Page MenuHome GnuPG
Create Task
Maniphest T6059

ntbtls: use of shorter hash for ECC
Testing, NormalPublic
Actions

Description

Need to check the TLS protocol spec., but it seems that rejecting shorter hash algo for ECC may be wrong.

The point in question is:

diff --git a/src/pkglue.c b/src/pkglue.c
index af8cf92..44de028 100644
--- a/src/pkglue.c
+++ b/src/pkglue.c
@@ -152,8 +152,10 @@ _ntbtls_pk_verify (x509_cert_t chain, pk_algo_t pk_alg, md_algo_t md_alg,
           {
             debug_msg (1, "a %u bit hash is not valid for a %u bit ECC key",
                        (unsigned int)hashlen*8, qbits);
+#if 0
             err = gpg_error (GPG_ERR_DIGEST_ALGO);
             goto leave;
+#endif
           }
 
         if (hashlen > qbits/8)

I ran the command ntbtls-cli --debug 999 dev.gnupg.org which has ECDSA key with NIST P-384, and it fails without the change above.

Revisions and Commits

rT Not Too Bad TLS
rT5d3d9d9904d2 Allow server's use of SHA256 hash with secpr384 key.

Related Objects

Mentioned In
E933: Weekly Standup

Event Timeline

gniibe triaged this task as Normal priority.Jul 6 2022, 6:57 AM
gniibe created this task.
gniibe added a comment.Jul 8 2022, 2:30 AM

There is a description: https://datatracker.ietf.org/doc/html/rfc8422#section-5.10

It seems that it's OK to use SHA256 for ECDSA with secpr384 (as dev.gnupg.org does).

So, I'm going to remove the restriction from NtbTLS.

gniibe added a project: Restricted Project.Jul 8 2022, 9:53 AM

Pushed the change.

gniibe added a commit: rT5d3d9d9904d2: Allow server's use of SHA256 hash with secpr384 key..Jul 8 2022, 10:49 AM
gniibe mentioned this in E933: Weekly Standup.Jul 11 2022, 9:28 AM
werner changed the task status from Open to Testing.Sep 22 2022, 10:53 AM
werner removed a project: Restricted Project.
werner added a project: Restricted Project.Mon, Sep 18, 4:03 PM
werner added a subscriber: werner.

Well, even out new versions.gnupg.org uses a shorter hash. Better get that released asap.

werner moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Mon, Sep 18, 4:03 PM