Bug 149118 - PKCS7 verifier fails to recognize sha1WithRSAEncryption digestAlgorithm
PKCS7 verifier fails to recognize sha1WithRSAEncryption digestAlgorithm
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: openssl (Show other bugs)
3.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
Brian Brock
http://www.aet.tu-cottbus.de/rt2/Tick...
: FutureFeature
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-02-18 17:14 EST by Derek Atkins
Modified: 2007-11-30 17:07 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-05-16 11:26:35 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Derek Atkins 2005-02-18 17:14:44 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20050106

Description of problem:
Created a PKCS7 object on Win32 using cryptoapi, tried to verify it
using openssl.  openssl barfs because windows uses the OID of
"sha1WithRSAEncryption" instead of "sha1".  According to the openssl
team this was fixed in 0.9.7c, but Red Hat is still shipping 0.9.7a
even after all these years.

See openssl ticket #1011 at RT (guest/guest) at:
http://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=1011 for the
upstream information.

Note: I marked this a security issue because it causes a properly
encrypted message to fail to decrypt, which is a denial-of-service attack.

Version-Release number of selected component (if applicable):
All versions from RH9 through RHEL4, and FC1-3

How reproducible:
Always

Steps to Reproduce:
1. get a pkcs7 message signed on windows
2. try to verify the message on linux
3.
    

Actual Results:  Openssl barfs on the digest algorithm.

Expected Results:  Openssl should access the digest algorithm; openssl
0.9.7c does.

Additional info:

Why hasn't Red Hat updated openssl in any significant way since RHL9?
Comment 1 Tomas Mraz 2005-02-18 17:42:21 EST
> Why hasn't Red Hat updated openssl in any significant way since RHL9?

The reason is the openssl changes ABI with almost every new release.
This would mean it would be necessary to maintain many older versions
for compatibility in every RHEL release. Also note that in time of
RHEL3 release it wouldn't be possible to release the openssl-0.9.7c.
Comment 2 Derek Atkins 2005-02-18 17:48:22 EST
a) this is a problem with all versions of Red Hat since RHL9 (as I
said, this problems exists in all releases from RHL9 through RHEL4
plus all versions of Fedora Core -- it's not limited to EL3).

b) There's no way you can say with a straight face that openssl-0.9.7c
was released too soon for EL4, let alone any of the recent Fedora Core
releases.

c) If you look in the openssl RT ticket you can also see what code
would need to be backported to add this functionality.

d) Are there really ABI changes across 0.9.7[letter] releases?
Comment 3 Tomas Mraz 2005-02-21 08:35:48 EST
a) I don't argue about that only that you've reported it against RHEL3.

b) No dispute about that either. You must simply understand that the
amount of work which will be nice to be done for a new release is
unlimited however the resources are definitely limited.

d) Yes - sizes of various structures are changed, functions renamed.
Note that these aren't API but ABI changes instead so recompiling will
help but it's of no help when you don't have source available.
Comment 5 Tomas Mraz 2005-05-16 11:26:35 EDT
In the current Fedora Core 4 Test 3 release we have already openssl-0.9.7f.

If you want this feature backported to RHEL3 or RHEL4 use the paid support issue
tracker to file the request.

Note You need to log in before you can comment on or make changes to this bug.