[gnutls-dev] GnuTLS 1.7.8.p11.0

Simon Josefsson simon at josefsson.org
Mon May 7 10:27:25 CEST 2007


"Alon Bar-Lev" <alon.barlev at gmail.com> writes:

> On 5/4/07, Simon Josefsson <simon at josefsson.org> wrote:
>> I don't understand this.  It seems to me that anyone who can make the
>> PKCS#11 provider give GnuTLS an insecure CA cert can also provide GnuTLS
>> directly with a insecure CA cert.
>>
>> Could you describe how the attack would work?
>
> You insert your token in my computer, I put my own self-signed
> certificate as trusted in your token, then you come back to your token
> and work with my fake TLS server side certificate.

Oh, I see.  Are there smart cards out there that doesn't require an
admin-PIN in order to do that?  Maybe it would be good to document this
somewhere, it seems like a good thing to know before buying such
products.

If this is the case, I'll add documentation for
gnutls_pkcs11_get_ca_certificates:

 * Note that there exists PKCS#11 providers that allow users to add
 * trusted CA certificates to the underlying crypto storage.  Thus, an
 * attacker could, if they can access your smart card, install a new
 * trusted CA on your smart card, and then cause this function to
 * return their CA.  Be aware of this threat when using this function
 * in your application.

>> I don't know how to solve this yet.  If you want to work on it, that
>> could help, although right now I just want to get client-PKI via the
>> OpenPGP smart card to work, and that's my main priority.
>
> Well... I see we are not communicating well... So I say this last time
> and I say this clearly.
>
> I offer you the quickest way to achieve your goal.
> Split the work into two parts, one part is the GnuTLS infrastructure
> missing external private key implementation, the other is PKCS#11
> engine.

Well, as I've tried to explain, that is what I'm working on.  What may
be confusing is that I'm _also_ working on an optional libgnutls-pkcs11
that links to Scute.  That is written for testing purpose, since the
only smart card I have is an OpenPGP smart card, and I've decided that
my goal for this project is to make OpenPGP cards work with
client-authenticated connections (and I chose PKCS#11 to do that).

Hopefully the signing infrastructure will be released within a few
weeks, and then you can try it...

/Simon



More information about the Gnutls-dev mailing list