Skip to content

TLS-ECDH-RSA-* Ciphersuites Allow ECDSA Signed Certificates #1561

Open
@iluxonchik

Description

@iluxonchik

Description

  • Type: Bug

Bug

mbed TLS build:
Version: 2.7.0 (I assume it's also present in the newest build, as well as the previous ones)

When the negotiated ciphersuite is of the type TLS-ECDH-RSA-* (ECDH key exchange + RSA signed certificate), ECDSA signed certificates are accepted, which means that the ciphersuite technically becomes TLS-ECDH-ECDSA.

RFC 4492 states that in an ECDH_RSA key exchange, the certificate MUST be signed with RSA.

Proof Of Concept

Due to lack of time, I don't have time to submit a "pretty" POF, but here goes a sample client and server program. The client and the server accept a single argument: the id of the ciphersuite to use.
You can use 49201 (TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256), for example.

Here are the sources:

Simply compile both (if you place them in the programs/ssl directory and add the executables in CMake it should work fine.

  1. Compile
  2. Run ./server 49201
  3. Run ./client 49201
  4. Confirm that the connection is successful.

Note that the server is using the certificate (it's printed out to the console):

-----BEGIN CERTIFICATE-----
MIICHzCCAaWgAwIBAgIBCTAKBggqhkjOPQQDAjA+MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxHDAaBgNVBAMTE1BvbGFyc3NsIFRlc3QgRUMgQ0EwHhcN
MTMwOTI0MTU1MjA0WhcNMjMwOTIyMTU1MjA0WjA0MQswCQYDVQQGEwJOTDERMA8G
A1UEChMIUG9sYXJTU0wxEjAQBgNVBAMTCWxvY2FsaG9zdDBZMBMGByqGSM49AgEG
CCqGSM49AwEHA0IABDfMVtl2CR5acj7HWS3/IG7ufPkGkXTQrRS192giWWKSTuUA
2CMR/+ov0jRdXRa9iojCa3cNVc2KKg76Aci07f+jgZ0wgZowCQYDVR0TBAIwADAd
BgNVHQ4EFgQUUGGlj9QH2deCAQzlZX+MY0anE74wbgYDVR0jBGcwZYAUnW0gJEkB
PyvLeLUZvH4kydv7NnyhQqRAMD4xCzAJBgNVBAYTAk5MMREwDwYDVQQKEwhQb2xh
clNTTDEcMBoGA1UEAxMTUG9sYXJzc2wgVGVzdCBFQyBDQYIJAMFD4n5iQ8zoMAoG
CCqGSM49BAMCA2gAMGUCMQCaLFzXptui5WQN8LlO3ddh1hMxx6tzgLvT03MTVK2S
C12r0Lz3ri/moSEpNZWqPjkCMCE2f53GXcYLqyfyJR078c/xNSUU5+Xxl7VZ414V
fGa5kHvHARBPc8YAIVIqDvHH1Q==
-----END CERTIFICATE-----

which is signed with ecdsa-with-SHA256

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugcomponent-tlshelp-wantedThis issue is not being actively worked on, but PRs welcome.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions