help-gnutls
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Working around wrong algorithm specification in certificates

From: Mads Kiilerich
Subject: Re: Working around wrong algorithm specification in certificates
Date: Wed, 21 Jul 2010 00:58:12 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4) Gecko/20100624 Fedora/3.1-1.fc13 Thunderbird/3.1 
 Nikos Mavrogiannopoulos wrote, On 07/20/2010 01:33 PM:

On Tue, Jul 20, 2010 at 1:07 PM, Mads Kiilerich<address@hidden>  wrote:

Do you want to fix the certificate or just read it? If you want to
read it open gnutls_algorithms.c and add an extra entry to
pk_algorithms structure for RSA with the OID you describe. Then you
should be able to read the key. If you want to "fix" it I think this
is as easy as regenerating it.

The application has to be able to read such certificates. That is how
windows creates certificates for terminal services...
I would like to able to use the gnutls library installed on the system, so
patching gnutls source isn't really an option. There is no other way to do
it?

Since it is a certificate you cannot modify it without breaking the
signature.
Right. But the challenge is to convince gnutls to parse it and tell me what it parsed. If that involves making a copy and hacking it so it breaks then that is fine - as long as it reveals the key. 


The most straightforward way to fix that is to (1) fix the
one who is generating the wrong certificates, (2) fix the one who is
reading them to account for the broken ones.


1 is unfortunately not an option.
My goal is to do 2 by using gnutls as it is installed as shared library on systems. Requiring 2.10.1 would be OK ;-) 


You don't want to pollute your code with workarounds or flexibility for
stupid bugs like this?

I was thinking about your copy of gnutls :) If the fix works and the
problem is general the workaround might be included in the gnutls code
as well. I've seen quite some implementations putting wrong OIDs here
and there, and working around those practices is not that exceptional
any more.


This patch works for me and 2.10.0:
--- gnutls-2.10.0/lib/gnutls_algorithms.c.org 2010-07-20 22:57:35.000000000 +0200 +++ gnutls-2.10.0/lib/gnutls_algorithms.c 2010-07-20 22:57:07.000000000 +0200 
@@ -2125,6 +2125,7 @@
   {"DSA", PK_DSA_OID, GNUTLS_PK_DSA},
   {"GOST R 34.10-2001", PK_GOST_R3410_2001_OID, 0},
   {"GOST R 34.10-94", PK_GOST_R3410_94_OID, 0},
+  {"RSA (MD5)", SIG_RSA_MD5_OID, GNUTLS_PK_RSA},
   {0, 0, 0}
 };
I can see that you added PK_X509_RSA_OID since 2.10.0. Could this perhaps be added too?
There is also anecdotical evidence that SIG_RSA_SHA1_OID needs the same treatment. I haven't seen that, but getting both fixed at once could be great. 

/Mads
reply via email to
[Prev in Thread] Current Thread [Next in Thread]