gnutls_openpgp_crt_verify_self and key fingerprint
nmav at gnutls.org
Sun Jan 10 12:28:01 CET 2010
Ilari Liusvaara wrote:
> I'm writing new protocol implementation that utilizes TLS-OpenPGP
> and GnuTLS and I am not completely sure what I'm doing with
> authentication is safe thing to do:
> Does gnutls_openpgp_crt_verify_self() verify OpenPGP certificate
> throughly enough that the gnutls_openpgp_crt_get_fingerprint()
> output can be trusted not to be forgeable by grabbing certificate
> (without stealing/deriving corresponding private keys) with desired
> fingerprint and tampering with it?
The verify_self() verifies the self signature and that's all. It
doesn't say whether someone you trust has signed this certificate.
> The scenario I'm most worried about is attacker using unauthorized
> subkey (missing/invalid main->subkey signature) to pass TLS signature
> checks. If that is not caught, the fingerprint value will be
> completely untrustworthy (since AFAIK fingerprint comes from the
> main key and does not directly cover subkeys). I'm guessing whole
> purpose of ...verify_self() is to catch trickery like that (if not,
> what it is for?)
Could you please elaborate on the scenario above? I cannot really
understand what you worry of.
More information about the Gnutls-help