Re: [lamps] draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)
Ryan Sleevi <ryan-ietf@sleevi.com> Wed, 04 August 2021 16:12 UTC
Return-Path: <ryan.sleevi@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CCC773A09C0 for <spasm@ietfa.amsl.com>; Wed, 4 Aug 2021 09:12:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.645
X-Spam-Level:
X-Spam-Status: No, score=-1.645 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tDMyjpFANJeK for <spasm@ietfa.amsl.com>; Wed, 4 Aug 2021 09:12:20 -0700 (PDT)
Received: from mail-pj1-f51.google.com (mail-pj1-f51.google.com [209.85.216.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 850543A09B8 for <spasm@ietf.org>; Wed, 4 Aug 2021 09:12:20 -0700 (PDT)
Received: by mail-pj1-f51.google.com with SMTP id s22-20020a17090a1c16b0290177caeba067so9498533pjs.0 for <spasm@ietf.org>; Wed, 04 Aug 2021 09:12:20 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oAs6JnNeCHNGZtbazfTRGPyRhnqVi/g4MUeBwNTVuPQ=; b=ZrZVcg7QHk3S2II1DQJ1fvL6w9beO2Po6SSRCOX7Qh1rlWJtm8bMN5sJeDJbXslgYO eP6lbIA15uycdkxSsNLwD4GvmYwYU/HmLs6qxezHbH9v6EMKvwRrUT1kJB/5V+bbPIyZ 9bB7+MLPD4XRgGWSdpcy0W2YSqfBfh7gienE5JI1oy/JsSzokhWZCbP5FZqBrUOwgSLk nZZIGS5ksOlSFLpCFWUK6oeub5pj8jXoZ2kQCQ1SekEakH2AZyjdkf0WrF7UTKMB8Fce wdse9VnWam4IGUVxmcIq9kqOT8Q18qvurOHgmsiFFNeY9r3pVE3y2gIg6TxuFPUwN0hx z/xA==
X-Gm-Message-State: AOAM531I31wHitmwJtYi5dbc2C1A+cMl3pbRRbl84KIhMRyvO2gV7O5C nK5BiO++xRbOZ2/QNcDhqu/vcZJyxIM=
X-Google-Smtp-Source: ABdhPJxTAq3++QirI/6Q2tpT6lh6uLnqifVCY4nkTL4TQ9A5hkw1gINyJYoyd5ZmaYH+EzaEKlV/0A==
X-Received: by 2002:a63:4c03:: with SMTP id z3mr607776pga.130.1628093539769; Wed, 04 Aug 2021 09:12:19 -0700 (PDT)
Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com. [209.85.216.41]) by smtp.gmail.com with ESMTPSA id z15sm4015172pgc.13.2021.08.04.09.12.19 for <spasm@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 04 Aug 2021 09:12:19 -0700 (PDT)
Received: by mail-pj1-f41.google.com with SMTP id ca5so3675155pjb.5 for <spasm@ietf.org>; Wed, 04 Aug 2021 09:12:19 -0700 (PDT)
X-Received: by 2002:a63:515:: with SMTP id 21mr685654pgf.70.1628093539124; Wed, 04 Aug 2021 09:12:19 -0700 (PDT)
MIME-Version: 1.0
References: <87czr0ww0d.fsf@fifthhorseman.net> <FF939B28-528B-47F9-9C0C-6585D1B02FBE@vigilsec.com> <87mtq3ukk0.fsf@fifthhorseman.net> <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com> <30546.1627850836@localhost> <CAErg=HHKL-E5yT0UnPKcLfMQU41iDg7GGgjsSXs3eRg8daJRkg@mail.gmail.com> <87wnp347iu.fsf@fifthhorseman.net> <1388.1627996026@localhost> <87pmuu42hf.fsf@fifthhorseman.net> <87mtpy3zkl.fsf@fifthhorseman.net>
In-Reply-To: <87mtpy3zkl.fsf@fifthhorseman.net>
From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Wed, 04 Aug 2021 12:12:08 -0400
X-Gmail-Original-Message-ID: <CAErg=HFvQ=5jN+BoDL-W33iYxHoPULov4TEzqYf9nONbtnANJQ@mail.gmail.com>
Message-ID: <CAErg=HFvQ=5jN+BoDL-W33iYxHoPULov4TEzqYf9nONbtnANJQ@mail.gmail.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: LAMPS WG <spasm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000000f891e05c8be11b1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/9Ep9Lz-h4TGOgwG3EgElhlUNde8>
Subject: Re: [lamps] draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Aug 2021 16:12:25 -0000
On Tue, Aug 3, 2021 at 6:59 PM Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > On Tue 2021-08-03 17:55:56 -0400, Daniel Kahn Gillmor wrote: > > I've been using GnuTLS to generate the objects in the draft thus far, > > and they've been open to code changes that i've suggested in the past > > based on input from this WG. > > I should note that i'm not stuck on using GnuTLS to generate the pkcs12 > objects for this draft, though i would prefer to make them deterministic > (that is, byte-for-byte reproducible from the tooling), and GnuTLS has > been friendlier to reproducibility than other certificate/key management > tools i've encountered. Hey Daniel, Sorry for letting this thread slip by. First, an apology for some confusion due to my earlier reply, but that I see others have picked up on and clarified (namely, PKCS#8 for private keys, PKCS#7/PEM/DER for certs) As it relates to