In message <1479839148.2376.31.ca...@hansenpartnership.com> on Tue, 22 Nov 2016 10:25:48 -0800, James Bottomley <james.bottom...@hansenpartnership.com> said:
James.Bottomley> On Tue, 2016-11-22 at 18:03 +0000, Salz, Rich wrote: James.Bottomley> > > > It does this by trying to interpret the blob against known ASN.1 James.Bottomley> > > > definitions, and will only succeed when there's a complete match. James.Bottomley> > > > I'm James.Bottomley> > > > not terribly worried... James.Bottomley> > James.Bottomley> > I am. With locales and UTF8, the old simple days of text/binary are James.Bottomley> > probably long gone. And if any ASN.1 definition has extensibility in James.Bottomley> > it, then we have to be concerned about things being wrapped, James.Bottomley> > something like prefix attacks, and so on. James.Bottomley> > James.Bottomley> > > And even if you were, you should be *more* worried about making James.Bottomley> > > *applications* do it for themselves :) James.Bottomley> > James.Bottomley> > I cannot control what an application does, and I am not responsible James.Bottomley> > for any other application's reputation. I do have a strongly vested James.Bottomley> > stake in OpenSSL's. James.Bottomley> > James.Bottomley> > It is already possible to write a utility library that tries James.Bottomley> > everything in turn, and returns an enumeration that says "seems to be James.Bottomley> > an X509 certificate" etc. And then another routine that takes that James.Bottomley> > enumeration and the blob and calls the right decoder. I would be James.Bottomley> > okay with that, even if it were part of OpenSSL. I am opposed to James.Bottomley> > guessing and parsing in one step, and would -1 any PR for that, James.Bottomley> > forcing a team discussion. James.Bottomley> James.Bottomley> That's not the proposal. The proposal is to use PEM form because we James.Bottomley> can make it uniquely self describing using the guard tags which James.Bottomley> obviates the problem above. This is a side thread that discusses the 'file' scheme loader in my STORE effort. So, uhmmm, we're a bit away from just PEM here. However, if we go back to the discussion about TSS KEY BLOBs, yeah, I've only seen a PEM proposal, and that's a muuuuch easier case. James.Bottomley> On the larger issue of non-self describing formats like ASN.1: if your James.Bottomley> theory that there's a security hole by allowing opportunistic format James.Bottomley> detection is correct, simply making the user specify is palming our bug James.Bottomley> off on to the user and abdicating responsibility because now when James.Bottomley> they're tricked into an exploit they can be blamed not openssl. If James.Bottomley> such a bug exists, doing opportunistic format detection the better James.Bottomley> guarantor of overall system security because if such a bug is found, it James.Bottomley> would have to be fixed within openssl to everyone's benefit. I agree with that sentiment. -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
