Closed
Bug 925591
Opened 12 years ago
Closed 12 years ago
DSA 2048 certs not working in SSL
Categories
(NSS :: Libraries, defect, P2)
Tracking
(Not tracked)
RESOLVED
FIXED
3.15.4
People
(Reporter: kathleen.a.wilson, Assigned: mozbgz)
Details
Attachments
(1 file, 1 obsolete file)
|
749 bytes,
patch
|
wtc
:
review+
wtc
:
checked-in+
|
Details | Diff | Splinter Review |
DSA 1024 testing is working, but DSA 2048 certs get ssl_error_bad_handshake_hash_value
| Reporter | ||
Updated•12 years ago
|
Assignee: nobody → rrelyea
Version: trunk → 3.15.1
"NIST Closed, NIST and Affiliated Web Sites Not Available", but FIPS 186-4 section 4.2 would reveal that DSA signatures can be longer than 20 bytes nowadays.
The first patch happened to work with 2048- and 3072-bit keys, but is bogus otherwise.
Attachment #815726 -
Attachment is obsolete: true
Comment 3•12 years ago
|
||
Comment on attachment 815888 [details] [diff] [review]
Proper patch
Review of attachment 815888 [details] [diff] [review]:
-----------------------------------------------------------------
r=wtc. Thank you very much for the patch, Kaspar.
Two notes on the patch:
1. I verified that SECKEY_SignatureLen() cannot fail at this point, so
it is not necessary to check its return value.
2. I considered saving the return value of SECKEY_SignatureLen() in a
local variable to avoid making two calls. Since that will only happen
for SSL 3.0, and since SECKEY_SignatureLen() is cheap for DSA keys, I
didn't bother.
Patch checked in: https://hg.mozilla.org/projects/nss/rev/c3db6134802b
I wondered why this code works for ECDSA certificates. Here is the
relevant code before we added TLS 1.2 support. It showed we were already
using the DSAU_DecodeDerSigToLen function for ECDSA keys.
http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/nss/lib/ssl/ssl3con.c&rev=1.207&mark=899,903-904,914,922,928#899
Attachment #815888 -
Flags: review+
Attachment #815888 -
Flags: checked-in+
Updated•12 years ago
|
Assignee: rrelyea → mozbugzilla
Status: NEW → RESOLVED
Closed: 12 years ago
Priority: -- → P2
Resolution: --- → FIXED
Target Milestone: --- → 3.15.3
Version: 3.15.1 → 3.14
Updated•12 years ago
|
Summary: DSA 2048 certs not working → DSA 2048 certs not working in SSL
Comment 4•12 years ago
|
||
We should add a test for this to the sslcov suite or similar.
Updated•12 years ago
|
Flags: in-testsuite?
Comment 5•12 years ago
|
||
Brian: I looked into changing our SSL test suite to use 2048-bit DSA
server certificates. The obstacle is that NSS doesn't support DHE_DSS
cipher suites on the server side. However, ssl3_VerifySignedHashes is
also used by ssl3_HandleCertificateVerify, so we can also use 2048-bit
DSA client certificates to verify the bug fix.
Kai: do you have time to work on adding a test? It seems that we don't
have any SSL auth test that uses a DSA client certificate. The closest
thing I can find is the cert_fips() function in nss/tests/cert/cert.sh.
There are many SSL auth tests that use ECDSA client certificates though.
Comment 6•12 years ago
|
||
(In reply to Wan-Teh Chang from comment #5)
> Kai: do you have time to work on adding a test? It seems that we don't
> have any SSL auth test that uses a DSA client certificate. The closest
> thing I can find is the cert_fips() function in nss/tests/cert/cert.sh.
> There are many SSL auth tests that use ECDSA client certificates though.
Flags: needinfo?(kaie)
Comment 8•12 years ago
|
||
> (In reply to Wan-Teh Chang from comment #5)
> > Kai: do you have time to work on adding a test?
Not at this time.
If a test is required to finalize this work, a separate bug should be filed to request such work.
If this is easy, it should be suggested to someone trying to do their first steps with NSS.
Flags: needinfo?(kaie)
Updated•10 years ago
|
Flags: in-testsuite?
You need to log in
before you can comment on or make changes to this bug.
Description
•