[Help-gnutls] How to check if your GnuTLS is vulnerable to NUL-in-CN/SAN issue
Simon Josefsson
simon at josefsson.org
Fri Aug 14 12:14:21 CEST 2009
Here is how you test if your GnuTLS library is vulnerable to the
NUL-in-CN/SAN issue (i.e., [GNUTLS-SA-2009-4] [CVE-2009-2730]).
Download and build:
http://git.savannah.gnu.org/cgit/gnutls.git/plain/tests/nul-in-x509-names.c
For example:
jas at mocca:~$ wget -q http://git.savannah.gnu.org/cgit/gnutls.git/plain/tests/nul-in-x509-names.c
jas at mocca:~$ gcc -o nul-in-x509-names nul-in-x509-names.c -lgnutls
jas at mocca:~$ ./nul-in-x509-names
gnutls_x509_crt_check_hostname OK (NUL-IN-CN)
gnutls_x509_crt_check_hostname OK (NUL-IN-SAN)
jas at mocca:~$
If your library have not yet been patched, the output will look like:
gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)
gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)
If you have a locally installed GnuTLS version and wants to check your
system library version, on GNU/Linux system you can use the LD_PRELOAD
variable to point at the exact library version to test. For example on
my Debian system:
jas at mocca:~$ LD_PRELOAD=/usr/lib/libgnutls.so ./nul-in-x509-names
gnutls_x509_crt_check_hostname BROKEN (NUL-IN-CN)
gnutls_x509_crt_check_hostname BROKEN (NUL-IN-SAN)
jas at mocca:~$
To verify that displaying of certificates works correctly, you can use
two sample certificates provided by Tomas Hoger <thoger at redhat.com>.
To test whether NUL in CN is handled properly, here is how you do it:
jas at mocca:~$ cat>nul-cn.pem
-----BEGIN CERTIFICATE-----
MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJHQjES
MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N
eSBDb21wYW55IEx0ZDELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEE5VTEwtZnJpZW5k
bHkgQ0EwHhcNMDkwODA0MDczMzQzWhcNMTkwODAyMDczMzQzWjAjMSEwHwYDVQQD
Exh3d3cuYmFuay5jb20ALmJhZGd1eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNJnCWqaZdPpztDwgVWnwXJWhorxO5rUH6ElTihHJ9WNHiQELB
We0FPaoQU3AAiDp3oMBWnqx9ISpxRFEIvBcH2qijdtxRvBuK9gIaVb9GtERrJ16+
5ReLVrLGgjYRg6i/9y8NF/bNR7VvK6ZBto0zX+rqi7Ea4pk4/1lbCqFxE8o3P7mw
HpGayJM1DErgnfTSYcdOW0EKfDFUmdv1Zc6A08ICN2T9VBJ76qyFWVwX4S720Kjy
0C6UWS/Cpl/aB957LhQH7eQnJDedCS6x+VpIuYAkQ+bLx24139VpNP/m1p7odmZu
X1kBPJY77HILPB6VD85oE5wi3Ru1RChQSgV/AgMBAAGjezB5MAkGA1UdEwQCMAAw
LAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0G
A1UdDgQWBBQzFSS+2mY6BovZJzQ6r2JA5JVmXTAfBgNVHSMEGDAWgBQKaTlfnTAE
GAguAg7m6p2yJvbiajANBgkqhkiG9w0BAQUFAAOCAQEAMmUjH8jZU4SC0ArrFFEk
A7xsGypa/hvw6GkMKxmGz38ydtgr0s+LxNG2W5xgo5kuknIGzt6L0qLSiXwTqQtO
vhIJ5dYoOqynJlaUfxPuZH3elGB1wbxVl9SqE44C2LCwcFOuGFPOqrIshT7j8+Em
8/pc7vh7C8Y5tQQzXq64Xg5mzKjAag3sYMHF2TnqvRuPHH0WOLHoyDcBqkuZ3+QP
EL5h7prPzScFRgBg2Gp0CDI8i5ABagczDGyQ2+r7ahcadrtzFCfhpH7V3TCxXfIO
qtSy1Uz2T5EqB/Q3wc9IGcX+fpKWqN9QajGSo7EU/kHMSWKYTerFugUtScMicu9B
CQ==
-----END CERTIFICATE-----
jas at mocca:~$ certtool -i < nul-cn.pem
...
