[prev in list] [next in list] [prev in thread] [next in thread]
List: gnutls-dev
Subject: Re: [gnutls-devel] wrongly encoded padding extension in GnuTLS
From: Nikos Mavrogiannopoulos <nmav () gnutls ! org>
Date: 2015-07-09 11:47:39
Message-ID: CAJU7zaJ1YKydLVWFmeoH=PU-eS=iCUcMeGHtPkiQBTFuhYPygA () mail ! gmail ! com
[Download RAW message or body]
On Thu, Jul 9, 2015 at 12:13 PM, Hannes Mehnert <hannes@mehnert.org> wrote:
> Hi,
> while investigating an interoperability failure between GnuTLS and
> nqsb-TLS [1], I discovered that your encoding of the padding extension
> (ext/dumbfw.c) is slightly wrong.
> The IETF draft [2] specifies the extension type to be 0x00 0x15,
> followed by the extension length (another 16 bit), followed by
> extension length 0s, the example being:
> 00 15 00 06 00 00 00 00 00 00
> But GnuTLS encodes another 16 bit length field inside the padding data:
> 00 15 00 06 00 04 00 00 00 00
Thanks, nice catch. That code seems to follow an earlier draft which
allowed freedom
in the contents.
> While this is likely not a security issue yet, encoding arbitrary data
> in padding lead to several problems in the past (PKCS, ASN.1 encoding,
> POODLE, ...).
I think that is an overstatement. The TLS extension padding is to
avoid certain broken firewalls,
and has no cryptographic significance whatsoever.
regards,
Nikos
_______________________________________________
Gnutls-devel mailing list
Gnutls-devel@lists.gnutls.org
http://lists.gnupg.org/mailman/listinfo/gnutls-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic