diff options
22 files changed, 818 insertions, 40 deletions
@@ -25,6 +25,9 @@ See the end for copying conditions. ** libgnutls: Link to trousers (TPM library) dynamically. Backported TPM key handling improvements from master branch. +** libgnutls: Backported several fixes in PKCS#8 decryption (related to + gitlab issue #148). + ** tpmtool: backported the --test-sign option. ** API and ABI modifications: diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 4b645b4856..4d4772f737 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -881,6 +881,7 @@ static int decrypt_pkcs8_key(const gnutls_datum_t * raw_key, &kdf_params, &enc_params, &tmp); if (result < 0) { gnutls_assert(); + result = GNUTLS_E_DECRYPTION_FAILED; goto error; } @@ -1371,6 +1372,11 @@ read_pbkdf2_params(ASN1_TYPE pbes2_asn, } _gnutls_hard_log("salt.specified.size: %d\n", params->salt_size); + if (params->salt_size < 0) { + result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + /* read the iteration count */ result = @@ -1380,6 +1386,12 @@ read_pbkdf2_params(ASN1_TYPE pbes2_asn, gnutls_assert(); goto error; } + + if (params->iter_count >= INT_MAX || params->iter_count == 0) { + result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + _gnutls_hard_log("iterationCount: %d\n", params->iter_count); /* read the keylength, if it is set. @@ -1390,6 +1402,12 @@ read_pbkdf2_params(ASN1_TYPE pbes2_asn, if (result < 0) { params->key_size = 0; } + + if (params->key_size > MAX_CIPHER_KEY_SIZE) { + result = gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + goto error; + } + _gnutls_hard_log("keyLength: %d\n", params->key_size); len = sizeof(oid); @@ -1434,9 +1452,12 @@ read_pkcs12_kdf_params(ASN1_TYPE pbes2_asn, struct pbkdf2_params *params) ¶ms->salt_size); if (result != ASN1_SUCCESS) { gnutls_assert(); - result = _gnutls_asn2err(result); - goto error; + return _gnutls_asn2err(result); } + + if (params->salt_size < 0) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + _gnutls_hard_log("salt.size: %d\n", params->salt_size); /* read the iteration count @@ -1444,19 +1465,17 @@ read_pkcs12_kdf_params(ASN1_TYPE pbes2_asn, struct pbkdf2_params *params) result = _gnutls_x509_read_uint(pbes2_asn, "iterations", ¶ms->iter_count); - if (result != ASN1_SUCCESS) { - gnutls_assert(); - goto error; - } + if (result < 0) + return gnutls_assert_val(result); + _gnutls_hard_log("iterationCount: %d\n", params->iter_count); + if (params->iter_count >= INT_MAX || params->iter_count == 0) + return gnutls_assert_val(GNUTLS_E_ILLEGAL_PARAMETER); + params->key_size = 0; return 0; - - error: - return result; - } /* Writes the PBE parameters for PKCS-12 schemas. @@ -1598,6 +1617,8 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, int key_size; unsigned int pass_len = 0; const struct pbes2_schema_st *p; + unsigned block_size; + const cipher_entry_st *ce; if (password) pass_len = strlen(password); @@ -1649,7 +1670,10 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, kdf_params->iter_count, kdf_params->salt_size, kdf_params->salt, key_size, key); - else return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + else { + result = gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + goto error; + } } else if (p != NULL) { /* PKCS 12 schema */ result = _gnutls_pkcs12_string_to_key(mac_to_entry(GNUTLS_MAC_SHA1), @@ -1669,6 +1693,15 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, goto error; } + ce = cipher_to_entry(enc_params->cipher); + block_size = _gnutls_cipher_get_block_size(ce); + + if (ce->block && (data_size % block_size != 0)) { + gnutls_assert(); + result = GNUTLS_E_DECRYPTION_FAILED; + goto error; + } + /* do the decryption. */ dkey.data = key; @@ -1677,14 +1710,14 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, d_iv.data = (uint8_t *) enc_params->iv; d_iv.size = enc_params->iv_size; result = - _gnutls_cipher_init(&ch, cipher_to_entry(enc_params->cipher), - &dkey, &d_iv, 0); + _gnutls_cipher_init(&ch, ce, &dkey, &d_iv, 0); gnutls_free(key); key = NULL; if (result < 0) { gnutls_assert(); + result = GNUTLS_E_DECRYPTION_FAILED; goto error; } @@ -1698,9 +1731,15 @@ decrypt_data(schema_id schema, ASN1_TYPE pkcs8_asn, decrypted_data->data = data; - if (gnutls_cipher_get_block_size(enc_params->cipher) != 1) + if (block_size != 1) { + if (data[data_size - 1] >= data_size) { + gnutls_assert(); + result = GNUTLS_E_DECRYPTION_FAILED; + goto error; + } + decrypted_data->size = data_size - data[data_size - 1]; - else + } else decrypted_data->size = data_size; _gnutls_cipher_deinit(&ch); diff --git a/lib/x509/x509_int.h b/lib/x509/x509_int.h index 89c394cddf..803f3919ef 100644 --- a/lib/x509/x509_int.h +++ b/lib/x509/x509_int.h @@ -88,8 +88,8 @@ typedef struct gnutls_pkcs7_int { struct pbkdf2_params { uint8_t salt[32]; int salt_size; - unsigned int iter_count; - unsigned int key_size; + unsigned iter_count; + unsigned key_size; gnutls_mac_algorithm_t mac; }; diff --git a/tests/Makefile.am b/tests/Makefile.am index 61107891ce..5b60899abf 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -87,7 +87,8 @@ ctests = mini-record-2 simple gc set_pkcs12_cred certder certuniqueid \ fips-test mini-global-load name-constraints x509-extensions \ long-session-id mini-x509-callbacks-intr \ crlverify init_fds mini-rehandshake-2 sign-md5-rep global-init-override \ - version-checks mini-server-name naked-alerts multi-alerts + version-checks mini-server-name naked-alerts multi-alerts \ + pkcs8-key-decode-encrypted pkcs8-key-decode if ENABLE_PKCS11 if !HAVE_BUGGY_P11_KIT diff --git a/tests/key-tests/Makefile.am b/tests/key-tests/Makefile.am index e388d3c7c4..df0214ad5b 100644 --- a/tests/key-tests/Makefile.am +++ b/tests/key-tests/Makefile.am @@ -26,7 +26,7 @@ EXTRA_DIST = README key-ca.pem key-user.pem \ dist_check_SCRIPTS = key-id pkcs8 -TESTS = key-id pkcs8 +TESTS = key-id pkcs8 pkcs8-invalid TESTS_ENVIRONMENT = EXEEXT=$(EXEEXT) \ LC_ALL="C" \ diff --git a/tests/key-tests/data/pkcs8-invalid1.der b/tests/key-tests/data/pkcs8-invalid1.der Binary files differnew file mode 100644 index 0000000000..8d05984ddf --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid1.der diff --git a/tests/key-tests/data/pkcs8-invalid2.der b/tests/key-tests/data/pkcs8-invalid2.der Binary files differnew file mode 100644 index 0000000000..086a6613cb --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid2.der diff --git a/tests/key-tests/data/pkcs8-invalid3.der b/tests/key-tests/data/pkcs8-invalid3.der Binary files differnew file mode 100644 index 0000000000..39b821fe04 --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid3.der diff --git a/tests/key-tests/data/pkcs8-invalid4.der b/tests/key-tests/data/pkcs8-invalid4.der Binary files differnew file mode 100644 index 0000000000..c8591a0b7c --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid4.der diff --git a/tests/key-tests/data/pkcs8-invalid5.der b/tests/key-tests/data/pkcs8-invalid5.der Binary files differnew file mode 100644 index 0000000000..3f234599f2 --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid5.der diff --git a/tests/key-tests/data/pkcs8-invalid6.der b/tests/key-tests/data/pkcs8-invalid6.der Binary files differnew file mode 100644 index 0000000000..f1519feb84 --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid6.der diff --git a/tests/key-tests/data/pkcs8-invalid7.der b/tests/key-tests/data/pkcs8-invalid7.der Binary files differnew file mode 100644 index 0000000000..85e1357962 --- /dev/null +++ b/tests/key-tests/data/pkcs8-invalid7.der diff --git a/tests/key-tests/pkcs8-invalid b/tests/key-tests/pkcs8-invalid new file mode 100755 index 0000000000..bf2cb96a20 --- /dev/null +++ b/tests/key-tests/pkcs8-invalid @@ -0,0 +1,52 @@ +#!/bin/sh + +# Copyright (C) 2004-2006, 2010, 2012 Free Software Foundation, Inc. +# +# Author: Simon Josefsson +# +# This file is part of GnuTLS. +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +srcdir="${srcdir:-.}" +CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" +DIFF="${DIFF:-diff -b -B}" +TMPFILE=pkcs8-invalid.$$.tmp + +if ! test -z "${VALGRIND}"; then + VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}" +fi + +ret=0 +for p8 in "pkcs8-invalid1.der 1234" "pkcs8-invalid2.der 1234" "pkcs8-invalid3.der 1234" "pkcs8-invalid4.der 1234" \ + "pkcs8-invalid5.der 1234" "pkcs8-invalid6.der 1234" "pkcs8-invalid7.der 1234";do + set -- ${p8} + file="$1" + passwd="$2" + ${VALGRIND} "${CERTTOOL}" --inder --key-info --pkcs8 --password "${passwd}" \ + --infile "${srcdir}/data/${file}" + rc=$? + if test ${rc} != 1; then + echo "PKCS8 FATAL ${p8} - errno ${rc}" + ret=1 + else + echo "PKCS8 OK ${p8} - errno ${rc}" + fi +done + +rm -f $TMPFILE + +echo "PKCS8 DONE (rc $ret)" +exit $ret diff --git a/tests/pkcs8-key-decode-encrypted.c b/tests/pkcs8-key-decode-encrypted.c new file mode 100644 index 0000000000..48ab9b64dc --- /dev/null +++ b/tests/pkcs8-key-decode-encrypted.c @@ -0,0 +1,75 @@ +/* + * Copyright (C) 2015 Red Hat, Inc. + * + * Author: Daniel Berrange + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> + +#include "utils.h" + +#define PRIVATE_KEY \ + "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" \ + "MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAiebBrnqPv4owICCAAw\n" \ + "HQYJYIZIAWUDBAEqBBBykFR6i1My/DYFBYrz1lmABIGQ3XGpp3+v/ENC1S+X7Ay6\n" \ + "JoquYKuMw6yUmWoGFvPIPA9UWqMve2Uj4l2l96Sywd6iNFP63ow6pIq4wUP6REuY\n" \ + "ZhCgoAOQomeFqhAhkw6QJCygp5vw2rh9OZ5tiP/Ko6IDTA2rSas91nepHpQOb247\n" \ + "zta5XzXb5TRkBsVU8tAPADP+wS/vBCS05ne1wmhdD6c6\n" \ + "-----END ENCRYPTED PRIVATE KEY-----\n" + + +static int test_decode(void) +{ + gnutls_x509_privkey_t key; + const gnutls_datum_t data = { + (unsigned char *)PRIVATE_KEY, + strlen(PRIVATE_KEY) + }; + int err; + + if ((err = gnutls_x509_privkey_init(&key)) < 0) { + fail("Failed to init key %s\n", gnutls_strerror(err)); + } + + err = gnutls_x509_privkey_import_pkcs8(key, &data, + GNUTLS_X509_FMT_PEM, "", 0); + if (err != GNUTLS_E_DECRYPTION_FAILED) { + fail("Unexpected error code: %s/%d\n", gnutls_strerror(err), err); + } + + err = gnutls_x509_privkey_import_pkcs8(key, &data, + GNUTLS_X509_FMT_PEM, "password", 0); + if (err != 0) { + fail("Unexpected error code: %s\n", gnutls_strerror(err)); + } + + success("Loaded key\n%s", PRIVATE_KEY); + + gnutls_x509_privkey_deinit(key); + return 0; +} + +void doit(void) +{ + test_decode(); +} diff --git a/tests/pkcs8-key-decode.c b/tests/pkcs8-key-decode.c new file mode 100644 index 0000000000..1d3af96a7b --- /dev/null +++ b/tests/pkcs8-key-decode.c @@ -0,0 +1,80 @@ +/* + * Copyright (C) 2015 Red Hat, Inc. + * + * Author: Daniel Berrange + * + * This file is part of GnuTLS. + * + * GnuTLS is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GnuTLS is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GnuTLS; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#include <gnutls/gnutls.h> +#include <gnutls/x509.h> +#include <stdio.h> +#include <string.h> +#include <stdlib.h> + +#include "utils.h" + +# define PRIVATE_KEY \ + "-----BEGIN PRIVATE KEY-----\n" \ + "MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBALVcr\n" \ + "BL40Tm6yq88FBhJNw1aaoCjmtg0l4dWQZ/e9Fimx4ARxFpT+ji4FE\n" \ + "Cgl9s/SGqC+1nvlkm9ViSo0j7MKDbnDB+VRHDvMAzQhA2X7e8M0n9\n" \ + "rPolUY2lIVC83q0BBaOBkCj2RSmT2xTEbbC2xLukSrg2WP/ihVOxc\n" \ + "kXRuyFtzAgMBAAECgYB7slBexDwXrtItAMIH6m/U+LUpNe0Xx48OL\n" \ + "IOn4a4whNgO/o84uIwygUK27ZGFZT0kAGAk8CdF9hA6ArcbQ62s1H\n" \ + "myxrUbF9/mrLsQw1NEqpuUk9Ay2Tx5U/wPx35S3W/X2AvR/ZpTnCn\n" \ + "2q/7ym9fyiSoj86drD7BTvmKXlOnOwQJBAPOFMp4mMa9NGpGuEssO\n" \ + "m3Uwbp6lhcP0cA9MK+iOmeANpoKWfBdk5O34VbmeXnGYWEkrnX+9J\n" \ + "bM4wVhnnBWtgBMCQQC+qAEmvwcfhauERKYznMVUVksyeuhxhCe7EK\n" \ + "mPh+U2+g0WwdKvGDgO0PPt1gq0ILEjspMDeMHVdTwkaVBo/uMhAkA\n" \ + "Z5SsZyCP2aTOPFDypXRdI4eqRcjaEPOUBq27r3uYb/jeboVb2weLa\n" \ + "L1MmVuHiIHoa5clswPdWVI2y0em2IGoDAkBPSp/v9VKJEZabk9Frd\n" \ + "a+7u4fanrM9QrEjY3KhduslSilXZZSxrWjjAJPyPiqFb3M8XXA26W\n" \ + "nz1KYGnqYKhLcBAkB7dt57n9xfrhDpuyVEv+Uv1D3VVAhZlsaZ5Pp\n" \ + "dcrhrkJn2sa/+O8OKvdrPSeeu/N5WwYhJf61+CPoenMp7IFci\n" \ + "-----END PRIVATE KEY-----\n" + +static int test_load(void) +{ + gnutls_x509_privkey_t key; + const gnutls_datum_t data = { + (unsigned char *)PRIVATE_KEY, + strlen(PRIVATE_KEY) + }; + int err; + + if ((err = gnutls_x509_privkey_init(&key)) < 0) { + fail("Failed to init key %s\n", gnutls_strerror(err)); + exit(1); + } + + if ((err = gnutls_x509_privkey_import(key, &data, + GNUTLS_X509_FMT_PEM)) < 0) { + fail("Failed to import key %s\n", gnutls_strerror(err)); + exit(1); + } + + success("Loaded key\n%s", PRIVATE_KEY); + + gnutls_x509_privkey_deinit(key); + return 0; +} + +void doit(void) +{ + test_load(); +} diff --git a/tests/rsa-md5-collision/MD5CollisionCA.cer b/tests/rsa-md5-collision/MD5CollisionCA.cer Binary files differdeleted file mode 100644 index 534e7e6066..0000000000 --- a/tests/rsa-md5-collision/MD5CollisionCA.cer +++ /dev/null diff --git a/tests/rsa-md5-collision/Makefile.am b/tests/rsa-md5-collision/Makefile.am index eef1e640b9..0b0b6a6113 100644 --- a/tests/rsa-md5-collision/Makefile.am +++ b/tests/rsa-md5-collision/Makefile.am @@ -19,9 +19,9 @@ # along with this file; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -EXTRA_DIST = MD5CollisionCA.cer \ - TargetCollidingCertificate1.cer \ - TargetCollidingCertificate2.cer \ +EXTRA_DIST = \ + colliding-chain-md5-1.pem \ + colliding-chain-md5-2.pem \ README dist_check_SCRIPTS = rsa-md5-collision diff --git a/tests/rsa-md5-collision/TargetCollidingCertificate1.cer b/tests/rsa-md5-collision/TargetCollidingCertificate1.cer Binary files differdeleted file mode 100644 index 6e3c7af3c3..0000000000 --- a/tests/rsa-md5-collision/TargetCollidingCertificate1.cer +++ /dev/null diff --git a/tests/rsa-md5-collision/TargetCollidingCertificate2.cer b/tests/rsa-md5-collision/TargetCollidingCertificate2.cer Binary files differdeleted file mode 100644 index bc5906aee1..0000000000 --- a/tests/rsa-md5-collision/TargetCollidingCertificate2.cer +++ /dev/null diff --git a/tests/rsa-md5-collision/colliding-chain-md5-1.pem b/tests/rsa-md5-collision/colliding-chain-md5-1.pem new file mode 100644 index 0000000000..07fa85da9e --- /dev/null +++ b/tests/rsa-md5-collision/colliding-chain-md5-1.pem @@ -0,0 +1,253 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 010c0001 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sun Jan 01 00:00:01 UTC 2006 + Not After: Mon Dec 31 23:59:59 UTC 2007 + Subject: C=NL,L=Eindhoven,O=Collisionairs,CN=Arjen K. Lenstra + Subject Public Key Algorithm: RSA + Algorithm Security Level: Ultra (8192 bits) + Modulus (bits 8192): + 00:ee:73:e7:d6:b3:b3:4f:ba:a1:39:3d:02:a4:74:25 + 81:8d:c8:4f:86:73:6e:90:72:28:bb:e8:77:02:03:85 + 8d:8c:f1:83:7a:ff:5e:6c:22:13:03:6a:f3:d9:5c:77 + e9:c2:23:7d:60:8c:c4:a9:fb:97:30:8b:bf:98:28:61 + 2f:15:99:e2:61:5b:cc:de:da:59:30:53:2f:b3:dd:11 + 72:78:e4:94:40:14:33:63:0e:74:61:c1:dc:9b:80:1b + 2e:55:20:15:a5:13:ff:7a:e7:97:3e:f4:4b:83:52:e4 + e0:49:79:b3:1e:b6:00:65:4d:51:f4:a3:81:ce:be:3f + 0b:d0:99:d1:30:d1:45:6f:ab:e0:4a:3e:98:85:c8:c4 + fb:29:7b:86:b5:77:52:cd:64:19:80:9f:e3:7e:62:86 + f0:77:32:d1:e0:69:a5:b4:e5:66:70:b8:bb:ba:e5:c2 + 11:74:2a:13:1d:05:71:1c:f1:fe:32:af:93:3f:1e:ef + 22:47:62:e3:aa:da:c1:7c:40:e4:48:ca:41:a8:79:a0 + 3d:3c:f6:65:f2:39:c7:f3:fe:82:b3:84:e8:35:e7:c9 + e8:bd:ee:30:c2:68:a2:12:12:84:78:9d:f4:2f:44:90 + 6f:19:b7:90:26:46:44:36:e1:da:65:fa:0c:53:a3:77 + fa:0d:2b:01:2b:7d:dc:28:55:da:e5:b5:51:51:e2:80 + 34:11:21:20:b5:e7:9e:c5:f2:6a:9f:69:da:85:d7:4e + f6:a9:7a:0b:11:64:ef:a2:5f:b1:ae:26:ba:45:1c:cd + a7:a2:e7:84:33:9c:44:7d:56:05:49:a6:0b:f0:67:62 + 94:bf:58:0c:91:9e:c4:57:02:5d:3c:78:60:b9:82:96 + c0:ab:9f:e5:b1:d3:53:88:2e:26:c1:f7:21:b4:18:99 + d9:72:b5:a1:d5:05:0b:68:45:36:44:80:10:af:8c:7a + ff:7c:e8:ea:cc:b9:b1:fb:bd:d1:29:d4:f5:d4:99:fb + 81:29:24:df:30:2c:b3:c4:50:23:38:62:97:93:96:b3 + a4:6c:d0:ff:7f:14:26:71:1c:45:92:97:b6:5d:1c:ef + 66:c1:87:51:e0:94:bf:08:f3:b2:98:1c:5c:ce:52:d9 + 63:d5:a4:25:9a:64:55:7e:4d:1b:9e:fe:2d:9a:51:6d + 1e:6e:c8:bb:37:06:68:25:ae:a6:36:16:60:2b:d7:d1 + 16:25:a0:6a:90:73:9b:4d:0a:06:ea:87:2a:3a:f9:eb + a1:26:29:be:d6:79:40:56:1b:d9:37:4a:89:d6:0f:0d + 72:2c:9f:eb:68:33:ec:53:f0:b0:fd:76:aa:04:7b:66 + c9:0f:ce:b1:d2:e2:2c:c0:99:b9:a4:b9:3e:00:00:00 + 0f:54:a8:95:17:6e:4c:29:5a:40:5f:af:54:ce:e8:2d + 04:3a:45:ce:40:b1:55:be:34:eb:de:78:47:85:a2:5b + 7f:89:4d:42:4f:a1:27:b1:57:a8:a1:20:f9:9f:e5:31 + 02:c8:1f:a9:0e:0b:9b:da:1b:a7:75:df:75:d9:15:2a + 80:25:7a:1e:d3:52:dd:49:e5:7e:06:8f:f3:f0:2c:ab + d4:ac:97:db:bc:3f:a0:20:5a:74:30:2f:65:c7:f4:9a + 41:9e:08:fd:54:bf:af:c1:4d:78:ab:aa:b3:0d:db:3f + c8:48:e3:df:02:c5:a4:0e:da:24:8c:9f:f4:74:82:85 + 0c:fd:fb:dd:9b:c5:55:47:b7:40:4f:58:03:c1:bb:81 + 63:21:73:12:7e:1a:93:b2:4a:fb:6e:7a:80:45:08:65 + db:37:46:76:d5:76:ba:52:96:cc:c6:c1:30:82:d1:ab + 36:52:1f:1a:8a:d9:45:46:6b:9e:f0:6a:f4:3a:02:d7 + 0b:7f:b8:b7:dc:6d:26:8c:3d:ba:68:98:f6:55:2f:a3 + fb:b3:3d:cb:fa:da:7b:33:fa:75:d9:3a:fe:26:2b:d3 + 7a:ff:75:99:5f:d0:e9:77:4b:a5:a2:6a:7c:44:3f:f3 + 4e:46:15:02:a2:cb:77:7e:98:2d:00:73:75:14:b8:8e + d2:8d:61:f4:28:e8:83:87:df:2b:f0:22:30:ad:17:a9 + d4:4f:f3:64:85:0a:07:db:42:a7:82:6a:c2:ee:38:99 + ca:c3:ec:27:47:21:d4:76:d9:66:58:f5:37:16:67:65 + 87:f8:ff:14:db:8d:e6:74:1a:fa:22:06:db:a3:b1:18 + 28:ba:87:c6:e1:e8:8a:02:2f:1a:a8:dd:d0:37:ea:b0 + 49:b5:c7:d3:05:3d:0a:63:d7:86:1d:ea:07:b3:d8:b7 + 20:de:06:8c:f4:7e:65:7b:b4:44:50:b8:5d:52:f7:49 + d5:95:72:df:0c:0e:34:33:b4:7c:9a:a1:9a:85:6f:1d + c3:cd:ad:ba:fb:14:30:35:c8:5a:53:af:57:22:03:8f + 76:5c:0d:62:1b:66:b6:9f:ff:fd:09:1d:4a:66:1a:45 + 3b:f1:da:ed:1a:3a:23:41:b3:7d:7f:62:3b:15:8f:6e + c0:2b:49:a2:53:64:43:0f:cb:58:61:48:3e:1e:95:43 + ed:2e:e7:e5:4a:4c:10:8a:6e:64:19:40:98:0e:e6:0d + 14:ae:e5:59:af:30:03:7e:75:b2:30:9c:e0:21:ff:e3 + 10:9b:f2:05:38:92:ab:0a:e4:03:51:6e:2a:b5:80:67 + f7 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): FALSE + Key Usage (not critical): + Digital signature. + Non repudiation. + Key encipherment. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 86:c0:87:6d:20:68:2d:c8:97:44:3f:97:69:0d:df:b2 + 90:74:cb:25:c3:58:f0:9f:81:23:4c:e2:65:a4:43:33 + cb:6a:78:b2:32:73:29:17:00:dc:d6:ba:df:55:08:8a + 19:a3:17:a5:1d:60:92:ac:3f:6f:c6:24:36:01:36:7a + 6a:2f:c0:96:9b:4e:89:13:bf:c2:31:5f:5a:f3:5d:83 + fb:d0:3c:95:78:39:24:22:17:be:b9:ad:88:73:d4:42 + f3:a3:62:00:ca:19:8f:63:45:bc:b7:6c:cb:27:fc:f2 + db:ea:23:9e:50:fd:dd:3c:d6:93:04:c9:50:e7:09:4a + ff:0a:96:59:02:b7:22:06:d0:4e:37:59:ba:ed:05:ae + 05:92:2d:8b:e9:35:56:c8:ca:cd:c3:60:6c:56:ee:37 + 89:c3:77:5f:76:7a:89:09:ab:44:4b:c1:d7:ee:4a:41 + 67:73:02:ef:df:33:7b:4c:ee:08:2d:92:18:fe:44:aa + 5d:68:d3:4e:fb:79:6a:c4:32:19:dc:f8:dd:4c:2e:6e + c4:58:ef:a4:82:da:7e:18:1c:08:64:17:71:24:f0:cf + 21:4b:0c:5a:28:ef:ec:a4:0e:c5:32:bb:76:73:ff:ea + 9b:9b:d0:a0:b1:ef:e6:db:97:c5:18:c4:db:17:b9:a5 +Other Information: + SHA1 fingerprint: + bc7510b271456cffd765d0c9ce7a8154215b7b37 + SHA256 fingerprint: + fb1b071cdc055092f973d90675f8b4df709796e64d5d9ac8a01485dfa18d3e2c + Public Key ID: + e4542a434d9a4e310a54b6e3fe5f9ad3b9f1b552 + Public key's random art: + +--[ RSA 8192]----+ + | .o.o +o. . | + | o + =.o | + | + * + | + | . + * | + | . . S | + | . E | + | . .o. .. | + | . .+oo.. . | + | ..+...... | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIGKTCCBRGgAwIBAgIEAQwAATANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNjAxMDEwMDAwMDFaFw0wNzEyMzEyMzU5NTlaMFQxGTAXBgNVBAMTEEFy +amVuIEsuIExlbnN0cmExFjAUBgNVBAoTDUNvbGxpc2lvbmFpcnMxEjAQBgNVBAcT +CUVpbmRob3ZlbjELMAkGA1UEBhMCTkwwggQiMA0GCSqGSIb3DQEBAQUAA4IEDwAw +ggQKAoIEAQDuc+fWs7NPuqE5PQKkdCWBjchPhnNukHIou+h3AgOFjYzxg3r/Xmwi +EwNq89lcd+nCI31gjMSp+5cwi7+YKGEvFZniYVvM3tpZMFMvs90RcnjklEAUM2MO +dGHB3JuAGy5VIBWlE/9655c+9EuDUuTgSXmzHrYAZU1R9KOBzr4/C9CZ0TDRRW+r +4Eo+mIXIxPspe4a1d1LNZBmAn+N+YobwdzLR4GmltOVmcLi7uuXCEXQqEx0FcRzx +/jKvkz8e7yJHYuOq2sF8QORIykGoeaA9PPZl8jnH8/6Cs4ToNefJ6L3uMMJoohIS +hHid9C9EkG8Zt5AmRkQ24dpl+gxTo3f6DSsBK33cKFXa5bVRUeKANBEhILXnnsXy +ap9p2oXXTvapegsRZO+iX7GuJrpFHM2noueEM5xEfVYFSaYL8GdilL9YDJGexFcC +XTx4YLmClsCrn+Wx01OILibB9yG0GJnZcrWh1QULaEU2RIAQr4x6/3zo6sy5sfu9 +0SnU9dSZ+4EpJN8wLLPEUCM4YpeTlrOkbND/fxQmcRxFkpe2XRzvZsGHUeCUvwjz +spgcXM5S2WPVpCWaZFV+TRue/i2aUW0ebsi7NwZoJa6mNhZgK9fRFiWgapBzm00K +BuqHKjr566EmKb7WeUBWG9k3SonWDw1yLJ/raDPsU/Cw/XaqBHtmyQ/OsdLiLMCZ +uaS5PgAAAA9UqJUXbkwpWkBfr1TO6C0EOkXOQLFVvjTr3nhHhaJbf4lNQk+hJ7FX +qKEg+Z/lMQLIH6kOC5vaG6d133XZFSqAJXoe01LdSeV+Bo/z8Cyr1KyX27w/oCBa +dDAvZcf0mkGeCP1Uv6/BTXirqrMN2z/ISOPfAsWkDtokjJ/0dIKFDP373ZvFVUe3 +QE9YA8G7gWMhcxJ+GpOySvtueoBFCGXbN0Z21Xa6UpbMxsEwgtGrNlIfGorZRUZr +nvBq9DoC1wt/uLfcbSaMPbpomPZVL6P7sz3L+tp7M/p12Tr+JivTev91mV/Q6XdL +paJqfEQ/805GFQKiy3d+mC0Ac3UUuI7SjWH0KOiDh98r8CIwrRep1E/zZIUKB9tC +p4Jqwu44mcrD7CdHIdR22WZY9TcWZ2WH+P8U243mdBr6Igbbo7EYKLqHxuHoigIv +Gqjd0DfqsEm1x9MFPQpj14Yd6gez2Lcg3gaM9H5le7REULhdUvdJ1ZVy3wwONDO0 +fJqhmoVvHcPNrbr7FDA1yFpTr1ciA492XA1iG2a2n//9CR1KZhpFO/Ha7Ro6I0Gz +fX9iOxWPbsArSaJTZEMPy1hhSD4elUPtLuflSkwQim5kGUCYDuYNFK7lWa8wA351 +sjCc4CH/4xCb8gU4kqsK5ANRbiq1gGf3AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgXgMA0GCSqGSIb3DQEBBAUAA4IBAQCGwIdtIGgtyJdEP5dpDd+ykHTL +JcNY8J+BI0ziZaRDM8tqeLIycykXANzWut9VCIoZoxelHWCSrD9vxiQ2ATZ6ai/A +lptOiRO/wjFfWvNdg/vQPJV4OSQiF765rYhz1ELzo2IAyhmPY0W8t2zLJ/zy2+oj +nlD93TzWkwTJUOcJSv8KllkCtyIG0E43WbrtBa4Fki2L6TVWyMrNw2BsVu43icN3 +X3Z6iQmrREvB1+5KQWdzAu/fM3tM7ggtkhj+RKpdaNNO+3lqxDIZ3PjdTC5uxFjv +pILafhgcCGQXcSTwzyFLDFoo7+ykDsUyu3Zz/+qbm9Cgse/m25fFGMTbF7ml +-----END CERTIFICATE----- +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 02181144 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sat Jan 01 00:00:01 UTC 2005 + Not After: Thu Jan 01 00:00:01 UTC 2015 + Subject: C=NL,L=Eindhoven,CN=Hash Collision CA + Subject Public Key Algorithm: RSA + Algorithm Security Level: Medium (2048 bits) + Modulus (bits 2048): + 00:ca:70:fa:c4:40:06:fb:b4:1a:8e:e4:19:5a:a9:77 + 1f:75:91:74:59:d2:68:b9:30:46:03:5b:a1:dc:b5:4a + 28:2a:1e:28:48:b7:78:ba:e0:67:70:0a:cd:64:2c:b0 + 8d:57:0d:bb:0f:89:56:df:23:a0:a3:c6:e5:df:ae:ef + 53:d8:bd:c1:64:f4:cb:e5:2e:47:aa:58:6e:ff:f3:b2 + 9f:0c:bd:42:39:4c:64:63:77:ef:3d:e2:f7:be:9b:62 + 99:37:45:12:68:b9:51:6a:32:f1:7b:d4:a4:ea:3b:a4 + 72:3d:2f:a1:a0:f2:34:42:0a:f9:50:40:d3:ce:0c:ed + 5f:60:db:0a:26:46:9f:07:17:9d:2b:c2:9f:62:3a:61 + 80:33:96:9f:f7:ac:6b:92:a4:94:c1:27:a6:13:79:b3 + 17:ab:b7:21:48:64:37:54:2d:c6:d0:5d:a7:14:b6:d0 + 59:ce:47:0c:b3:90:84:13:49:37:48:59:95:a1:e8:f3 + 34:9d:cf:ca:31:d6:18:a4:fc:a4:87:57:3c:9a:42:6a + 50:83:6f:95:59:ba:4d:b7:6a:68:60:95:b9:b8:64:de + d6:bd:ed:53:45:db:ec:38:40:db:ac:4b:0c:ba:cc:a0 + 14:c5:75:3c:28:05:85:f4:53:fd:52:0f:27:40:43:a0 + 51 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): TRUE + Path Length Constraint: 0 + Key Usage (not critical): + Certificate signing. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 3e:90:33:aa:13:63:8b:3d:6a:f1:d5:36:34:40:8a:c1 + 12:53:e4:ed:8a:49:0e:af:c9:0d:2c:cf:be:7b:d7:f4 + 44:46:35:1a:4b:b9:b9:b0:8c:62:6d:5b:0c:72:14:fc + 6d:e5:78:81:9a:db:a1:d0:bd:d9:bf:81:24:f3:db:22 + 60:1d:a6:0c:79:42:7f:56:86:1d:a5:5c:91:8f:18:3d + 6e:47:cf:fe:5c:91:08:15:da:84:54:28:0e:64:11:53 + 2a:3b:15:58:df:1c:52:9a:ae:26:af:29:10:8d:5d:6d + e7:1e:fa:22:a4:58:fb:3f:2f:88:39:10:8c:f8:49:64 + b7:0d:21:d0:df:5c:eb:51:b6:ec:bb:1f:a1:63:6d:2d + 6f:a2:78:ed:3d:64:6d:f0:93:de:b6:a1:e0:11:85:db + 45:28:ac:b3:e1:fa:44:4f:43:f1:15:01:c7:d6:e9:74 + c1:00:5f:81:45:91:9c:82:c2:a1:ee:cf:bd:f3:a2:30 + 12:74:b0:d3:44:43:18:60:b0:aa:e1:39:25:3c:fa:4c + d7:ee:9d:c5:24:9f:6f:a6:0c:01:83:f5:3a:21:d6:b7 + 51:3b:9e:0c:2e:b0:f5:c9:a6:00:08:e9:27:d4:c3:ab + 85:c7:4e:70:67:7a:95:12:6b:03:89:ca:33:9e:d7:99 +Other Information: + SHA1 fingerprint: + 89bbb66f8639663af859ff7a0c43a9f011655aba + SHA256 fingerprint: + ddc11a3f3660d30e15af5f44ed6f59e800257a44b0201e49b452790e09a5fac7 + Public Key ID: + 5ead859fb9320a7d4bf78e644bd15153c5b3a16b + Public key's random art: + +--[ RSA 2048]----+ + | o*| + | +o| + | o +| + | o o o | + | S o + o | + | o . + E | + | . o + X | + | . oo* = | + | ...o+.o | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIDGDCCAgCgAwIBAgIEAhgRRDANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNTAxMDEwMDAwMDFaFw0xNTAxMDEwMDAwMDFaMD0xGjAYBgNVBAMTEUhh +c2ggQ29sbGlzaW9uIENBMRIwEAYDVQQHEwlFaW5kaG92ZW4xCzAJBgNVBAYTAk5M +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynD6xEAG+7QajuQZWql3 +H3WRdFnSaLkwRgNbody1SigqHihIt3i64GdwCs1kLLCNVw27D4lW3yOgo8bl367v +U9i9wWT0y+UuR6pYbv/zsp8MvUI5TGRjd+894ve+m2KZN0USaLlRajLxe9Sk6juk +cj0voaDyNEIK+VBA084M7V9g2womRp8HF50rwp9iOmGAM5af96xrkqSUwSemE3mz +F6u3IUhkN1QtxtBdpxS20FnORwyzkIQTSTdIWZWh6PM0nc/KMdYYpPykh1c8mkJq +UINvlVm6TbdqaGCVubhk3ta97VNF2+w4QNusSwy6zKAUxXU8KAWF9FP9Ug8nQEOg +UQIDAQABoyAwHjAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwICBDANBgkqhkiG +9w0BAQQFAAOCAQEAPpAzqhNjiz1q8dU2NECKwRJT5O2KSQ6vyQ0sz7571/RERjUa +S7m5sIxibVsMchT8beV4gZrbodC92b+BJPPbImAdpgx5Qn9Whh2lXJGPGD1uR8/+ +XJEIFdqEVCgOZBFTKjsVWN8cUpquJq8pEI1dbece+iKkWPs/L4g5EIz4SWS3DSHQ +31zrUbbsux+hY20tb6J47T1kbfCT3rah4BGF20UorLPh+kRPQ/EVAcfW6XTBAF+B +RZGcgsKh7s+986IwEnSw00RDGGCwquE5JTz6TNfuncUkn2+mDAGD9Toh1rdRO54M +LrD1yaYACOkn1MOrhcdOcGd6lRJrA4nKM57XmQ== +-----END CERTIFICATE----- diff --git a/tests/rsa-md5-collision/colliding-chain-md5-2.pem b/tests/rsa-md5-collision/colliding-chain-md5-2.pem new file mode 100644 index 0000000000..e2fc08360b --- /dev/null +++ b/tests/rsa-md5-collision/colliding-chain-md5-2.pem @@ -0,0 +1,252 @@ +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 020c0001 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sun Jan 01 00:00:01 UTC 2006 + Not After: Mon Dec 31 23:59:59 UTC 2007 + Subject: C=NL,L=Eindhoven,O=Collision Factory,CN=Marc Stevens + Subject Public Key Algorithm: RSA + Algorithm Security Level: High (8189 bits) + Modulus (bits 8189): + 1a:09:b4:cb:40:c7:26:7a:af:01:7f:9b:a4:74:25:81 + 8d:c8:4f:86:73:6e:90:72:28:bb:e8:77:02:03:85:8d + 8c:f1:83:7a:ff:5e:6c:22:13:03:6a:f3:d9:5c:77:e9 + c2:23:7d:60:8c:c4:a9:fb:97:30:7b:bf:98:28:61:2f + 15:99:e2:61:5b:cc:de:da:59:30:53:2f:b3:dd:11:72 + 78:e4:94:40:14:33:63:0e:74:61:c1:dc:9b:80:1b:2e + 55:20:15:a5:13:ff:7a:e7:97:3e:f4:4b:83:52:e4:e0 + 49:79:b3:1e:b6:00:65:4d:51:f4:a4:81:ce:be:3f:0b + d0:99:d1:30:d1:45:6f:ab:e0:4a:3e:98:85:c8:c4:fb + 29:7b:86:b5:77:52:cd:64:19:80:9f:e3:7e:62:86:f0 + 77:32:d1:e0:69:a5:b4:e5:66:70:b8:bb:ba:e5:c2:11 + 74:2a:13:1d:05:71:1c:f1:fe:22:af:93:3f:1e:ef:22 + 47:62:e3:aa:da:c1:7c:40:e4:48:ca:41:a8:79:a0:3d + 3c:f6:65:f2:39:c7:f3:fe:82:b3:84:e8:35:e7:c9:e8 + bd:ee:30:c2:68:a2:12:12:84:78:9d:f4:2f:44:90:6f + 19:b7:90:26:46:44:36:e1:da:64:fa:0c:53:a3:77:fa + 0d:2b:01:2b:7d:dc:28:55:da:e5:b5:51:51:e2:80:34 + 11:21:20:b5:e7:9e:c5:f2:6a:9f:69:da:85:d7:4e:f6 + a9:7a:0b:11:64:ef:a2:5f:b1:ae:26:ba:45:1c:cd:a7 + a2:e7:84:33:9c:44:7d:56:25:49:a6:0b:f0:67:62:94 + bf:58:0c:91:9e:c4:57:02:5d:3c:78:60:b9:82:96:c0 + ab:9f:e5:b1:d3:53:88:2e:26:c1:f7:21:b4:18:99:d9 + 72:b5:a1:d5:05:0b:68:45:36:44:80:10:af:8c:7a:ff + 7c:e8:ea:cc:b9:b1:fb:bd:c9:29:d4:f5:d4:99:fb:81 + 29:24:df:30:2c:b3:c4:50:23:38:62:97:93:96:b3:a4 + 6c:d0:ff:7f:14:26:71:1c:45:92:97:b6:5d:1c:ef:66 + c1:87:51:e0:94:bf:08:f3:b2:98:1c:5c:ce:52:d9:63 + d5:a4:25:9a:64:55:7e:4d:1b:9e:fe:0d:9a:51:6d:1e + 6e:c8:bb:37:06:68:25:ae:a6:36:16:60:2b:d7:d1:16 + 25:a0:6a:90:73:9b:4d:0a:06:ea:87:2a:3a:f9:eb:a1 + 26:29:be:d6:79:40:56:1b:d9:37:4a:89:d6:0f:0d:72 + 2c:9f:eb:68:33:ec:53:f0:b0:fd:76:a2:04:7b:66:c9 + 0f:ce:b1:d2:e2:2c:c0:99:b9:a4:b9:3e:00:00:00:0f + 54:a8:95:17:6e:4c:29:5a:40:5f:af:54:ce:e8:2d:04 + 3a:45:ce:40:b1:55:be:34:eb:de:78:47:85:a2:5b:7f + 89:4d:42:4f:a1:27:b1:57:a8:a1:20:f9:9f:e5:31:02 + c8:1f:a9:0e:0b:9b:da:1b:a7:75:df:75:d9:15:2a:80 + 25:7a:1e:d3:52:dd:49:e5:7e:06:8f:f3:f0:2c:ab:d4 + ac:97:db:bc:3f:a0:20:5a:74:30:2f:65:c7:f4:9a:41 + 9e:08:fd:54:bf:af:c1:4d:78:ab:aa:b3:0d:db:3f:c8 + 48:e3:df:02:c5:a4:0e:da:24:8c:9f:f4:74:82:85:0c + fd:fb:dd:9b:c5:55:47:b7:40:4f:58:03:c1:bb:81:63 + 21:73:12:7e:1a:93:b2:4a:fb:6e:7a:80:45:08:65:db + 37:46:76:d5:76:ba:52:96:cc:c6:c1:30:82:d1:ab:36 + 52:1f:1a:8a:d9:45:46:6b:9e:f0:6a:f4:3a:02:d7:0b + 7f:b8:b7:dc:6d:26:8c:3d:ba:68:98:f6:55:2f:a3:fb + b3:3d:cb:fa:da:7b:33:fa:75:d9:3a:fe:26:2b:d3:7a + ff:75:99:5f:d0:e9:77:4b:a5:a2:6a:7c:44:3f:f3:4e + 46:15:02:a2:cb:77:7e:98:2d:00:73:75:14:b8:8e:d2 + 8d:61:f4:28:e8:83:87:df:2b:f0:22:30:ad:17:a9:d4 + 4f:f3:64:85:0a:07:db:42:a7:82:6a:c2:ee:38:99:ca + c3:ec:27:47:21:d4:76:d9:66:58:f5:37:16:67:65:87 + f8:ff:14:db:8d:e6:74:1a:fa:22:06:db:a3:b1:18:28 + ba:87:c6:e1:e8:8a:02:2f:1a:a8:dd:d0:37:ea:b0:49 + b5:c7:d3:05:3d:0a:63:d7:86:1d:ea:07:b3:d8:b7:20 + de:06:8c:f4:7e:65:7b:b4:44:50:b8:5d:52:f7:49:d5 + 95:72:df:0c:0e:34:33:b4:7c:9a:a1:9a:85:6f:1d:c3 + cd:ad:ba:fb:14:30:35:c8:5a:53:af:57:22:03:8f:76 + 5c:0d:62:1b:66:b6:9f:ff:fd:09:1d:4a:66:1a:45:3b + f1:da:ed:1a:3a:23:41:b3:7d:7f:62:3b:15:8f:6e:c0 + 2b:49:a2:53:64:43:0f:cb:58:61:48:3e:1e:95:43:ed + 2e:e7:e5:4a:4c:10:8a:6e:64:19:40:98:0e:e6:0d:14 + ae:e5:59:af:30:03:7e:75:b2:30:9c:e0:21:ff:e3:10 + 9b:f2:05:38:92:ab:0a:e4:03:51:6e:2a:b5:80:67:f7 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): FALSE + Key Usage (not critical): + Digital signature. + Non repudiation. + Key encipherment. