Re: [lamps] draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)
Ryan Sleevi <ryan-ietf@sleevi.com> Sun, 01 August 2021 01:14 UTC
Return-Path: <ryan.sleevi@gmail.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EB7D3A23F0 for <spasm@ietfa.amsl.com>; Sat, 31 Jul 2021 18:14:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.644
X-Spam-Level:
X-Spam-Status: No, score=-1.644 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id W5YOTs9OeS5z for <spasm@ietfa.amsl.com>; Sat, 31 Jul 2021 18:14:48 -0700 (PDT)
Received: from mail-pj1-f44.google.com (mail-pj1-f44.google.com [209.85.216.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 29E273A23EE for <spasm@ietf.org>; Sat, 31 Jul 2021 18:14:48 -0700 (PDT)
Received: by mail-pj1-f44.google.com with SMTP id s22-20020a17090a1c16b0290177caeba067so604563pjs.0 for <spasm@ietf.org>; Sat, 31 Jul 2021 18:14:48 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=rgZbN239sEw4iPfLBAiAZJnew4MVLvIJJ8eXZMUKJJM=; b=ZIbMlvYWEzyp1Qe98Hobw+goqSy3jO9Zg6EdvureMDcuUjcuBYE/xL3kmxL+gFRzvR rLAnA/ZjpOMrUDKSMNgUBd7vWXcLB20yjyv/AjghpUy+kM5clWF9Z0QNSZsbMPTkah6v BWJfsqkiGK8e2TOUPsAaLH0PEUfHerNGki3bB205TkB7NUzQeBA9PmpDrlXlBIBOlOhL 2eG+JG9369FSInke1Noj6OpoBQFMwfIBFlVi/5LOq8ZpGqA0Z3q0Pr/7kIvmobFoqKLH bbPwwpXrqZ9strPFkvxfPtjlM/rlqy3IOANT91NIgl9q75rkasHZzvht3+FnxK9B5hQR OVsQ==
X-Gm-Message-State: AOAM5302gkKb6qU44K1aTjUPkbQkv6TpZWCpKLE3Hdilkdr/Ol3ki7aq eGq7pGtfjQE4940g5QiKKismz/8Noss=
X-Google-Smtp-Source: ABdhPJyKxcxa6Gq8/px7TAc2mRhWnKIafk2CfTs/8E/B+5kkHxUS3XDSeZgugDrQNfGYAnCjc+FcRw==
X-Received: by 2002:a05:6a00:98b:b029:32a:d9a5:2540 with SMTP id u11-20020a056a00098bb029032ad9a52540mr9687268pfg.66.1627780487275; Sat, 31 Jul 2021 18:14:47 -0700 (PDT)
Received: from mail-pj1-f41.google.com (mail-pj1-f41.google.com. [209.85.216.41]) by smtp.gmail.com with ESMTPSA id n33sm7618760pgm.55.2021.07.31.18.14.46 for <spasm@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 31 Jul 2021 18:14:46 -0700 (PDT)
Received: by mail-pj1-f41.google.com with SMTP id dw2-20020a17090b0942b0290177cb475142so513383pjb.2 for <spasm@ietf.org>; Sat, 31 Jul 2021 18:14:46 -0700 (PDT)
X-Received: by 2002:a17:902:d112:b029:12c:2004:981d with SMTP id w18-20020a170902d112b029012c2004981dmr8678843plw.29.1627780486768; Sat, 31 Jul 2021 18:14:46 -0700 (PDT)
MIME-Version: 1.0
References: <87czr0ww0d.fsf@fifthhorseman.net> <FF939B28-528B-47F9-9C0C-6585D1B02FBE@vigilsec.com> <87mtq3ukk0.fsf@fifthhorseman.net>
In-Reply-To: <87mtq3ukk0.fsf@fifthhorseman.net>
From: Ryan Sleevi <ryan-ietf@sleevi.com>
Date: Sat, 31 Jul 2021 21:14:36 -0400
X-Gmail-Original-Message-ID: <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com>
Message-ID: <CAErg=HHQMZ1jk+bVxA=MzVvW+9ucie7bu-N6O8Asnp0V8Rf9Bg@mail.gmail.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Cc: LAMPS WG <spasm@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000afaec605c8752d69"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/PfnRDJrBdWYvI5ztWPsToaIPD-Q>
Subject: Re: [lamps] draft-ietf-lamps-samples: PKCS12 expertise needed (including objects for comparison)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Aug 2021 01:14:53 -0000
On Sat, Jul 31, 2021 at 8:27 PM Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > do folks here think it's a bug that Keychain Access isn't capable of > reading bob.p12, but is capable of reading bob.laundered.p12? or is > bob.p12 actually malformed in some way? It’s PKCS#12. There is very little interoperability on the market in general, as it is a hell format that is functionally impossible to implement securely, and so no vendor particularly wants to touch. I realize that sounds like my usual hyperbole, but it truly is a pernicious format. In Mozilla NSS, it uses what is known as the “legacy” decoder, because of the need to support BER. The “legacy” decoder is so named because it was, and is, a security tirefire, and the whole system was replaced everywhere in NSS - except the CMS and P12 systems, because unlike other places, Mozilla didn’t feel they could restrict to DER only and remain compatible. For Apple, there’s actually a shared history: the first CMS decoder on macOS systems began as a port of the NSS libraries. This is why, for example, it is speculated that the FBI was able to gain access to