Closed Bug 1444444 Opened 7 years ago Closed 6 years ago

NSS accepts certificates with RSA-PSS signatures with SHA-1 MGF1 hash even if it is explicitly disallowed

Categories

(NSS :: Libraries, defect, P3)

3.41
defect

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: hkario, Unassigned)

References

Details

Attachments

(2 files)

Attached file rsa pss signed certs
Description of problem: When a certificate uses SHA-1 for MGF1 hash and SHA-256 for document hash in RSA-PSS signatures and the policy is set to disallow use of SHA-1 the certificate is still accepted. Version: 3.34 Steps to Reproduce: 1. import certs.tar.gz/ca/cert.pem to ./clnt-db 2. import certs.tar.gz/md-server/{cert.pem,key.pem} as "md-server" to ./md-server-db 3. /usr/lib64/nss/unsupported-tools/selfserv -d sql:./md-server-db -p 4433 -rr -n md-server 4. set policy: # To re-enable legacy algorithms, edit this file # Note that the last empty line in this file must be preserved library= name=Policy NSS=flags=policyOnly,moduleDB config="disallow=md5:sha1 allow=DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023" 5. /usr/lib64/nss/unsupported-tools/tstclnt -d sql:./clnt-db -h localhost -p 4433 Actual results: subject DN: CN=localhost issuer DN: O=Example CA 0 cache hits; 1 cache misses, 0 cache not reusable 0 stateless resumes Received 0 Cert Status items (OCSP stapled data) Expected results: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
Priority: -- → P3
Thank you for the review. Pushed as: https://hg.mozilla.org/projects/nss/rev/c15f06c09e7d
Status: NEW → RESOLVED
Closed: 6 years ago
QA Contact: franziskuskiefer
Resolution: --- → FIXED
Version: 3.34 → 3.41
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: