[gnutls-devel] GnuTLS | Wrong alerts for malformed CertificateVerify messages in TLS 1.2 (#848)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Oct 24 16:43:18 CEST 2019 


Hubert Kario (@mention me if you need reply) created an issue: https://gitlab.com/gnutls/gnutls/issues/848



## Description of problem:
When GnuTLS (e4a7db34259295e) receives a CertificateVerify with algorithms that don't match ones sent in CertificateRequest or which are incorrect (use different hash than indicated), it sends wrong alerts (`handshake_failure` instead of `decrypt_error` or `illegal_parameter`)

## Version of gnutls used:


## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
e4a7db34259295e

## How reproducible:

Steps to Reproduce:

 * `doc/credentials/gnutls-http-serv --priority NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+DHE-PSK:+PSK:+SHA384:+SHA256 -p 4433 -d 6`
 * https://github.com/tomato42/tlsfuzzer/pull/604
 * `python scripts/test-ecdsa-in-certificate-verify.py -k /tmp/client-p256/key.pem -c /tmp/client-p256/cert.pem`

## Actual results:
```
...

make sha224+ecdsa signature, advertise it as sha1+ecdsa in CertificateVerify ...
Error encountered while processing node <tlsfuzzer.expect.ExpectAlert object at 0x7ff2e6b64090> (child: <tlsfuzzer.expect.ExpectClose object at 0x7ff2e6b640d0>) with last message being: <tlslite.messages.Message object at 0x7ff2e6abf410>
Error while processing
Traceback (most recent call last):
  File "scripts/test-ecdsa-in-certificate-verify.py", line 274, in main
    runner.run()
  File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/runner.py", line 227, in run
    node.process(self.state, msg)
  File "/home/hkario/dev/tlsfuzzer/tlsfuzzer/expect.py", line 1484, in process
    raise AssertionError(problem_desc)
AssertionError: Expected alert description "decrypt_error" does not match received "handshake_failure"

...

Test support for ECDSA signatures in CertificateVerify

Version: 1
Test end
successful: 22
failed: 6
  'make sha224+ecdsa signature in CertificateVerify'
  'make sha224+ecdsa signature, advertise it as sha1+ecdsa in CertificateVerify'
  'make sha224+ecdsa signature, advertise it as sha256+ecdsa in CertificateVerify'
  'make sha224+ecdsa signature, advertise it as sha384+ecdsa in CertificateVerify'
  'make sha224+ecdsa signature, advertise it as sha512+ecdsa in CertificateVerify'
  'md5+ecdsa forced'

```

## Expected results:

```
Test end
successful: 28
failed: 0
```

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/848
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191024/ae4953f0/attachment.html>

More information about the Gnutls-devel mailing list