View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001292 | Main CAcert Website | certificate issuing | public | 2014-07-26 22:43 | 2014-12-02 22:48 |
| Reporter | felixd | Assigned To | BenBE | ||
| Priority | normal | Severity | crash | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 2012 Q1 | ||||
| Target Version | 2014 Q3 | Fixed in Version | 2014 Q3 | ||
| Summary | 0001292: Issuing Certificates with "Public Exponent: 1 (0x1)" | ||||
| Description | RSA keys with public key = 1 do not encrypt at all. They should not be signed. | ||||
| Steps To Reproduce | create a csr from the given keypair for example with this command: openssl req -key priv -subj "/CN=example.org" -new -out csr and upload it to issue a certificate. | ||||
| Tags | No tags attached. | ||||
| Reviewed by | Ted, BenBE | ||||
| Test Instructions | |||||
|
|
priv (1,850 bytes)
-----BEGIN RSA PRIVATE KEY----- MIIFIwIBAAKCAgEA2rizS+gs+B89tzar9Cl14hVTdKiC3mZ3ErpHQYbg8r9L5lk/ R9tLjjd1aGk7xN6qHNtBwePsnnhLlvS5GBtPQKVTyXALNBR7X/P5Zt5uFNbOspA+ mlqvnxOpJBu15wB3JQerPayi9QUhyBJ6IoR4KQCmdQJs9Wa/gv4gpiOJ7ucHw3CS JIWeZaAF/3+VeuYOr1lNgiiAtgHLz5sGN+Wy81XXyAuncc9YW7vAHa02I6OCkLUR gR+sGNgvPNZd014nwcn06PCtXGMEyoEGBRI8HzaMpapAv9MsSJZVD5F4xcreCPU0 yXOJuomVzMCgOZk2b4WVHIVSE8nzxsZkhDr5aiXLlAuCacyVUgVCRpYr6WhaX0rw kOirfuhzXGijxVRc8ichJl7YxMEQw99xCjc9SWhJwBee3yajbmbqviwE58Ch+R3M Dd3mXFktA3lOl3wXmID9f+Djloghnxb8CKtjyCiPDhKEwRmGH9EfU+aQN8taAjUT 1Sxqg4UppEPkskwMIniKCFplbweCPmOObMtrsoQgzbY7MIKvCZfIWK+v2lVxeHup UjIrE7uUxXMDxRjcoenE8Yn38P8D2oj0g8EzQAsdfy0+F38yoEei8V39rvJSFvQ7 Cc6kmtBtOG/9xYdNdlxLlh9LpIYqMbs3P6UOeDn+YRNiRvOvGciBqlUoHL8CAQEC AQECggEBAPw28E/+VX9GvmCFRWcGQ5uKIMVpT2pkSlvc/z9mXPvEK3aehLYwQhIq WpB3eP+qzHQrRixlyq/CPXK49ZZD+IMBZP7Bbb99MPykTH1IVE/7r32Nomy03XZc aiM3qvIlj4XjZ8oPmiGdTb5Ub3Fi+hhugcgmYj2v2OCr0KLnoD7kXsTFYVCqNFEJ tqiSQ6T6HqVh8hN/m3OMG78Xq6VF1oltgAO5to+G5cu8Jp17X9IKlWmy8KYa0ZAD ge2W5bjicHegsyjkCbFxyEyCNnd5ZJD+xrOCWBSXwir4uM75E4sFGSGasoMSZdUw OC/AHhO4lZ1BKVq5YvdmzSnizwPerAcCggEBAN4BEvdk5UZgLVvLlK+sRzbnyqw9 CeAWUN9z39HvcTCQ87Axd9JhbRDpjfIPfUEeYPFJW0P1DT/yulGDulFcOQSQhtTs VdeqV/JwE88mzBTxBiZ46JbfKtgki8ZNB8O2WyyEcjsI0uj1D9o0bjjU0atf1jsd fTHqL2KSWl1rKstmJth601zi6eKyxobnQ8/RVw3wJfgcsyYpKz3A3VbYndRrWRtj nfvmzqN7gP8sqwhk7AaFlUz8TLUPC8qR2KKfo1tbfCdagI62+b2n3zwyO//8sK7q NnpTe4Lg8AipNr1+9EAR1nk2jBzQch8fN/dijmHPjb9KZimp6iKBLE6oS4kCAQEC AQECggEBAL/15fVVeNtVR+gurWrx+kVMu4U0QYYuvM12DwpsTP5N7/cIaTN2NTj9 ln1kKmI5UqbPvlPwKOkWnbAcbpJs/09fCodZt7O3lJYisdMFqI2Cp0ay7mMMTiuG N4lfTmy8vmKWtQ3XPLsUyQPSrw0aF5TlqnEHdqYGssW6XEDtJmD5CPdZhOePXpO1 8Fc4MLNI08IMAQNwr5sRFYdLW+1xqLJElRNFcDe7C8bNKZkT7RuLy7uYMMnqYfT/ b619QKtfYJZHqa2cuprbX8TBL8M2P6fdD+aTkHr4zuj0/bISNHgn8oE+kyQ5Dpt2 3OVK8X4gXiuGRmeuQy40WQmYkxnm7zg= -----END RSA PRIVATE KEY----- |
|
|
A patch is available here: https://github.com/yellowant/cacert-devel/commits/bug-1292 |
|
|
Ready for testing on the testserver. It should no longer be possible to sign a key with public exponent smaller than 65537. OpenSSL has an option to force small exponents for testing by using openssl genrsa -3 ... Unfortunately using other exponents for testing requires to patch OpenSSL. Ask felixd for a patch for OpenSSL or a patched binary permitting creation of such crafted keys. |
