deprecating MD5 in signature verification for gnutls-{cli, serv}
Simon Josefsson
simon at josefsson.org
Tue Jan 6 23:17:33 CET 2009
Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:
> On 01/05/2009 01:48 PM, Tomas Mraz wrote:
>> If the only MD5 used in signatures is in the _trusted_ CA cert (and not
>> in the leaf and intermediate certificates) it is OK. But it is not the
>> case of the support.mayfirst.org site. But I don't see how the removal
>> of the last selfsigned certificate from the chain could break the
>> algorithm. There must be some different bug in play.
>
> I agree with this assessment. It would be really useful in debugging if
> certtool was able to use the same internal algorithm that the other
> tools use.
Indeed, and I've now made that happen. Look at the final line at:
jas at mocca:~/src/gnutls/src master$ (echo | gnutls-cli --print-cert --x509cafile /etc/ssl/certs/Equifax_Secure_Global_eBusiness_CA.pem support.mayfirst.org; cat /etc/ssl/certs/Equifax_Secure_Global_eBusiness_CA.pem) | ./certtool -e
Certificate[0]: C=US,O=support.mayfirst.org,OU=GT69079880,OU=See www.rapidssl.com/resources/cps (c)07,OU=Domain Control Validated - RapidSSL(R),CN=support.mayfirst.org
Issued by: C=US,O=Equifax Secure Inc.,CN=Equifax Secure Global eBusiness CA-1
Verifying against certificate[1].
Verification output: Not verified, Insecure algorithm.
Certificate[1]: C=US,O=Equifax Secure Inc.,CN=Equifax Secure Global eBusiness CA-1
Issued by: C=US,O=Equifax Secure Inc.,CN=Equifax Secure Global eBusiness CA-1
Verification output: Verified.
Chain verification output: Not verified, Insecure algorithm.
jas at mocca:~/src/gnutls/src master$
The last line contains the result from validating the chain using the
library algorithm. The flags are always 0 which can vary from how
libgnutls is used by applications, though, but at least this is a step
in the right direction.
/Simon
More information about the Gnutls-devel
mailing list