[gnutls-devel] GnuTLS | RFC7250 Raw public keys (!650)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Thu Nov 22 17:51:49 CET 2018
Nikos Mavrogiannopoulos commented on a discussion on lib/ext/client_cert_type.c:
> uint8_t i = 0, num_cert_types = 0;
> priority_st* cert_priorities;
> gnutls_datum_t tmp_cert_types; // For type conversion
> - uint8_t cert_types[GNUTLS_CRT_MAX]; // The list with supported cert types
> + uint8_t cert_types[GNUTLS_CRT_MAX]; // The list with supported cert types. Inv: 0 <= cert type Id < 256
> const version_entry_st* vers = get_version(session);
> - /* Only activate this extension if cert type negotiation is enabled
> - * and we have cert credentials set */
> - if (!_gnutls_has_negotiate_ctypes(session) ||
> - _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL)
> + /* Only activate this extension if we have cert credentials set */
> + if (_gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE) == NULL)
There is no reason to parse or even try to send this extension at all, when the application hasn't enable any alternative certificate types, so it shouldn't. The `_gnutls_has_negotiate_ctypes` could check whether any alt cert flag is enabled.
Why is that? So that the attack surface is reduced for applications which do not enable that feature. Applications should expose only what they use. A prominent example of what can go wrong is the heartbleed attack in openssl; they enabled the heartbeat extension even for applications not using them. There was a buffer overflow there.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_119431629
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel