On Thu, 14 Nov 2013, Dr. Stephen Henson wrote:
On Thu, Nov 14, 2013, Dimitrios Apostolou wrote:
+ *) Don't reencode certificate when calculating signature: cache and use
+ the original encoding instead. This makes signature verification of
+ some broken encodings work correctly.
Can you please explain me what a "broken" encoding is, and how I
might be using it? How can I self-sign a certificate that can be
verified in old versions as well?
When a certificate is parsed various fields are decoded. Before this change
when a signature was verified it was re-encoded. Any discrepancy between the
original encoding and the re-encoded version would result in a signature
failure. This can happen for all sorts of reasons, usually violation of DER.
This change stores the original encoding and verifies signatures against that
instead of re-encoding.
It's not clear how you could create a certificate that violates DER using
OpenSSL, though you're not using a standard version so some bug fixes might be
missing.
Can you send a sample certificate that fails signature verification in the way
you describe?
Thanks for explaining! It's quite possible I'm missusing OpenSSL API since
I'm trying to work my way into veryfying self-signed certificates
generated from RSA keys, which is not that common. I privately sent you a
test program that replicates the problem, feel free to reply here.
Thanks,
Dimitris
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
