The verify function only verifies the certificate signature. Any checks on data would be done by the get function.
On March 26, 2018 2:06:25 PM UTC, Thomas Deutschmann <[email protected]> wrote: >Hi, > >I am currently auditing a program which was, while looking for a valid >peer name, looping through alternative names list like: > >> char szAltName[1024]; >> int iAltName; >> char allNames[32*1024]; >> int iAllNames; >> size_t szAltNameLen; >> >> [...] >> >> while(!bFoundName) { >> szAltNameLen = sizeof(szAltName); >> gnuRet = gnutls_x509_crt_get_subject_alt_name(cert, iAltName, >> szAltName, &szAltNameLen, NULL); >> if(gnuRet < 0) >> break; >> else if(gnuRet == GNUTLS_SAN_DNSNAME) { >> iAllNames += snprintf(allNames+iAllNames, >sizeof(allNames)-iAllNames, >> "DNSname: %s; ", szAltName); >> myCustomPeerNameValidator(szAltName, &bFoundName); >> } >> ++iAltName; >> } >> >> [...] > >Like you probably already noticed, "snprintf" usage is invalid and can >be >exploited using a crafted certificate with a lot of large SANs. > >However, I am wondering if an attack would be very limited because >before >this code runs, the program calls "gnutls_certificate_verify_peers2" >function on that certificate. I.e. does GnuTLS guarantees at this >stage, >that any certificate validated using this function does only contain >valid dnsNames (i.e. IA5String values) or not? > >Thanks. -- Sent from my mobile. Please excuse my brevity. _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
