Closed
Bug 925591
Opened 11 years ago
Closed 11 years ago
DSA 2048 certs not working in SSL
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.15.4
People
(Reporter: kathleen.a.wilson, Assigned: mozbgz)
Details
Attachments
(1 file, 1 obsolete file)
749 bytes,
patch
|
wtc
:
review+
wtc
:
checked-in+
|
Details | Diff | Splinter Review |
DSA 1024 testing is working, but DSA 2048 certs get ssl_error_bad_handshake_hash_value
Reporter | ||
Updated•11 years ago
|
Assignee: nobody → rrelyea
Version: trunk → 3.15.1
"NIST Closed, NIST and Affiliated Web Sites Not Available", but FIPS 186-4 section 4.2 would reveal that DSA signatures can be longer than 20 bytes nowadays.
The first patch happened to work with 2048- and 3072-bit keys, but is bogus otherwise.
Attachment #815726 -
Attachment is obsolete: true
Comment 3•11 years ago
|
||
Comment on attachment 815888 [details] [diff] [review] Proper patch Review of attachment 815888 [details] [diff] [review]: ----------------------------------------------------------------- r=wtc. Thank you very much for the patch, Kaspar. Two notes on the patch: 1. I verified that SECKEY_SignatureLen() cannot fail at this point, so it is not necessary to check its return value. 2. I considered saving the return value of SECKEY_SignatureLen() in a local variable to avoid making two calls. Since that will only happen for SSL 3.0, and since SECKEY_SignatureLen() is cheap for DSA keys, I didn't bother. Patch checked in: https://hg.mozilla.org/projects/nss/rev/c3db6134802b I wondered why this code works for ECDSA certificates. Here is the relevant code before we added TLS 1.2 support. It showed we were already using the DSAU_DecodeDerSigToLen function for ECDSA keys. http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/ssl/ssl3con.c&rev=1.207&mark=899,903-904,914,922,928#899
Attachment #815888 -
Flags: review+
Attachment #815888 -
Flags: checked-in+
Updated•11 years ago
|
Assignee: rrelyea → mozbugzilla
Status: NEW → RESOLVED
Closed: 11 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: --- → 3.15.3
Version: 3.15.1 → 3.14
Updated•11 years ago
|
Summary: DSA 2048 certs not working → DSA 2048 certs not working in SSL
Comment 4•11 years ago
|
||
We should add a test for this to the sslcov suite or similar.
Updated•11 years ago
|
Flags: in-testsuite?
Comment 5•11 years ago
|
||
Brian: I looked into changing our SSL test suite to use 2048-bit DSA server certificates. The obstacle is that NSS doesn't support DHE_DSS cipher suites on the server side. However, ssl3_VerifySignedHashes is also used by ssl3_HandleCertificateVerify, so we can also use 2048-bit DSA client certificates to verify the bug fix. Kai: do you have time to work on adding a test? It seems that we don't have any SSL auth test that uses a DSA client certificate. The closest thing I can find is the cert_fips() function in nss/tests/cert/cert.sh. There are many SSL auth tests that use ECDSA client certificates though.
Comment 6•11 years ago
|
||
(In reply to Wan-Teh Chang from comment #5) > Kai: do you have time to work on adding a test? It seems that we don't > have any SSL auth test that uses a DSA client certificate. The closest > thing I can find is the cert_fips() function in nss/tests/cert/cert.sh. > There are many SSL auth tests that use ECDSA client certificates though.
Flags: needinfo?(kaie)
Comment 8•10 years ago
|
||
> (In reply to Wan-Teh Chang from comment #5)
> > Kai: do you have time to work on adding a test?
Not at this time.
If a test is required to finalize this work, a separate bug should be filed to request such work.
If this is easy, it should be suggested to someone trying to do their first steps with NSS.
Flags: needinfo?(kaie)
Updated•9 years ago
|
Flags: in-testsuite?
You need to log in
before you can comment on or make changes to this bug.
Description
•