[gnutls-devel] GnuTLS | GnuTLS doesn't validate RSA PRIVATE KEY version field (#1714)

[Read-only notification of GnuTLS library development activities]

Lucky Roy created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1714



## Description of problem:
rfc8017 shows: "An RSA private key should be represented with the ASN.1 type RSAPrivateKey: RSAPrivateKey ::= SEQUENCE { 
version Version, 
modulus INTEGER, -- n 
publicExponent INTEGER, --e 
privateExponent INTEGER, -- d 
prime1 INTEGER, --p 
prime2 INTEGER, -- q 
exponent1 INTEGER, -- d mod (p-1) 
exponent2 INTEGER, -- d mod (q-1) 
coefficient INTEGER, -- (inverse of q) mod p 
otherPrimeInfos OtherPrimeInfos OPTIONAL 
}, 
and, for version, version is the version number, for compatibility with future revisions of this document. It SHALL be 0 for this version of the document, unless multi-prime is used; in which case, it SHALL be 1." However, here GnuTLS accepts a key with version number 17.[test.zip](/uploads/ccf971bdd6b38410837ddfaebcc008c7/test.zip)

## Version of gnutls used:
gnutls-cli 3.7.3

## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu

## How reproducible:

Steps to Reproduce:

 * one:gcc -o gnutls1 gnutls1.c `pkg-config --cflags --libs gnutls`
 * two:./gnutls1

## Actual results:
Private key loaded successfully

## Expected results:
Since the version number is not 0 or 1, it should be rejected

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1714
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250606/080c28f7/attachment.html>