by unknown authority
        	            	+	x509: “Acme Co” certificate is using a broken key size
        	            	 ** TLS Connection **
        	            	@@ -55,3 +55,3 @@
        	            	 Failed to verify certificate chain:
        	            	-	x509: certificate signed by unknown authority
        	            	+	x509: “Acme Co” certificate is using a broken key size

        	Test:       	TestConnect
FAIL
FAIL	github.com/square/certigo/cli	0.233s

Dive:

Where does this certificate is using a broken key size error come from?

Looks like from from Apple Security Framework https://cs.github.com/apple-open-source/macos/blob/4c64a93f78278a48fd0c9bce26737010c16668e6/Security/OSX/sec/Security/SecFrameworkStrings.h#L246.

Apple's App Transport Security (ATS) on all platforms now requires:

The server certificate must be signed with either a Rivest-Shamir-Adleman (RSA) key of at least 2048 bits, or an Elliptic-Curve Cryptography (ECC) key of at least 256 bits.

Go uses Apple Security Framework now?

Go 1.18 switched TLS verification path to platform APIs for macOS and iOS.
From: Go 1.18 Release Notes:

Certificate.Verify now uses platform APIs to verify certificate validity on macOS and iOS when it is called with a nil VerifyOpts.Roots or when using the root pool returned from SystemCertPool.

Next:

Update localhostKey to at least 2048-bits and generating a new localhostCert with it in cli/cli_test.go.

certigo/cli/cli_test.go

Line 19 in 41b5b73

// go run generate_cert.go --rsa-bits 1024 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h

@bdd
Copy link
Author

bdd commented May 13, 2022
edited
Loading

Well, simply updating the test cert to RSA 2048 will drop the lumped in test case for key size warning emitted.

Warnings:
        Size of RSA key should be at least 2048 bits

Moreover, the chain verification failure messages are not different between platforms:

e.g.

Failed to verify certificate chain:
-	x509: certificate signed by unknown authority
+	x509: “Acme Co” certificate is not trusted

The new error, citing the issuer name is coming from Apple Security Framework, particularly this format string with its fancy quotes.

So the PR would be more involved than new key, new cert and change expected output.

@jdtw
Copy link
Contributor

jdtw commented May 31, 2022

Thanks for the detailed writeup, we'll take a look!

@jdtw jdtw mentioned this issue May 31, 2022
Merged
@jdtw
Copy link
Contributor

jdtw commented May 31, 2022

I decided that we should just change the test to successfully verify the cert chain instead of relying on a platform-specific error string.

jdtw added a commit that referenced this issue Jun 1, 2022
@jdtw
Fix TestConnect on macOS (#265)
5332ac7 
@bdd did an excellent writeup of the issue in #264. To fix this, stop relying on stable error messages between platforms and Go versions by performing a successful certigo connect in the test rather than a failed one.

I generated new ECDSA certificates for localhost using https://github.com/square/certstrap.
@jdtw jdtw closed this as completed Jun 1, 2022
akutz added a commit to akutz/govmomi that referenced this issue Dec 12, 2022
@akutz
DialTLSContext / Go 1.18+ CertificateVerify support
7e22dc6 
This patch updates the GoVmomi SOAP client to use DialTLSContext
instead of DialTLS, as the latter has been deprecated for multiple,
major Go versions.

This patch also updates how the SOAP client handles TLS validation
with respect to thumbprints. Go 1.18+ adopted the host's certificate
verification framework, so it is necessary to alter a few things to
continue to support thumbprint verification.

* https://tip.golang.org/doc/go1.18 (search for "Certificate.Verify")
* square/certigo#264
@akutz akutz mentioned this issue Dec 12, 2022
Merged
11 tasks
akutz added a commit to akutz/govmomi that referenced this issue Dec 12, 2022
@akutz
fix: DialTLSContext / Go 1.18+ CertificateVerify support
05b0b08 
This patch updates the GoVmomi SOAP client to use DialTLSContext
instead of DialTLS, as the latter has been deprecated for multiple,
major Go versions.

This patch also updates how the SOAP client handles TLS validation
with respect to thumbprints. Go 1.18+ adopted the host's certificate
verification framework, so it is necessary to alter a few things to
continue to support thumbprint verification.

* https://tip.golang.org/doc/go1.18 (search for "Certificate.Verify")
* square/certigo#264
priyanka19-98 pushed a commit to priyanka19-98/govmomi that referenced this issue Jan 17, 2024
@akutz
fix: DialTLSContext / Go 1.18+ CertificateVerify support
1a8524d 
This patch updates the GoVmomi SOAP client to use DialTLSContext
instead of DialTLS, as the latter has been deprecated for multiple,
major Go versions.

This patch also updates how the SOAP client handles TLS validation
with respect to thumbprints. Go 1.18+ adopted the host's certificate
verification framework, so it is necessary to alter a few things to
continue to support thumbprint verification.

* https://tip.golang.org/doc/go1.18 (search for "Certificate.Verify")
* square/certigo#264
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bdd @jdtw