diff options
author | Beniamino Galvani <bgalvani@redhat.com> | 2016-09-19 09:35:23 +0200 |
---|---|---|
committer | Beniamino Galvani <bgalvani@redhat.com> | 2016-09-23 18:05:54 +0200 |
commit | 0e96d2373393f0bafc50001cfc2a3049c0454f72 (patch) | |
tree | b7d76df67621143f518b288eb760c05f4f83827a | |
parent | 93a753e31109997e4f00427db4f8a99a79a8f354 (diff) | |
download | NetworkManager-0e96d2373393f0bafc50001cfc2a3049c0454f72.tar.gz |
crypto: don't try to decrypt PKCS#8 key if no password is supplied
crypto_verify_private_key_data() must try to decrypt the key only when
a password is supplied.
Previously the decrypt test always passed because we detected an
unsupported cipher and faked success. Now since version 3.5.4 gnutls
supports PBES1-DES-CBC-MD5 and the key is actually decrypted when a
password is supplied.
Also, don't assert that a wrong password works because we're now able
to actually verify it (only with recent gnutls).
https://bugzilla.gnome.org/show_bug.cgi?id=771623
-rw-r--r-- | libnm-core/crypto.c | 2 | ||||
-rw-r--r-- | libnm-core/crypto_gnutls.c | 2 | ||||
-rw-r--r-- | libnm-core/tests/test-crypto.c | 9 | ||||
-rw-r--r-- | libnm-util/crypto.c | 2 | ||||
-rw-r--r-- | libnm-util/tests/test-crypto.c | 5 |
5 files changed, 7 insertions, 13 deletions
diff --git a/libnm-core/crypto.c b/libnm-core/crypto.c index c27f5c0dc9..e734f40d89 100644 --- a/libnm-core/crypto.c +++ b/libnm-core/crypto.c @@ -712,7 +712,7 @@ crypto_verify_private_key_data (const guint8 *data, /* Maybe it's PKCS#8 */ tmp = parse_pkcs8_key_file (data, data_len, &is_encrypted, NULL); if (tmp) { - if (crypto_verify_pkcs8 (tmp->data, tmp->len, is_encrypted, password, error)) + if (!password || crypto_verify_pkcs8 (tmp->data, tmp->len, is_encrypted, password, error)) format = NM_CRYPTO_FILE_FORMAT_RAW_KEY; } else { char *cipher, *iv; diff --git a/libnm-core/crypto_gnutls.c b/libnm-core/crypto_gnutls.c index d09c937979..53a3ba4adf 100644 --- a/libnm-core/crypto_gnutls.c +++ b/libnm-core/crypto_gnutls.c @@ -394,7 +394,7 @@ crypto_verify_pkcs8 (const guint8 *data, if (err < 0) { if (err == GNUTLS_E_UNKNOWN_CIPHER_TYPE) { - /* HACK: gnutls doesn't support all the cipher types that openssl + /* HACK: gnutls < 3.5.4 doesn't support all the cipher types that openssl * can use with PKCS#8, so if we encounter one, we have to assume * the given password works. gnutls needs to unsuckify, apparently. * Specifically, by default openssl uses pbeWithMD5AndDES-CBC diff --git a/libnm-core/tests/test-crypto.c b/libnm-core/tests/test-crypto.c index 9bab985f72..0c2ef48a51 100644 --- a/libnm-core/tests/test-crypto.c +++ b/libnm-core/tests/test-crypto.c @@ -364,12 +364,11 @@ test_pkcs8 (gconstpointer test_data) password = parts[1]; test_is_pkcs12 (path, TRUE); - test_load_pkcs8 (path, password, -1); - /* Until gnutls and NSS grow support for all the ciphers that openssl - * can use with PKCS#8, we can't actually verify the password. So we - * expect a bad password to work for the time being. + /* Note: NSS and gnutls < 3.5.4 don't support all the ciphers that openssl + * can use with PKCS#8 and thus the password can't be actually verified with + * such libraries. */ - test_load_pkcs8 (path, "blahblahblah", -1); + test_load_pkcs8 (path, password, -1); g_free (path); g_strfreev (parts); diff --git a/libnm-util/crypto.c b/libnm-util/crypto.c index 3dd89f951a..9778edebcb 100644 --- a/libnm-util/crypto.c +++ b/libnm-util/crypto.c @@ -708,7 +708,7 @@ crypto_verify_private_key_data (const GByteArray *contents, /* Maybe it's PKCS#8 */ tmp = parse_pkcs8_key_file (contents, &is_encrypted, error); if (tmp) { - if (crypto_verify_pkcs8 (tmp, is_encrypted, password, error)) + if (!password || crypto_verify_pkcs8 (tmp, is_encrypted, password, error)) format = NM_CRYPTO_FILE_FORMAT_RAW_KEY; } else { g_clear_error (error); diff --git a/libnm-util/tests/test-crypto.c b/libnm-util/tests/test-crypto.c index 643418d2fb..83a183dd18 100644 --- a/libnm-util/tests/test-crypto.c +++ b/libnm-util/tests/test-crypto.c @@ -334,11 +334,6 @@ test_pkcs8 (gconstpointer test_data) test_is_pkcs12 (path, TRUE, "not-pkcs12"); test_load_pkcs8 (path, password, FALSE, "pkcs8-private-key"); - /* Until gnutls and NSS grow support for all the ciphers that openssl - * can use with PKCS#8, we can't actually verify the password. So we - * expect a bad password to work for the time being. - */ - test_load_pkcs8 (path, "blahblahblah", FALSE, "pkcs8-private-key-bad-password"); g_free (path); g_strfreev (parts); |