|
|
I generated a cert with "openssl genrsa -3" and used the generated key as CSR for a client cert. It was rejected with "I didn't receive a valid Certificate Req2uest, hit the back button and try again." -> OK. I think this should be enough, to tell that it was fixed. As this should also cover the other certificates, since they should use the same. If not, please inform me, that I should do another test. => OK |
|
|
Reviewed fa3a17789986431c15dac26c43a8100ee7e8d0d4 vs. c32626a6e4ef7885ea1e1dcc6b39af07914498a4 Only a single line of includes/lib/check_weak_key.php is modified. The modification prohibits signing of keys with public exponent < 65537. Did some google research. Exponent 3 (or lower) is explicitly deprecated due to possible low exponent attacks. Marginally bigger exponents (something > 10 or so) are not subject to this attack, but because of performance reasons 3 and 65537 are the only exponents that are in wide usage. Therefor, the prohibition on exponents < 65537 may seem a bit strict, but since no other exponents are practically in use this is OK. The review is PASSED. |
|
|
I generate keys with pubkey: 1, 101, 65537 and 65539 1 => rejected 101 => rejected 65537 => Works 65539 => Works => The test is PASSED |
|
|
The fix has been installed on the production server on August 21, 2014. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2014-08/msg00013.html |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2014-07-26 22:43 | felixd | New Issue | |
| 2014-07-26 22:43 | felixd | File Added: priv | |
| 2014-07-26 22:58 | felixd | Note Added: 0004895 | |
| 2014-07-27 09:35 | felixd | View Status | public => private |
| 2014-07-27 10:05 | felixd | View Status | private => public |
| 2014-07-27 11:00 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable 6daf3a60 |
| 2014-07-27 11:00 | felixd | Source_changeset_attached | => cacert-devel testserver-stable c32626a6 |
| 2014-07-27 11:04 | BenBE | Reviewed by | => BenBE |
| 2014-07-27 11:04 | BenBE | Note Added: 0004897 | |
| 2014-07-27 11:04 | BenBE | Assigned To | => NEOatNHNG |
| 2014-07-27 11:04 | BenBE | Status | new => needs review & testing |
| 2014-07-27 11:04 | BenBE | Product Version | => 2012 Q1 |
| 2014-07-27 11:04 | BenBE | Target Version | => 2014 Q3 |
| 2014-07-29 22:09 | Eva | Note Added: 0004910 | |
| 2014-08-15 19:19 | Ted | Note Added: 0004946 | |
| 2014-08-15 19:20 | Ted | Reviewed by | BenBE => Ted, BenBE |
| 2014-08-15 19:20 | Ted | Status | needs review & testing => needs testing |
| 2014-08-16 13:50 | felixd | Note Added: 0004952 | |
| 2014-08-18 05:38 | BenBE | Assigned To | NEOatNHNG => BenBE |
| 2014-08-18 05:38 | BenBE | Status | needs testing => ready to deploy |
| 2014-08-21 14:40 | wytze | Note Added: 0004979 | |
| 2014-08-21 14:40 | wytze | Status | ready to deploy => solved? |
| 2014-08-21 14:40 | wytze | Fixed in Version | => 2014 Q3 |
| 2014-08-21 14:40 | wytze | Resolution | open => fixed |
| 2014-08-28 07:25 | BenBE | Source_changeset_attached | => cacert-devel release 3345173b |
| 2014-12-02 22:48 | INOPIAE | Status | solved? => closed |