the San Bernardino shooters’ phones: by exploiting a bug in the legacy decoder from NSS that had, incidentally, been ported to macOS/iOS [1]. When folks say PKCS#12 is not a place of honor [2] [3] [4], they truly mean nothing valued is there. Again, I realize this sounds hyperbolic, but I also do it to highlight that there’s very little interoperability in the deployed software, in part because it’s impossible to maintain. Since that bug, I believe Apple has rewritten their CMS and PKCS#12 parsers twice; although rewritten may be a bit of a stretch, as it’s more like there are three different parsers depending on which product you’re using. I confess i don't understand the definite length encoding vs. indefinite > encoding question. are these both acceptable PKCS#12 structures? Indefinite length means BER: the format from which a thousand security bugs bloom, because the message size is generally not known before hand, and so you constantly end up running past the end of the message, onto the stack, and making everyone sad along the way. Definite length may be BER or may be DER: it means you actually send the length before the data. The implementation details I mentioned above play into this: you should try to always use DER, for BER is the path of doom. That said, implementations that have an ancestral heritage to NSS, with its unmaintained (and insecure) BER parser (not to be confused with its DER parser for certs and things), will still prefer to encode in BER. I realize saying “use DER” doesn’t get you closer to “interoperable PKCS#12 file”, your end goal, but that’s mostly because many folks gave up on “interoperable PKCS#12” ages ago, and have accepted “if it works, it works, if it doesn’t, try doing something different.” > [1] https://twitter.com/zhuowei/status/1382475494084476928 [2] https://en.wikipedia.org/wiki/Long-time_nuclear_waste_warning_messages#Message [3] https://www.cs.auckland.ac.nz/~pgut001/pubs/pfx.html [4] https://unmitigatedrisk.com/?p=543 >
- [lamps] draft-ietf-lamps-samples: PKCS12 expertis… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Salz, Rich
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Deb Cooley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Tomas Gustavsson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… David Woodhouse
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- [lamps] On the need for standardization of softwa… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Stephen Farrell
- Re: [lamps] On the need for standardization of so… Tomas Gustavsson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Eliot Lear
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Salz, Rich
- Re: [lamps] On the need for standardization of so… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Bernie Hoeneisen
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- [lamps] Transferring cryptographic information in… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… David Woodhouse
- Re: [lamps] On the need for standardization of so… David Woodhouse
- Re: [lamps] On the need for standardization of so… Stephen Farrell
- Re: [lamps] On the need for standardization of so… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] Transferring cryptographic informatio… Michael Richardson
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- Re: [lamps] On the need for standardization of so… Michael Richardson
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Blumenthal, Uri - 0553 - MITLL
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Ryan Sleevi
- Re: [lamps] On the need for standardization of so… Jonathan Hammell
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Russ Housley
- Re: [lamps] draft-ietf-lamps-samples: PKCS12 expe… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Daniel Kahn Gillmor
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] On the need for standardization of so… Deb Cooley
- Re: [lamps] On the need for standardization of so… Carl Wallace
- Re: [lamps] On the need for standardization of so… Deb Cooley
- Re: [lamps] On the need for standardization of so… Russ Housley
- Re: [lamps] On the need for standardization of so… Dmitry Belyavsky
- [lamps] advertising multiple S/MIME encryption-ca… Daniel Kahn Gillmor