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 86:c0:87:6d:20:68:2d:c8:97:44:3f:97:69:0d:df:b2 + 90:74:cb:25:c3:58:f0:9f:81:23:4c:e2:65:a4:43:33 + cb:6a:78:b2:32:73:29:17:00:dc:d6:ba:df:55:08:8a + 19:a3:17:a5:1d:60:92:ac:3f:6f:c6:24:36:01:36:7a + 6a:2f:c0:96:9b:4e:89:13:bf:c2:31:5f:5a:f3:5d:83 + fb:d0:3c:95:78:39:24:22:17:be:b9:ad:88:73:d4:42 + f3:a3:62:00:ca:19:8f:63:45:bc:b7:6c:cb:27:fc:f2 + db:ea:23:9e:50:fd:dd:3c:d6:93:04:c9:50:e7:09:4a + ff:0a:96:59:02:b7:22:06:d0:4e:37:59:ba:ed:05:ae + 05:92:2d:8b:e9:35:56:c8:ca:cd:c3:60:6c:56:ee:37 + 89:c3:77:5f:76:7a:89:09:ab:44:4b:c1:d7:ee:4a:41 + 67:73:02:ef:df:33:7b:4c:ee:08:2d:92:18:fe:44:aa + 5d:68:d3:4e:fb:79:6a:c4:32:19:dc:f8:dd:4c:2e:6e + c4:58:ef:a4:82:da:7e:18:1c:08:64:17:71:24:f0:cf + 21:4b:0c:5a:28:ef:ec:a4:0e:c5:32:bb:76:73:ff:ea + 9b:9b:d0:a0:b1:ef:e6:db:97:c5:18:c4:db:17:b9:a5 +Other Information: + SHA1 fingerprint: + 6fea1157b6edc59d28bf96590ceab3cc32366a51 + SHA256 fingerprint: + 387fa1529fa8e3fa7b8a5ecdbea0301275144c02d5ee93d0bea9726bdc98e5ef + Public Key ID: + 85d9ae67a92fccea10f681a683109658d91e788d + Public key's random art: + +--[ RSA 8189]----+ + | .+ o | + |..+ E . + | + |oo o . o o | + |.. .. o | + |. = . S . | + |.. + o . . . | + |. o . .o. + | + | . . ++ | + | .o..o. | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIGKTCCBRGgAwIBAgIEAgwAATANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNjAxMDEwMDAwMDFaFw0wNzEyMzEyMzU5NTlaMFQxFTATBgNVBAMTDE1h +cmMgU3RldmVuczEaMBgGA1UEChMRQ29sbGlzaW9uIEZhY3RvcnkxEjAQBgNVBAcT +CUVpbmRob3ZlbjELMAkGA1UEBhMCTkwwggQiMA0GCSqGSIb3DQEBAQUAA4IEDwAw +ggQKAoIEAQAaCbTLQMcmeq8Bf5ukdCWBjchPhnNukHIou+h3AgOFjYzxg3r/Xmwi +EwNq89lcd+nCI31gjMSp+5cwe7+YKGEvFZniYVvM3tpZMFMvs90RcnjklEAUM2MO +dGHB3JuAGy5VIBWlE/9655c+9EuDUuTgSXmzHrYAZU1R9KSBzr4/C9CZ0TDRRW+r +4Eo+mIXIxPspe4a1d1LNZBmAn+N+YobwdzLR4GmltOVmcLi7uuXCEXQqEx0FcRzx +/iKvkz8e7yJHYuOq2sF8QORIykGoeaA9PPZl8jnH8/6Cs4ToNefJ6L3uMMJoohIS +hHid9C9EkG8Zt5AmRkQ24dpk+gxTo3f6DSsBK33cKFXa5bVRUeKANBEhILXnnsXy +ap9p2oXXTvapegsRZO+iX7GuJrpFHM2noueEM5xEfVYlSaYL8GdilL9YDJGexFcC +XTx4YLmClsCrn+Wx01OILibB9yG0GJnZcrWh1QULaEU2RIAQr4x6/3zo6sy5sfu9 +ySnU9dSZ+4EpJN8wLLPEUCM4YpeTlrOkbND/fxQmcRxFkpe2XRzvZsGHUeCUvwjz +spgcXM5S2WPVpCWaZFV+TRue/g2aUW0ebsi7NwZoJa6mNhZgK9fRFiWgapBzm00K +BuqHKjr566EmKb7WeUBWG9k3SonWDw1yLJ/raDPsU/Cw/XaiBHtmyQ/OsdLiLMCZ +uaS5PgAAAA9UqJUXbkwpWkBfr1TO6C0EOkXOQLFVvjTr3nhHhaJbf4lNQk+hJ7FX +qKEg+Z/lMQLIH6kOC5vaG6d133XZFSqAJXoe01LdSeV+Bo/z8Cyr1KyX27w/oCBa +dDAvZcf0mkGeCP1Uv6/BTXirqrMN2z/ISOPfAsWkDtokjJ/0dIKFDP373ZvFVUe3 +QE9YA8G7gWMhcxJ+GpOySvtueoBFCGXbN0Z21Xa6UpbMxsEwgtGrNlIfGorZRUZr +nvBq9DoC1wt/uLfcbSaMPbpomPZVL6P7sz3L+tp7M/p12Tr+JivTev91mV/Q6XdL +paJqfEQ/805GFQKiy3d+mC0Ac3UUuI7SjWH0KOiDh98r8CIwrRep1E/zZIUKB9tC +p4Jqwu44mcrD7CdHIdR22WZY9TcWZ2WH+P8U243mdBr6Igbbo7EYKLqHxuHoigIv +Gqjd0DfqsEm1x9MFPQpj14Yd6gez2Lcg3gaM9H5le7REULhdUvdJ1ZVy3wwONDO0 +fJqhmoVvHcPNrbr7FDA1yFpTr1ciA492XA1iG2a2n//9CR1KZhpFO/Ha7Ro6I0Gz +fX9iOxWPbsArSaJTZEMPy1hhSD4elUPtLuflSkwQim5kGUCYDuYNFK7lWa8wA351 +sjCc4CH/4xCb8gU4kqsK5ANRbiq1gGf3AgMBAAGjGjAYMAkGA1UdEwQCMAAwCwYD +VR0PBAQDAgXgMA0GCSqGSIb3DQEBBAUAA4IBAQCGwIdtIGgtyJdEP5dpDd+ykHTL +JcNY8J+BI0ziZaRDM8tqeLIycykXANzWut9VCIoZoxelHWCSrD9vxiQ2ATZ6ai/A +lptOiRO/wjFfWvNdg/vQPJV4OSQiF765rYhz1ELzo2IAyhmPY0W8t2zLJ/zy2+oj +nlD93TzWkwTJUOcJSv8KllkCtyIG0E43WbrtBa4Fki2L6TVWyMrNw2BsVu43icN3 +X3Z6iQmrREvB1+5KQWdzAu/fM3tM7ggtkhj+RKpdaNNO+3lqxDIZ3PjdTC5uxFjv +pILafhgcCGQXcSTwzyFLDFoo7+ykDsUyu3Zz/+qbm9Cgse/m25fFGMTbF7ml +-----END CERTIFICATE----- +X.509 Certificate Information: + Version: 3 + Serial Number (hex): 02181144 + Issuer: C=NL,L=Eindhoven,CN=Hash Collision CA + Validity: + Not Before: Sat Jan 01 00:00:01 UTC 2005 + Not After: Thu Jan 01 00:00:01 UTC 2015 + Subject: C=NL,L=Eindhoven,CN=Hash Collision CA + Subject Public Key Algorithm: RSA + Algorithm Security Level: Medium (2048 bits) + Modulus (bits 2048): + 00:ca:70:fa:c4:40:06:fb:b4:1a:8e:e4:19:5a:a9:77 + 1f:75:91:74:59:d2:68:b9:30:46:03:5b:a1:dc:b5:4a + 28:2a:1e:28:48:b7:78:ba:e0:67:70:0a:cd:64:2c:b0 + 8d:57:0d:bb:0f:89:56:df:23:a0:a3:c6:e5:df:ae:ef + 53:d8:bd:c1:64:f4:cb:e5:2e:47:aa:58:6e:ff:f3:b2 + 9f:0c:bd:42:39:4c:64:63:77:ef:3d:e2:f7:be:9b:62 + 99:37:45:12:68:b9:51:6a:32:f1:7b:d4:a4:ea:3b:a4 + 72:3d:2f:a1:a0:f2:34:42:0a:f9:50:40:d3:ce:0c:ed + 5f:60:db:0a:26:46:9f:07:17:9d:2b:c2:9f:62:3a:61 + 80:33:96:9f:f7:ac:6b:92:a4:94:c1:27:a6:13:79:b3 + 17:ab:b7:21:48:64:37:54:2d:c6:d0:5d:a7:14:b6:d0 + 59:ce:47:0c:b3:90:84:13:49:37:48:59:95:a1:e8:f3 + 34:9d:cf:ca:31:d6:18:a4:fc:a4:87:57:3c:9a:42:6a + 50:83:6f:95:59:ba:4d:b7:6a:68:60:95:b9:b8:64:de + d6:bd:ed:53:45:db:ec:38:40:db:ac:4b:0c:ba:cc:a0 + 14:c5:75:3c:28:05:85:f4:53:fd:52:0f:27:40:43:a0 + 51 + Exponent (bits 24): + 01:00:01 + Extensions: + Basic Constraints (not critical): + Certificate Authority (CA): TRUE + Path Length Constraint: 0 + Key Usage (not critical): + Certificate signing. + Signature Algorithm: RSA-MD5 +warning: signed using a broken signature algorithm that can be forged. + Signature: + 3e:90:33:aa:13:63:8b:3d:6a:f1:d5:36:34:40:8a:c1 + 