IETF Logo Mail Archive

Re: [smime] Problems with versions

Carl Wallace <carl@redhoundsoftware.com> Thu, 05 May 2022 15:37 UTC

Return-Path: <carl@redhoundsoftware.com>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D2014C15E6E6 for <smime@ietfa.amsl.com>; Thu, 5 May 2022 08:37:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.094
X-Spam-Level:
X-Spam-Status: No, score=-2.094 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=redhoundsoftware.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xvFedHYmWUO6 for <smime@ietfa.amsl.com>; Thu, 5 May 2022 08:37:41 -0700 (PDT)
Received: from mail-qk1-x72e.google.com (mail-qk1-x72e.google.com [IPv6:2607:f8b0:4864:20::72e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 32BFBC15E6D7 for <smime@ietf.org>; Thu, 5 May 2022 08:37:41 -0700 (PDT)
Received: by mail-qk1-x72e.google.com with SMTP id j9so3431562qkg.1 for <smime@ietf.org>; Thu, 05 May 2022 08:37:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhoundsoftware.com; s=google; h=user-agent:date:subject:from:to:cc:message-id:thread-topic :references:in-reply-to:mime-version:content-transfer-encoding; bh=Skz0OLSNw/06slJNzJ5tELGMeAARupRXMXnR7invvc8=; b=TqHTfImIyroh2HLESCQOKEhrdB+i0NcqVFLFTLgWlD2NP8EaWcAQDEdNs2N5JEzC1Q f4JKjP9A2quzHF0/e+17SMwnuaDyrjr0dRxWsoVMeK99Zu6cm4GhyQxmA9NoQRhg8AHl 0KsRJ+tdxsIq7dR+AKmoI1t9rR3xqlXyurnGo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:user-agent:date:subject:from:to:cc:message-id :thread-topic:references:in-reply-to:mime-version :content-transfer-encoding; bh=Skz0OLSNw/06slJNzJ5tELGMeAARupRXMXnR7invvc8=; b=I4jCyExPPyp/Gc3+IL/4cjgHD3ShUCqpoT8hhXpWXUqWBT8YQiyP931DE5exkQcpH2 uUMdBBQcDr0SEA8CEm2O0zicx8AUVfhjJET0CyWWWWGtgJRyRNLcKQ+Z2CLXcf2o8jlw 70TyrMKZjdfF7FoRS1o7Adrr/V6L8l+0zx6d7UHHGaxbR3Ga6MRNS9NQpR97sbIGr8TW s3iof5U1o+zMSQC/lMzpvgbZm3rrW+KoqPONF9vpZxBNAx0NMi9er8Oh13tCHXmRHTlF xcKIT74qeNYKACeyPxTOE3+wtTjc2uhvaw+ObtnSQ7RnxzijxunMWnrlUhKZzOCODVQJ FawQ==
X-Gm-Message-State: AOAM530Y4Jk5UgxRQvAbB5sGH81YTZEgyW1F9jM8za9oybex3nkZWZ4j SP7d7y8ctGz5yH938RhewodrRg==
X-Google-Smtp-Source: ABdhPJzMh3lB6WPhed8F3JiZ4XErwb5FdN8nM8o3j2AXAmkOrT3YQUhWF71Duqng1dgx8nZ145MsGg==
X-Received: by 2002:ae9:ef11:0:b0:69f:cac1:bac8 with SMTP id d17-20020ae9ef11000000b0069fcac1bac8mr17606395qkg.755.1651765059735; Thu, 05 May 2022 08:37:39 -0700 (PDT)
Received: from [192.168.2.16] (pool-173-66-88-168.washdc.fios.verizon.net. [173.66.88.168]) by smtp.gmail.com with ESMTPSA id h7-20020ac87d47000000b002f39b99f681sm1068383qtb.27.2022.05.05.08.37.39 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 05 May 2022 08:37:39 -0700 (PDT)
User-Agent: Microsoft-MacOutlook/16.60.22041000
Date: Thu, 05 May 2022 11:37:39 -0400
From: Carl Wallace <carl@redhoundsoftware.com>
To: Russ Housley <housley@vigilsec.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>
CC: Spasm <spasm-bounces@ietf.org>, IETF SMIME <smime@ietf.org>
Message-ID: <2260B9C5-C3EC-4A9F-99D8-3099C2864607@redhoundsoftware.com>
Thread-Topic: [smime] Problems with versions
References: <SY4PR01MB6251E381603FAFE558685D86EEFE9@SY4PR01MB6251.ausprd01.prod.outlook.com> <CA16AFE1-CB97-4134-8FC9-4B8B964ACD6E@vigilsec.com> <SY4PR01MB62512D541C42E6873562A17CEEC29@SY4PR01MB6251.ausprd01.prod.outlook.com> <465948BF-6A7A-4BE3-9D90-3D788E3E9273@redhoundsoftware.com> <DAAADCA3-9238-43DA-A851-D3AB4CF45E28@vigilsec.com>
In-Reply-To: <DAAADCA3-9238-43DA-A851-D3AB4CF45E28@vigilsec.com>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/zCVOJGVWhTS6lyzgfYg_qH4FgJs>
Subject: Re: [smime] Problems with versions
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 May 2022 15:37:44 -0000

But the problem would be here (assuming wholesale replacement of SignerInfo):

SignerInfos ::= SET OF SignerInfo

Or here (assuming mods to existing definition):

  SignerInfo ::= SEQUENCE {
      version CMSVersion,
      sid SignerIdentifier,
      digestAlgorithm DigestAlgorithmIdentifier,
      signedAttrs [0] IMPLICIT SignedAttributes OPTIONAL,
      signatureAlgorithm SignatureAlgorithmIdentifier,
      signature SignatureValue,
      unsignedAttrs [1] IMPLICIT Attributes
          {{UnsignedAttributes}} OPTIONAL }

Both of these snips are from 5911.

On 5/5/22, 10:44 AM, "Russ Housley" <housley@vigilsec.com> wrote:

    Carl:

    The first versions of PKCS#7 and then CMS (RFC2630) all used the earlier version of ASN.1, so extensibility markers did not exist yet.  So, the version number logic gives the recipient a heads up about the fields that might be present.

    RFC 5911 uses the new ASN.1 syntax, and it makes use extension markers.  It also makes use of the ASN.1 idiom for noting in which version of CMS changes were made from the original PKCS #7.  For example:

       RevocationInfoChoice ::= CHOICE {
           crl CertificateList,
           ...,
           [[5: other [1] IMPLICIT OtherRevocationInfoFormat ]] }

    Russ

    > On May 5, 2022, at 9:06 AM, Carl Wallace <carl@redhoundsoftware.com> wrote:
    > 
    > + LAMPS
    > 
    > I wonder how many implementations defer the decoding of SignerInfos until after the version number is read. Mine does not, so presence of new SignerInfo or ReceipientInfo types would cause failure to parse without ever seeing the version number. I don't check the version number at all for SignedData/SignerInfo at verification time and just use whichever of SKID or issuer/serial is present. I have also never seen a v4 or v5. There aren't any extensibility markers in the places you’d need them to introduce new SignerInfo or ReceipientInfo types without breaking folks.
    > 
    > On 5/5/22, 8:34 AM, "smime on behalf of Peter Gutmann" <smime-bounces@ietf.org on behalf of pgut001@cs.auckland.ac.nz> wrote:
    > 
    >    Russ Housley <housley@vigilsec.com> writes:
    > 
    >> That is, an unrecognized version can save the recipient for getting a parsing
    >> error.
    > 
    >    But they won't be getting a parsing error, see the example I gave:
    > 
    >> SignedData {
    >>   version = 7,
    >>   digestAlgorithms,
    >>   content,
    >>   signerInfos {
    >>     signerInfo version = 7,
    >>     signerInfo version = 6,
    >>     signerInfo version = 1
    >>     }
    >>   }
    > 
    >    If you change the SignedData version to 1 then an implementation that doesn't
    >    understand version 6 or 7 signerInfos can still process the message because
    >    there's a version 1 signerInfo present.  However if you set it at 7 then the
    >    implementation is being told it can't (or shouldn't) process the message even
    >    though it can.
    > 
    >    The fact that there's some not-currently-recognised but totally processable
    >    (meaning read the header and skip the remaining payload) entry somewhere
    >    further down in the message doesn't mean that the whole message should be
    >    marked as unprocessable by an implementation.
    > 
    >    If there's any implementers still on the list, what would your code do if it
    >    encountered the above message?  And what would it do if the SignedData version
    >    was 1 instead of 7?
    > 
    >    Peter.
    > 
    >    _______________________________________________
    >    smime mailing list
    >    smime@ietf.org
    >    https://www.ietf.org/mailman/listinfo/smime
    > 
    >

v2.23.0 | Report a Bug | By Email