Page MenuHome GnuPG
Create Task
Maniphest T6059

ntbtls: use of shorter hash for ECC
Closed, ResolvedPublic
Actions

Description

Need to check the TLS protocol spec., but it seems that rejecting shorter hash algo for ECC may be wrong.

The point in question is:

diff --git a/src/pkglue.c b/src/pkglue.c
index af8cf92..44de028 100644
--- a/src/pkglue.c
+++ b/src/pkglue.c
@@ -152,8 +152,10 @@ _ntbtls_pk_verify (x509_cert_t chain, pk_algo_t pk_alg, md_algo_t md_alg,
           {
             debug_msg (1, "a %u bit hash is not valid for a %u bit ECC key",
                        (unsigned int)hashlen*8, qbits);
+#if 0
             err = gpg_error (GPG_ERR_DIGEST_ALGO);
             goto leave;
+#endif
           }
 
         if (hashlen > qbits/8)

I ran the command ntbtls-cli --debug 999 dev.gnupg.org which has ECDSA key with NIST P-384, and it fails without the change above.

Revisions and Commits

rT Not Too Bad TLS
rT5d3d9d9904d2 Allow server's use of SHA256 hash with secpr384 key.

Related Objects

Event Timeline

gniibe triaged this task as Normal priority.Jul 6 2022, 6:57 AM
gniibe created this task.
gniibe added a comment.Jul 8 2022, 2:30 AM

There is a description: https://datatracker.ietf.org/doc/html/rfc8422#section-5.10

It seems that it's OK to use SHA256 for ECDSA with secpr384 (as dev.gnupg.org does).

So, I'm going to remove the restriction from NtbTLS.

gniibe added a project: Restricted Project.Jul 8 2022, 9:53 AM

Pushed the change.

gniibe added a commit: rT5d3d9d9904d2: Allow server's use of SHA256 hash with secpr384 key..Jul 8 2022, 10:49 AM
werner changed the task status from Open to Testing.Sep 22 2022, 10:53 AM
werner removed a project: Restricted Project.
werner added a project: Restricted Project.Sep 18 2023, 4:03 PM
werner added a subscriber: werner.

Well, even out new versions.gnupg.org uses a shorter hash. Better get that released asap.

werner moved this task from Restricted Project Column to Restricted Project Column on the Restricted Project board.Sep 18 2023, 4:03 PM
aheinecke added a project: vsd32.Nov 15 2023, 9:46 AM
aheinecke added a subscriber: aheinecke.

So the last thing to do here would be an NTBTLS release? Then we should make sure not to forget to do that?

werner edited projects, added Feature Request; removed vsd32.Jan 8 2024, 2:01 PM

Yeah we should do an ntbtls release. As a core library it does no matter much which workboard we use. Let's remove it the vsd tag.

werner moved this task from Backlog to WIP on the ntbtls board.Jan 8 2024, 2:04 PM
werner mentioned this in T6925: Release ntbtls 0.3.2.Jan 12 2024, 7:45 AM
gniibe closed this task as Resolved.Jan 26 2024, 1:04 AM

Fixed in 0.3.2.