Re: [TLS] TLSv1.2 - Is zero signature allowed in client CertificateVerify message?

Richard Barnes <rlb@ipv.sx> Tue, 03 September 2019 14:36 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E05A12011C for <tls@ietfa.amsl.com>; Tue, 3 Sep 2019 07:36:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.349
X-Spam-Level:
X-Spam-Status: No, score=-0.349 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_IMAGE_ONLY_20=1.546, HTML_IMAGE_RATIO_04=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id w-J9_WoJWpem for <tls@ietfa.amsl.com>; Tue, 3 Sep 2019 07:36:23 -0700 (PDT)
Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com [IPv6:2607:f8b0:4864:20::32c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D09C4120089 for <tls@ietf.org>; Tue, 3 Sep 2019 07:36:22 -0700 (PDT)
Received: by mail-ot1-x32c.google.com with SMTP id p23so16987423oto.0 for <tls@ietf.org>; Tue, 03 Sep 2019 07:36:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=a70Svi8WQpifz6yFlcHNA+wU41+y7uJN+BZ2BcLGZxg=; b=WxeNBn7o+TMLWGwbIf5O5fLo1TI1EhRMmuKn/NBKB8nJ9+Hp1/hcm+s7S4ZLnxKrQ/ 9jYONwWQnAkb+iP3FjfmV5N7utq6tpz0Q3o5gsznhTchUQJ20kKv4eJyPphtpt+MsWff ANAOjYbqUPslens6kviiEEoatg3RJEPwQx+qA6CPYJ1OYwDu5c+dVYijLZE5VfExX37K 4rdYc0tJ9JyNMXreEYcCHt0wm7GxigLEQMgNDHu6JR6HLq6aS+27HgG/1X2HqUbSzEDD fRyQSLOvdWgl8VdoN0Srp7vtIT48SVFMoPCH/t7pZHqqFojwBp3tmOOnR18KuD1T/Kab YeHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=a70Svi8WQpifz6yFlcHNA+wU41+y7uJN+BZ2BcLGZxg=; b=ILnwcKc6/dv2AtWQSJCEbNOVwpBaUJMnR2HkvseiseXLgiVm28uv+V3XiwbrLytGUf rA/vu2or3ZRdMj2sHZiuifDGtWNv5usDuAmH8KQi8ObN4SfblQsgAnQ+9KhQS9XCX/l8 7wWUE5sGz+6OpF25OPHspSwnWGWV2itEJX8jN3tkcv7OtNpzh0iYHEami+lNAU4gvDCH wfaV5f9lmFZNaiNq72IbL+SHk46728FTcWnIuqYIIIsV1X5Vl/k9O7slo5/rPFOApxgi JYMW+WCyIwOzlJ+as845/jx99fQSngStyR/9OSF3MAOpjQWPiWI5ZIXZ+QIowZupFEP4 axcg==
X-Gm-Message-State: APjAAAVPSTA621XoVVP8YzTQojxCLBc8wysKd23APYmP1WcMD9IZGDlE tBafThgESjEPVF1p8DNHr0CmNaqoiNNMbGxq6DNVeQ==
X-Google-Smtp-Source: APXvYqwVjdcDUNcduftID0XcxOLL0GijbnVKMrE7zA61Ouhyyt/VIaADpvTWq4Cebbj3j2HC30JT4Q537IMDYwszvto=
X-Received: by 2002:a05:6830:c7:: with SMTP id x7mr11481041oto.241.1567521381245; Tue, 03 Sep 2019 07:36:21 -0700 (PDT)
MIME-Version: 1.0
References: <CAG5P2e8eHYimbgJQZYrJYTJHxijbNMGto66uzmcY6KDDJM_xbg@mail.gmail.com>
In-Reply-To: <CAG5P2e8eHYimbgJQZYrJYTJHxijbNMGto66uzmcY6KDDJM_xbg@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Tue, 3 Sep 2019 10:35:57 -0400
Message-ID: <CAL02cgS0OsUxXz2ht=4uY-ZYqOdmYYCc6VqrHo5LrEusATwEtA@mail.gmail.com>
To: M K Saravanan <mksarav@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/related; boundary="0000000000001b9fb10591a70397"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/6eKJ6VgBoNMtWDP54Ht4wyXc9Sc>
Subject: Re: [TLS] TLSv1.2 - Is zero signature allowed in client CertificateVerify message?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Sep 2019 14:36:25 -0000

I don't believe that's a valid signature according to rsa_pkcs1_sha256, so
yeah, this is probably an error.
--Richard

On Sun, Sep 1, 2019 at 11:33 PM M K Saravanan <mksarav@gmail.com>; wrote:

> Hi,
>
> Is zero signature allowed in client CertificateVerify message (I am
> guessing may be to indicate error condition??). I don't see any thing
> related to zero signature in the TLS 1.2 RFC (or may be I am not looking
> into the right section?)
>
> Today I saw a packet like this and server was terminating the connection
> due to the failure of client cert auth. (because of zero signature in
> client cert verify message).
>
> [image: image.png]
>
> Under what circumstances a client can send a zero signature in the client
> CertificateVerify message?  Is this behaviour TLS 1.2 RFC compliant?
>
> with regards,
> Saravanan
>
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>