Disable support for MD2 in S/MIME multipart; nsCMSMessage should use HASH_GetHashOidTagByHashType
Categories
(MailNews Core :: Security: S/MIME, enhancement)
Tracking
(Not tracked)
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
Attachments
(1 file, 1 obsolete file)
5.17 KB,
patch
|
mkmelin
:
review+
|
Details | Diff | Splinter Review |
The code landed in bug 1507218 added function nsCMSMessage::GetIntHashToOidHash which Bob thinks should be provided by a general function in NSS.
We added HASH_GetHashOidTagByHashType in bug 1526336.
Once we made that change, we should remove the dependency on symbols like nsICryptoHash::MD2 from TB, which bug 1526302 wants to remove.
This bug blocks the landing of bug 1526302.
Assignee | ||
Comment 1•5 years ago
|
||
Dana, J.C., TB will require NSS function HASH_GetHashOidTagByHashType to be exported.
It's a very small mapping function. Can we export it into Firefox/Gecko, or do you prefer to avoid it, and have only TB export it?
Assignee | ||
Updated•5 years ago
|
Exporting it from gecko seems fine, although where are we in terms of having thunderbird being able to export its own set of symbols?
Assignee | ||
Comment 3•5 years ago
|
||
(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #2)
although where are we in terms of having thunderbird being able to export its own set of symbols?
We are able to do that, we can use a file with "extra" exports. We just have to define a configuration variable in the TB build, and Gecko's nss.symbols file will include it, see bug 1529228 comment 1.
Assignee | ||
Comment 4•5 years ago
|
||
I'm sneaking in the export of the API to bug 1529227.
Assignee | ||
Comment 5•5 years ago
|
||
Minor cleanup that I promised to do in bug 1526302
Assignee | ||
Comment 6•5 years ago
|
||
Comment on attachment 9047661 [details] [diff] [review] 1529222-v1.patch needs revision
Assignee | ||
Comment 7•5 years ago
|
||
The existing code still allowed the processing of incoming signed S/MIME messages that use the MD2 has algorithm for the message digest.
MD2 is insecure, we should stop supporting it.
(I'll file a separate bug to discuss if and when we should potentially disable MD5.)
Assignee | ||
Comment 8•5 years ago
|
||
Assignee | ||
Comment 9•5 years ago
|
||
FYI, I'm mixing the cleanup with the removal of MD2 support, because Firefox/PSM wants to disable support for MD2 as a hashing algorithm.
Assignee | ||
Comment 10•5 years ago
|
||
The use of MD2 has been discouraged since 2004:
https://tools.ietf.org/html/rfc3850#page-3
Assignee | ||
Comment 11•5 years ago
|
||
The attached patch disables parsing of the MD2 header in multipart S/MIME messages. NSS might support still allow MD2 signed messages in other places where signatures are verified. This will need separate checking.
Comment 12•5 years ago
|
||
Comment on attachment 9047665 [details] [diff] [review] 1529222-v2.patch Review of attachment 9047665 [details] [diff] [review]: ----------------------------------------------------------------- LGTM, r=mkmelin
Assignee | ||
Updated•5 years ago
|
Comment 13•5 years ago
|
||
Pushed by mozilla@jorgk.com:
https://hg.mozilla.org/comm-central/rev/e5731ae4eb09
Disable support for MD2 in S/MIME multipart; nsCMSMessage should use HASH_GetHashOidTagByHashType. r=mkmelin
Updated•5 years ago
|
Description
•