Dr Stephen Henson wrote:
>
> Ben Laurie wrote:
> >
> > Holger Reif wrote:
> > >
> > > Dr Stephen Henson schrieb:
> > > >
> > > > Hmmm. A similar could happen with the PKCS#7 and certificate routines:
> > > > some PKCS#7 implementations don't correctly sort authenticated
> > > > attributes and some certificates are filled with horrible stuff like
> > > > indefinite length encoding. The usual workaround is to verify the
> > > > signature on the original data or order rather than a re-encoded version
> > > > of it: this is done in a few places already.
> > >
> > > This discussion has a long history. There has been a
> > > discussion with eric on this behalf long ago. But
> > > AFAIR Eric was not convinced to make signature
> > > verification on the original data. Perhaps he
> > > believed that eventually the correct solution (tm)
> > > only will survive ;-)
> >
> > I agree with Eric, though an ability to enable buggy behaviour is also
> > acceptable.
> >
>
> Well ideally you shouldn't have to verify signatures on the original
> data.
>
> In practice if you completely re-encode certificates a large proportion
> of them will fail a signature: including those made with previous
> version of SSLeay itself! So many in fact that it would render such
> "correct" software useless.
>
> The only reason this doesn't happpen at present and hasn't in the past
> is because not all of a certificate is decoded: some things like
> certificate extensions are kept as a "blob". So it could be argued that
> it partially verifies signatures on the original data already.
>
> To give one example...
>
> The BIT STRING should not have any trailing zeros in its encoding unless
> it is used to contain another structure (e.g. legacy cases like public
> keys and digital signatures in certificates). Lots of certificates don't
> follow this rule with things like netscape-certificate-type and
> keyUsage. SSLeay didn't follow this either: OpenSSL does.
I'm not arguing with that, but I think the behaviour should not be the
default.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
