[gnutls-devel] DER decoding errors due to time format

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Mon May 29 09:53:26 CEST 2017


On Thu, May 11, 2017 at 6:46 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
> On Wed, May 10, 2017 at 02:07:55PM +0200, Nikos Mavrogiannopoulos wrote:
>> On Wed, May 10, 2017 at 2:06 PM, Nikos Mavrogiannopoulos
>> <n.mavrogiannopoulos at gmail.com> wrote:
>> > On Tue, May 9, 2017 at 8:47 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
>> >> On Tue, May 09, 2017 at 02:48:08PM +0200, Nikos Mavrogiannopoulos wrote:
>> >>> Hi,
>> >>>  gnutls 3.5.x is more strict in certificate decoding and performs
>> >>> various checks in the Time fields to ensure they are properly DER
>> >>> formatted. However, it is seems that this caused regressions with
>> >>> certain certificates generated by ovirt as seen in [0]. I am not sure
>> >>> which software was used to generate the problematic ones, however, it
>> >>> is most likely openssl, or some other open source software. Are you
>> >>> aware of other or similar decoding issues which were a result of 3.5.x
>> >>> being more strict in DER rules?
>> >>>
>> >>> The options we have are:
>> >>>  1. Ignore the error and insist on DER correctness in input certificates.
>> >>>  2. Allow incorrect formatted time fields in certificates
>> >>> unconditionally, e.g., with a special libtasn1 flag:
>> >>> https://gitlab.com/gnutls/libtasn1/commit/16bad0c72dcdfbe5512cdd6b46b251ab7484e5dc
>> >>>
>> >>> any other option I've missed? While I favor the first for its
>> >>> simplicity, reality has shown over the years we must yield towards the
>> >>> 'work' part.
>> >>
>> >> NSS is strict in what it accepts. We've recently changed openssl to be
>> >> more strict too (commit 80770da39ebba0101079477611b7ce2f426653c5,
>> >> https://github.com/openssl/openssl/issues/2620), but maybe not
>> >> strict enough yet.
>> >
>> > Thank you, that is really helpful. It seems that Kurt
>>
>> Sorry, I meant to write Tim here!
>
> And today someone filed this in Debian:
> https://bugs.debian.org/862335

I have a patch set which will tolerate incorrectly formatted dates to
work around these issues in openssl:
https://gitlab.com/gnutls/gnutls/merge_requests/400

I am still not sure that tolerating invalid formatted data is a good
thing, however, in case of infrastructure already deployed based on
openssl tools, there is not much an administrator/user can do. What
I'm thinking to do is set a cut-off date after which the original
strict behavior will be re-instated, though I cannot see how would
that help eliminating that issue.

regards,
Nikos



More information about the Gnutls-devel mailing list