12:53:e4:ed:8a:49:0e:af:c9:0d:2c:cf:be:7b:d7:f4 + 44:46:35:1a:4b:b9:b9:b0:8c:62:6d:5b:0c:72:14:fc + 6d:e5:78:81:9a:db:a1:d0:bd:d9:bf:81:24:f3:db:22 + 60:1d:a6:0c:79:42:7f:56:86:1d:a5:5c:91:8f:18:3d + 6e:47:cf:fe:5c:91:08:15:da:84:54:28:0e:64:11:53 + 2a:3b:15:58:df:1c:52:9a:ae:26:af:29:10:8d:5d:6d + e7:1e:fa:22:a4:58:fb:3f:2f:88:39:10:8c:f8:49:64 + b7:0d:21:d0:df:5c:eb:51:b6:ec:bb:1f:a1:63:6d:2d + 6f:a2:78:ed:3d:64:6d:f0:93:de:b6:a1:e0:11:85:db + 45:28:ac:b3:e1:fa:44:4f:43:f1:15:01:c7:d6:e9:74 + c1:00:5f:81:45:91:9c:82:c2:a1:ee:cf:bd:f3:a2:30 + 12:74:b0:d3:44:43:18:60:b0:aa:e1:39:25:3c:fa:4c + d7:ee:9d:c5:24:9f:6f:a6:0c:01:83:f5:3a:21:d6:b7 + 51:3b:9e:0c:2e:b0:f5:c9:a6:00:08:e9:27:d4:c3:ab + 85:c7:4e:70:67:7a:95:12:6b:03:89:ca:33:9e:d7:99 +Other Information: + SHA1 fingerprint: + 89bbb66f8639663af859ff7a0c43a9f011655aba + SHA256 fingerprint: + ddc11a3f3660d30e15af5f44ed6f59e800257a44b0201e49b452790e09a5fac7 + Public Key ID: + 5ead859fb9320a7d4bf78e644bd15153c5b3a16b + Public key's random art: + +--[ RSA 2048]----+ + | o*| + | +o| + | o +| + | o o o | + | S o + o | + | o . + E | + | . o + X | + | . oo* = | + | ...o+.o | + +-----------------+ + +-----BEGIN CERTIFICATE----- +MIIDGDCCAgCgAwIBAgIEAhgRRDANBgkqhkiG9w0BAQQFADA9MRowGAYDVQQDExFI +YXNoIENvbGxpc2lvbiBDQTESMBAGA1UEBxMJRWluZGhvdmVuMQswCQYDVQQGEwJO +TDAeFw0wNTAxMDEwMDAwMDFaFw0xNTAxMDEwMDAwMDFaMD0xGjAYBgNVBAMTEUhh +c2ggQ29sbGlzaW9uIENBMRIwEAYDVQQHEwlFaW5kaG92ZW4xCzAJBgNVBAYTAk5M +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynD6xEAG+7QajuQZWql3 +H3WRdFnSaLkwRgNbody1SigqHihIt3i64GdwCs1kLLCNVw27D4lW3yOgo8bl367v +U9i9wWT0y+UuR6pYbv/zsp8MvUI5TGRjd+894ve+m2KZN0USaLlRajLxe9Sk6juk +cj0voaDyNEIK+VBA084M7V9g2womRp8HF50rwp9iOmGAM5af96xrkqSUwSemE3mz +F6u3IUhkN1QtxtBdpxS20FnORwyzkIQTSTdIWZWh6PM0nc/KMdYYpPykh1c8mkJq +UINvlVm6TbdqaGCVubhk3ta97VNF2+w4QNusSwy6zKAUxXU8KAWF9FP9Ug8nQEOg +UQIDAQABoyAwHjAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwICBDANBgkqhkiG +9w0BAQQFAAOCAQEAPpAzqhNjiz1q8dU2NECKwRJT5O2KSQ6vyQ0sz7571/RERjUa +S7m5sIxibVsMchT8beV4gZrbodC92b+BJPPbImAdpgx5Qn9Whh2lXJGPGD1uR8/+ +XJEIFdqEVCgOZBFTKjsVWN8cUpquJq8pEI1dbece+iKkWPs/L4g5EIz4SWS3DSHQ +31zrUbbsux+hY20tb6J47T1kbfCT3rah4BGF20UorLPh+kRPQ/EVAcfW6XTBAF+B +RZGcgsKh7s+986IwEnSw00RDGGCwquE5JTz6TNfuncUkn2+mDAGD9Toh1rdRO54M +LrD1yaYACOkn1MOrhcdOcGd6lRJrA4nKM57XmQ== +-----END CERTIFICATE----- diff --git a/tests/rsa-md5-collision/rsa-md5-collision b/tests/rsa-md5-collision/rsa-md5-collision index 7f3361de5b..2eba208fe7 100755 --- a/tests/rsa-md5-collision/rsa-md5-collision +++ b/tests/rsa-md5-collision/rsa-md5-collision @@ -1,8 +1,9 @@ #!/bin/sh # Copyright (C) 2006, 2008, 2010, 2012 Free Software Foundation, Inc. +# Copyright (C) 2016, Red Hat, Inc. # -# Author: Simon Josefsson +# Author: Simon Josefsson, Nikos Mavrogiannopoulos # # This file is part of GnuTLS. # @@ -20,28 +21,50 @@ # along with GnuTLS; if not, write to the Free Software Foundation, # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -set -e +srcdir="${srcdir:-.}" +CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}" +TMPFILE1=rsa-md5.$$.tmp +TMPFILE2=rsa-md5-2.$$.tmp -srcdir=${srcdir:-.} -CERTTOOL=${CERTTOOL:-../../src/certtool$EXEEXT} +. ${srcdir}/../scripts/common.sh +TSTAMP=`datefudge "2006-09-23 00:00 UTC" date -u +%s 2>/dev/null` +if test "${TSTAMP}" != "1158969600"; then + echo "You need datefudge to run this test" + exit 77 +fi -$CERTTOOL --inder --certificate-info \ - --infile $srcdir/MD5CollisionCA.cer > ca.pem -$CERTTOOL --inder --certificate-info \ - --infile $srcdir/TargetCollidingCertificate1.cer > client1.pem -$CERTTOOL --inder --certificate-info \ - --infile $srcdir/TargetCollidingCertificate2.cer > client2.pem +# Disable leak detection +ASAN_OPTIONS="detect_leaks=0" +export ASAN_OPTIONS -cat client1.pem ca.pem > chain1.pem -cat client2.pem ca.pem > chain2.pem +datefudge -s "2006-10-1" \ +"${CERTTOOL}" --verify-chain --outfile "$TMPFILE1" --infile "${srcdir}/colliding-chain-md5-1.pem" +if test $? = 0;then + echo "Verification on chain1 succeeded" + exit 1 +fi -$CERTTOOL --verify-chain < chain1.pem | \ - grep 'Not verified.' | grep 'insecure algorithm' >/dev/null -$CERTTOOL --verify-chain < chain2.pem | \ - grep 'Not verified.' | grep 'insecure algorithm' >/dev/null +grep 'Not verified.' $TMPFILE1| grep 'insecure algorithm' +if test $? != 0;then + echo "Output on chain1 doesn't match the expected" + exit 1 +fi -rm -f ca.pem client1.pem client2.pem \ - chain1.pem chain2.pem \ + +datefudge -s "2006-10-1" \ +"${CERTTOOL}" --verify-chain --outfile "$TMPFILE2" --infile "${srcdir}/colliding-chain-md5-2.pem" +if test $? = 0;then + echo "Verification on chain2 succeeded" + exit 1 +fi + +grep 'Not verified.' $TMPFILE2| grep 'insecure algorithm' +if test $? != 0;then + echo "Output on chain2 doesn't match the expected" + exit 1 +fi + +rm -f $TMPFILE1 $TMPFILE2 # We're done. exit 0 |