Closed
Bug 1444444
Opened 7 years ago
Closed 6 years ago
NSS accepts certificates with RSA-PSS signatures with SHA-1 MGF1 hash even if it is explicitly disallowed
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: hkario, Unassigned)
References
Details
Attachments
(2 files)
Description of problem:
When a certificate uses SHA-1 for MGF1 hash and SHA-256 for document hash in RSA-PSS signatures and the policy is set to disallow use of SHA-1 the certificate is still accepted.
Version:
3.34
Steps to Reproduce:
1. import certs.tar.gz/ca/cert.pem to ./clnt-db
2. import certs.tar.gz/md-server/{cert.pem,key.pem} as "md-server" to ./md-server-db
3. /usr/lib64/nss/unsupported-tools/selfserv -d sql:./md-server-db -p 4433 -rr -n md-server
4. set policy:
# To re-enable legacy algorithms, edit this file
# Note that the last empty line in this file must be preserved
library=
name=Policy
NSS=flags=policyOnly,moduleDB
config="disallow=md5:sha1 allow=DH-MIN=1023:DSA-MIN=1023:RSA-MIN=1023"
5. /usr/lib64/nss/unsupported-tools/tstclnt -d sql:./clnt-db -h localhost -p 4433
Actual results:
subject DN: CN=localhost
issuer DN: O=Example CA
0 cache hits; 1 cache misses, 0 cache not reusable
0 stateless resumes
Received 0 Cert Status items (OCSP stapled data)
Expected results:
SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
Updated•7 years ago
|
Priority: -- → P3
Comment 1•6 years ago
|
||
Comment 2•6 years ago
|
||
Thank you for the review. Pushed as:
https://hg.mozilla.org/projects/nss/rev/c15f06c09e7d
Status: NEW → RESOLVED
Closed: 6 years ago
QA Contact: franziskuskiefer
Resolution: --- → FIXED
Version: 3.34 → 3.41
You need to log in
before you can comment on or make changes to this bug.
Description
•