Closed
Bug 904757
Opened 12 years ago
Closed 12 years ago
Ensure that NSS doesn't accept weak signatures in OCSP responses
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 663313
People
(Reporter: KaiE, Unassigned)
Details
(Whiteboard: [sg:dupe 663313])
This potential problem was mentioned by Hubert Kario. We must verify it.
When verifying a signature in an OCSP response, we should require that a sufficiently strong signature algorithm had been used.
For example, we probably shouldn't accept signatures that are based on the MD2 or MD4 hash algorithms.
I couldn't immediately find OCSP related code that limits the acceptable signature algorithms for OCSP responses.
We should verify Hubert's test experience that MD2 based signatures are accepted by the ocspclnt tool.
|
Reporter | |
Updated•12 years ago
|
Summary: Verify that NSS doesn't accept weak signatures in OCSP responses → Ensure that NSS doesn't accept weak signatures in OCSP responses
|
||
Updated•12 years ago
|
Group: core-security
|
||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
|
|
||
Comment 2•12 years ago
|
||
For historical note: We currently do allow 'weak' algs for OCSP responses
http://mxr.mozilla.org/nss/source/lib/certhigh/ocsp.c#3803
Uses VFY_VerifyDataWithAlgorithmID() to verify the signed data. However, unlike http://mxr.mozilla.org/security/source/security/nss/lib/certhigh/certvfy.c#61 (used to verify certs), it DOES NOT check any policy flags, such as NSS_USE_ALG_IN_CERT_SIGNATURE , and thus is permitted.
|
|
||
Updated•12 years ago
|
Group: crypto-core-security, core-security
Whiteboard: [sg:dupe 663313]
You need to log in
before you can comment on or make changes to this bug.
Description
•