Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RSA signature in CertificateVerify with TLS < 1.2 #189

Merged
merged 2 commits into from
Feb 25, 2017
Merged

RSA signature in CertificateVerify with TLS < 1.2 #189

merged 2 commits into from
Feb 25, 2017

Conversation

ocheron
Copy link
Contributor

@ocheron ocheron commented Feb 19, 2017

This is a fix for the scenario with client certificate reported in #111.

Steps to reproduce:

# Prepare a self-signed certificate to be used by client & server
cd /tmp
openssl req -x509 -new -subj /CN=localhost -nodes -text -out cert.pem

# Launch TLS server in terminal 1
openssl s_server -key /tmp/privkey.pem -cert /tmp/cert.pem -www \
        -verify 1 -CAfile /tmp/cert.pem

# Launch TLS client in terminal 2
tls-simpleclient --tls11 --no-validation --use-cipher=47 \
        --client-cert=/tmp/cert.pem:/tmp/privkey.pem \
        localhost 4433

This is mirror to what was already fixed in commit 638680e.

For SSLv3, TLS 1.0, TLS 1.1 the SHA1_MD5 hashing was applied twice when
the client sends its certificate.

In certificateVerifyCreate we need to call a new function
signatureCreateWithHashDescr without this additional hashing.  Function
signatureCreate should not change because it is also called by the (EC)DH
signing functions.

The new function name is similar to what already exists for signature
verification, and design is now more symmetrical.
Copy link
Collaborator

@kazu-yamamoto kazu-yamamoto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Thank you for your effort to track down the cause of this issue.

@ocheron ocheron merged commit 0d32cc2 into haskell-tls:master Feb 25, 2017
ocheron added a commit that referenced this pull request Feb 25, 2017
RSA signature in CertificateVerify with TLS < 1.2
@ocheron ocheron deleted the tls11-client-cert branch February 25, 2017 07:59
@ocheron
Copy link
Contributor Author

ocheron commented Feb 25, 2017

It made me (re)discover that we need more tests in the test suite, as entire features are not tested currently. For example I've started looking if we can add server-side ECDHE_ECDSA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants