[gnutls-devel] rfc7613 password normalization

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Wed Nov 16 10:58:07 CET 2016


Hi,
 The merge request [0] introduces UTF8 password "canonicalization"
according to RFC7613. That is, a UTF8 or UTF16 password (in case of
PKCS#12 files) will be transformed to a unique form prior to being
used to generate a key.

The problems are:
1. No other library performs this canonicalization of passwords,
meaning that for some of the generated files (e.g., pkcs8 or pkcs12
keys) may not be usable with other libraries.
Files generated with previous versions of gnutls (at least prior to
3.5.x branch) should be ok because they prohibited internationalized
passwords.

2. That "canonicalization" is being used even if the specs for PKCS#8,
PKCS#12, PKCS#10, or SRP (rfc2945), do not require it. They fact is
that they, predate that draft, and most likely they are receiving no
updates.

Given that it is possible for applications to provide a UTF8 password
in multiple different strings, I think it makes sense to introduce
this canonicalization, despite the drawbacks. It will allow gnutls
applications to behave right when given the same password, and decrypt
files, irrespective of how the UTF8 password was formed. What do you
think?

A side-effect of this change, is that gnutls will also depend on
libunistring (which is in the process of being relicensed to
lgplv3+gplv2), for proper unicode support.

[0]. https://gitlab.com/gnutls/gnutls/merge_requests/137

regards,
Nikos



More information about the Gnutls-devel mailing list