[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnutls-dev] Re: Variant of Bleichenbacher's crypto 06 rump session atta
|
From: |
Simon Josefsson |
|
Subject: |
[gnutls-dev] Re: Variant of Bleichenbacher's crypto 06 rump session attack |
|
Date: |
Tue, 12 Sep 2006 15:42:10 +0200 |
|
User-agent: |
Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.50 (gnu/linux) |
Andreas Metzler <address@hidden> writes:
>> Can you reproduce it in gnutls 1.4.x?
>
> I have now been able to reproduce this after building gnutls13,
> libgcrypt11 and mutt on my worksystem. (Still no idea why it did not
> crash in my Debian/unstable chroot.)
I've also been able to reproduce it.
>> Could you debug this and find
>> out exactly what instruction is crashing?
>
> If I single step though it after
> result = asn1_read_value (dinfo, "digestAlgorithm.parameters", NULL, &len)
> strange things happen. - Once the function is entered the second
> argument (digestAlgorithm.parameters) seems to be corrupted.
>
> PUT_VALUE (value, value_size, node->value + len3, len2);
> is the actual crashing command.
Right. The call is incorrect, but I don't know why it doesn't always
crash.
>> If you change the line into:
>
>> result = asn1_read_value (dinfo, "digestAlgorithm.parameters", digest,
>> &len);
>
>> does it work?
>
> Yes, this makes it unreproducible for me (with gnutls 1.4.3).
It is the correct fix.
However, the patch in 1.4.3 to fix this was too restrictive -- the
patch doesn't permit the parameters field to be present but empty
(which is typically the case). The consequence is that many OK
certificates are rejected. I'll be releasing 1.4.4 shortly that fix
this. There are self tests in the gnutls 1.5.x branch that trigger
the problem, which will help everyone to verify if their gnutls
suffers from a problem or not.
/Simon