NOVERIFY flag #10
Comments
Are you talking of my version of I just implemented it myself so:
|
|
On 31 Jul 2021, at 18:15, Mathias Panzenböck ***@***.***> wrote:
we are now no longer checken the chain properly
Are you talking of my version of verify_detached_signature()? This flag is also used in the library you originally used,
So that is very wrong then, It sort of negates the whole check I guess. And calling out to the openssl executable is far from ideal.
Dw.
|
|
What purpose flag would be the right one? |
|
@dirkx I've made a pull request to pyca/cryptography that adds the functions and related constants you've mentioned, but since I don't know about this cryptography stuff I don't know how to write proper tests for it and as such the coverage tests fail. Would you know how to write proper tests that include the |
|
On 31 Jul 2021, at 21:06, Mathias Panzenböck ***@***.***> wrote:
@dirkx <https://github.com/dirkx> I've made a pull request to pyca/cryptography that adds the functions you mentioned and related constants, but since I don't know about this cryptography stuff I don't know how to write proper tests for it and as such the coverage tests fail. Would you know how to write proper tests that include the PKCS7_get0_signers() and X509_STORE_set_purpose() functions? See also: pyca/cryptography#618 <pyca/cryptography#6187>OK - will do !
Dw.
|
|
On 31 Jul 2021, at 20:47, Mathias Panzenböck ***@***.***> wrote:
What purpose flag would be the right one?
Fairly dependent on the setting - for JWT, or for example for all the stuff you need to do for AWS-CLI magic -- the common one is basically ANY (as there it does not matter).
Dw
|
|
I'm currently in the process of trying to implement this verification by hand (using |
|
I managed to verify the trust chain manually... but currently failing at the actual signature. |
|
Ok - if you sent me what you have (or commit it) - happy to have a look and do a bit of puzzling.
|
|
Sorry - yes we changed that - thought I had changed the script too.
|
|
This is what I currently have: Line 927 in 1c7dd52 The trust chain verification works, but then the verification of the payload fails somehow. Adding debug prints to Python cryptography library just tells me the OpenSSL error: |
|
There are a lot of debug prints in there right now. |
|
Also verified: The digest I calculate is the message digest inside the signed data. Really only the last verification step fails. Really not sure how else I could call the |
|
So the issue is that you need to verify the signature on the entire signed-data block - which includes things such as the date; see https://datatracker.ietf.org/doc/html/rfc5652#section-5.4
And note the shenanigans around the EXPLICIT SET OF. Won’t have the time in the next 24 hours to see if I can fix this.
Dw
|
|
See this line - i.e. change the first byte of the signed_attr section (in DER):
https://github.com/dirkx/arduino-esp32/blob/0e54ded4366d99b018efb9c628b9409df1f0537b/libraries/Update/src/mbedtls-ts-addons/ts.cpp#L639
|
|
Thank you for your help! With this information and a little bit of trying around I finally managed it! See: Line 796 in 228b21d So I'm closing this issue now. 😄 |
|
Splendid !
|
Note that by simplifying the chain validation code - we are now no longer checken the chain properly. It is no longer anchored.
Unfortunately solving this in pyopenss is not easy -- see pyca/pyopenssl#1031
The text was updated successfully, but these errors were encountered: