Closed Bug 1531739 Opened 5 years ago Closed 5 years ago

The NSS S/MIME signature verification function should use a whitelist of acceptable digest algorithms

Categories

(NSS :: Libraries, enhancement)

enhancement
Not set
normal

Tracking

(Not tracked)

RESOLVED WONTFIX

People

(Reporter: KaiE, Assigned: KaiE)

References

Details

Attachments

(1 file)

Looking at NSS_CMSSignerInfo_Verify, I don't see a restriction for acceptable digest algorithms.

It might be good to add a whitelist, and disable those we don't want to support.

Assignee: nobody → kaie
See Also: → 1529222, 1531735
Attached patch 1531739-v1.patchSplinter Review

This patch disables both MD2 and MD5 digests.

Attachment #9047695 - Flags: review?(rrelyea)
Comment on attachment 9047695 [details] [diff] [review]
1531739-v1.patch

r-

breaks processing of data at rest
Attachment #9047695 - Flags: review?(rrelyea)

I have to agree with Hubert. The function that I suggested to modify is used to check the signature of a message, nothing else.

The decision, whether a message with a MD5 digest is considered acceptable or insecure should probably be implemented at a different place. I couldn't find a better NSS function yet. Maybe it should be implemented at the Thunderbird application code level.

Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → WONTFIX
Summary: S/MIME signature verification should use a whitelist of acceptable digest algorithms → The NSS S/MIME signature verification function should use a whitelist of acceptable digest algorithms
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: