[gnutls-devel] BNF of priority strings
Jouko Orava
jouko.orava at helsinki.fi
Sun Jan 27 09:17:59 CET 2013
> > 1. Since the NULL MAC string is "MAC-NULL",
> > it has to be specified as "MAC-MAC-NULL".
> > I don't know if anyone ever needs to specify it, though.
>
> Nice catch, but it was intentional. MAC-NULL cannot be set in TLS (there
> are no ciphersuites with such MAC).
Right. The only use case I could think of was "!MAC-MAC-NULL",
a paranoid never-allow-NULL-MAC.
> > 2. Commit 8d69e1bd9e61cc0b390ca987fd66ec2aad9c0d3c
>
> It's a typo on the commit message. The curve is 521 bits long.
Ah, okay. I only just found a PDF that explained that the
recommended set is 112 128 160 192 224 256 384 521 bits,
so I guess the 512 is a common typo.
> > 3. All "...-ALL" accept any extra suffix
>
> I think that this could be easily changed, or not?
Very easy, as it is just a strncasecmp() -> strcasecmp().
My only worry is that it might stop existing priority strings from
working. On the other hand, it'd only break silly strings, not
sensible ones.
> An interesting use for your BNF description would be to be used to check
> the current priority parsing code. That would be if there is a tool that
> takes BNF and outputs valid random strings.
I don't think that's necessary, as the code is quite straightforward and
clean; aside from what I reported, I could see no anomalies or likely
culprits. A lot of the code in gnutls_priority_init() repeats, after all.
What I do suspect, though, is that most priority strings that are more
complex than just a level, do not actually have the effects that the
users think they have. The interaction with the separate priority lists
and the resulting cipher suite set is quite complex, when the priority
string contains both additions and removals.
To find it out, one would need to extract the relevant code,
including lib/algorithms/, and evaluate the cipher suite set
to see what actually becomes acceptable..
It would be worthwhile if and only if there was an archive of existing
priority strings to test, I think.
Best regards,
Jouko
More information about the Gnutls-devel
mailing list