the double OCTET STRING, I didn't reply because I thought Russ' more detailed reply had covered that I'd overlooked something, namely, the indefinite length encoding issue, caused by NSS preferring BER. When you're indefinite length-encoding an OCTET string, you end up having an "outer" indefinite length octet string, and then bound chunks of data in "inner" OCTET strings, followed by the EOC indicator. So the double layering I mentioned is an artifact of the BER encoding Russ pointed out, that I had overlooked. Dmitry's reply provides a lot of wonderful insight into more of these PKCS#12 quirks from different libraries, if you haven't had a chance to review yet. It also helps highlight the "PKCS#12 is wildly different for different folks". Have you had a chance to run those files through the different implementations, to see if you can determine an interoperable encoding for your target? To some degree, this highlights the value of having some references for interoperability. At the same time, it suggests, unfortunately, the need to spend a lot of time with the decoders of these various tools and libraries, to assess the interoperability problem and determine whether it's one of malformed input or misbehaving implementation. Unfortunately, as I mentioned, PKCS#12 is enough of a hell format that I've managed to professionally stay away from it as much as possible, so I'm stumbling just as you are here. NSS using BER should definitely not be the reference example, even if BER is valid (in PKCS#12 and CMS), simply because we know better now :) As it relates to using tooling for determinism, I think the historic approach has been to work directly from the specs building up the binary sequences by hand, according to what's valid in the spec, rather than using an existing OSS library and assuming it's correct, especially for a spec as historically complex and unloved as PKCS#12. When I compare the examples mentioned by Dmitry, it does seem that both NSS and OpenSSL expect the PKCS#7 data (1.2.840.113549.1.7.1) to be an OCTET STRING with the encoded SEQUENCE, rather than the SEQUENCE itself. As Russ and I both noticed, it would appear bob.p12 is going directly to a SEQUENCE, rather than OCTET STRING -> SEQUENCE. Dmitry's examples of what GnuTLS generates also suggests GnuTLS outputs PKCS#7 data as OCTET STRING, so I'm a bit curious to understand how you generated the bob.p12 in the first place? This might help drill down further into the interoperability issue.
- [lamps] draft-ietf-lamps-samples: PKCS12 expertis… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Salz, Rich
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Deb Cooley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Tomas Gustavsson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… David Woodhouse
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- [lamps] On the need for standardization of softwa… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Stephen Farrell
- Re: [lamps] On the need for standardization of so… Tomas Gustavsson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Eliot Lear
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Salz, Rich
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Bernie Hoeneisen
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- [lamps] Transferring cryptographic information in… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… David Woodhouse
- Re: [lamps] On the need for standardization of so… David Woodhouse
- Re: [lamps] On the need for standardization of so… Stephen Farrell
- Re: [lamps] On the need for standardization of so… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] Transferring cryptographic informatio… Michael Richardson
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Jonathan Hammell
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] On the need for standardization of so… Deb Cooley
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Deb Cooley
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- [lamps] advertising multiple S/MIME encryption-ca… Daniel Kahn Gillmor