Subject: CN=#13187777772e62616e6b2e636f6d002e6261646775792e636f6d
...
Notice how the Subject line is LDAP escaped when it contains a NUL
value.
Buggy versions would display the cert like this:
Subject: CN=www.bank.com
To test whether NUL in CN is handled properly, here is how you do it:
jas at mocca:~$ cat>nul-san.pem
-----BEGIN CERTIFICATE-----
MIIDrTCCApWgAwIBAgIBADANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJHQjES
MBAGA1UECBMJQmVya3NoaXJlMRAwDgYDVQQHEwdOZXdidXJ5MRcwFQYDVQQKEw5N
eSBDb21wYW55IEx0ZDELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEE5VTEwtZnJpZW5k
bHkgQ0EwHhcNMDkwODA0MDY1MzA1WhcNMTkwODAyMDY1MzA1WjAZMRcwFQYDVQQD
Ew53d3cuYmFkZ3V5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM0mcJappl0+nO0PCBVafBclaGivE7mtQfoSVOKEcn1Y0eJAQsFZ7QU9qhBTcACI
OnegwFaerH0hKnFEUQi8FwfaqKN23FG8G4r2AhpVv0a0RGsnXr7lF4tWssaCNhGD
qL/3Lw0X9s1HtW8rpkG2jTNf6uqLsRrimTj/WVsKoXETyjc/ubAekZrIkzUMSuCd
9NJhx05bQQp8MVSZ2/VlzoDTwgI3ZP1UEnvqrIVZXBfhLvbQqPLQLpRZL8KmX9oH
3nsuFAft5CckN50JLrH5Wki5gCRD5svHbjXf1Wk0/+bWnuh2Zm5fWQE8ljvscgs8
HpUPzmgTnCLdG7VEKFBKBX8CAwEAAaOBpDCBoTAJBgNVHRMEAjAAMCwGCWCGSAGG
+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU
MxUkvtpmOgaL2Sc0Oq9iQOSVZl0wHwYDVR0jBBgwFoAUCmk5X50wBBgILgIO5uqd
sib24mowJgYDVR0RBB8wHYIbd3d3LmJhbmsuY29tAHd3dy5iYWRndXkuY29tMA0G
CSqGSIb3DQEBBQUAA4IBAQAnbn2zqYZSV2qgxjBsHpQJp2+t/hGfvjKNAXuLlGbX
fLaxkPzk9bYyvGxxI7EYiNZHvNoHx15GcTrmQG7Bfx1WlnBl2FGp3J6lBgCY5x4Q
vIK6AOVOog8+7Irdb8bJweztbXwxPmaHR6GLFTwhfuwheD0hcHK6cMNk+B1P2dAn
PD5+olmuvprTAESncjrjP8ibxY+xlP4AD264FIjxA1CRUa/wHve4WqRXNS3xrciu
3SlhFH3q0TSAXBv960PcIW3GRPk7VHbEkVuspI5y59gk/6dawO8nw9fk+X9VjQ0w
7KLZbch29L6UPRIySpFP28PndgdaEpcYtxUAmFkhiT41
-----END CERTIFICATE-----
jas at mocca:~$ certtool -i < nul-san.pem
...
Subject Alternative Name (not critical):
warning: SAN contains an embedded NUL, replacing with '!'
DNSname: www.bank.com!www.badguy.com
...
Notice the warning and the full output.
Buggy versions would display the cert like this:
Subject Alternative Name (not critical):
DNSname: www.bank.com
I hope this helps you test your system!
/Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 419 bytes
Desc: not available
URL: </pipermail/attachments/20090814/eb35e38e/attachment.pgp>
More information about the Gnutls-help
mailing list