git.ipfire.org Git - thirdparty/openvpn.git/commit

author	Steffan Karger <steffan@karger.me>
	Sat, 20 May 2017 12:57:55 +0000 (14:57 +0200)
committer	Gert Doering <gert@greenie.muc.de>
	Sun, 18 Jun 2017 12:16:50 +0000 (14:16 +0200)
commit	21a540f92bf65f39eb92967476eba0bcd2a34ef6
tree	99f0d443ecb4ba99732cf389e2a88336c691e644	tree
parent	3d215d4c9d107fa153082e2bba8a3a9c8865be5d	commit \| diff

Fix mbedtls fingerprint calculation

Commit 'Migrate to mbed TLS 2.x' (86d8cd68) introduced a bug in mbedtls
builds where we would calculate the certificate fingerprint over the
(too-short) 'to-be-signed' length of the certificate, rather than over the
certificate including the signature.  Fix that.

The security impact of the incorrect calculation is very minimal; the last
few bytes (max 4, typically 4) are not verified by the fingerprint.  We
expect no real-world impact, because users that used this feature before
will notice that it has suddenly stopped working, and users that didn't
will notice that connection setup fails.

Even if the user managed to somehow extract the incorrect hash (e.g. by
reading out the tls_digest_* env vars using a --tls-verify script), the
impact is miminal: the last 4 bytes must still be properly signed by the
CA, and typically contain extension fields, or the last bytes of the
public key (which are hard to choose).  The most important bits of the
certificate were always checked: the version, serial, signature algorithm,
issuer, validity and subject.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1495285075-4957-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14711.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

Changes.rst		diff \| blob \| blame \| history
src/openvpn/ssl_verify_mbedtls.c		diff \| blob \| blame \| history