Re: [TLS] BoringSSL's TLS test suite
Jim Schaad <ietf@augustcellars.com> Mon, 26 September 2016 00:03 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32B1A12B04D for <tls@ietfa.amsl.com>; Sun, 25 Sep 2016 17:03:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.217
X-Spam-Level:
X-Spam-Status: No, score=-4.217 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-2.316, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YBFEF03hTrUh for <tls@ietfa.amsl.com>; Sun, 25 Sep 2016 17:03:06 -0700 (PDT)
Received: from mail2.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D7E6C12B040 for <tls@ietf.org>; Sun, 25 Sep 2016 17:03:05 -0700 (PDT)
Received: from hebrews (192.168.1.152) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1210.3; Sun, 25 Sep 2016 17:16:19 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: henrick@streamsec.se, 'David Benjamin' <davidben@chromium.org>, 'Adam Langley' <agl@imperialviolet.org>
References: <CAF8qwaBQkVy+wcK1-NFctBepV7TW93YmmPnxS2WoJ6F6=v-aEg@mail.gmail.com> <c70c6db3-5d1c-d2db-1e37-f8849166786e@streamsec.se> <CAF8qwaAQYwW9s0E_V-TqHhTqL9sBhobzsGUch5TDQynK2VNfEw@mail.gmail.com> <227dcca5-6549-3b71-1ceb-23686df822bb@streamsec.se> <CAMfhd9X7fHQbzi-DDXOrX2+M6PLbhg+rimg=BfB-QN16mH6Uyg@mail.gmail.com> <CAF8qwaD16JbOaY9AuxoDP9XyodUk27qbj+86qArxRzHDW66eHw@mail.gmail.com> <c76ebceb-b297-e751-0d5c-cf4a17b2d5be@streamsec.se>
In-Reply-To: <c76ebceb-b297-e751-0d5c-cf4a17b2d5be@streamsec.se>
Date: Sun, 25 Sep 2016 17:02:50 -0700
Message-ID: <009401d21789$54b45af0$fe1d10d0$@augustcellars.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Content-Language: en-us
Thread-Index: AQForOp3QPsKEoAPeD+Qw7kYxpy4lgJNgXjzAbgH+SACI3xQyQFD/t6HAg7G0S4BLCSDIqEIeQpA
X-Originating-IP: [192.168.1.152]
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/jSm2-uzSk-GUtT0uP2VbAMkmIaY>
Cc: tls@ietf.org
Subject: Re: [TLS] BoringSSL's TLS test suite
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Sep 2016 00:03:08 -0000
> -----Original Message----- > From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Henrick Hellström > Sent: Sunday, September 25, 2016 4:35 PM > To: David Benjamin <davidben@chromium.org>; Adam Langley > <agl@imperialviolet.org> > Cc: tls@ietf.org > Subject: Re: [TLS] BoringSSL's TLS test suite > > On 2016-09-25 23:55, David Benjamin wrote: > > I believe we are also correct per spec. My interpretation of these > > documents is that the general AlgorithmIdentifier structure may or may > > not include parameters. However, whether a given parameter value or > > omitting parameters altogether is legal is a question for the > > particular algorithm. It's not overriding but plugging into the general > framework. > > THe ITU-T X.690 standard for DER might require some close reading to interpret, > and this is obviously a topic for debate. I would presume that the use of > "default" in lower caps in section 11.5, refers to both the DEFAULT and the > OPTIONAL keyword: OPTIONAL and DEFAULT are not the same things. A DEFAULT value is omitted but not an OPTIONAL value. A single field cannot be both OPTIONAL and DEFAULT. Jim > > 11.5 Set and sequence components with default value > The encoding of a set value or sequence value shall not include an > encoding for any component value which is equal to its default value. > > After all, this is the only interpretation that is consistent with the description in > section 12.5 of DER as unambiguous. > > Since NULL is always empty, it should be omitted when OPTIONAL, given the > above interpretation. But is it optional? The 1988 syntax did not feature > information objects and classes, hence the use of the ANY keyword. > > Luckily the ASN.1 modules were updated in RFC 5912 to modern ASN.1 syntax. > There you have these declarations: > > -- SIGNATURE-ALGORITHM > -- > -- Describes the basic properties of a signature algorithm > -- > -- &id - contains the OID identifying the signature algorithm > -- &Value - contains a type definition for the value structure of > -- the signature; if absent, implies that no ASN.1 > -- encoding is performed on the value > -- &Params - if present, contains the type for the algorithm > -- parameters; if absent, implies no parameters > -- ¶mPresence - parameter presence requirement > -- &HashSet - The set of hash algorithms used with this > -- signature algorithm > -- &PublicKeySet - the set of public key algorithms for this > -- signature algorithm > -- &smimeCaps - contains the object describing how the S/MIME > -- capabilities are presented. > -- > -- Example: > -- sig-RSA-PSS SIGNATURE-ALGORITHM ::= { > -- IDENTIFIER id-RSASSA-PSS > -- PARAMS TYPE RSASSA-PSS-params ARE required > -- HASHES { mda-sha1 | mda-md5, ... } > -- PUBLIC-KEYS { pk-rsa | pk-rsa-pss } > -- } > > > SIGNATURE-ALGORITHM ::= CLASS { > &id OBJECT IDENTIFIER UNIQUE, > &Value OPTIONAL, > &Params OPTIONAL, > ¶mPresence ParamOptions DEFAULT absent, > &HashSet DIGEST-ALGORITHM OPTIONAL, > &PublicKeySet PUBLIC-KEY OPTIONAL, > &smimeCaps SMIME-CAPS OPTIONAL > } WITH SYNTAX { > IDENTIFIER &id > [VALUE &Value] > [PARAMS [TYPE &Params] ARE ¶mPresence ] > [HASHES &HashSet] > [PUBLIC-KEYS &PublicKeySet] > > AlgorithmIdentifier{ALGORITHM-TYPE, ALGORITHM-TYPE:AlgorithmSet} ::= > SEQUENCE { > algorithm ALGORITHM-TYPE.&id({AlgorithmSet}), > parameters ALGORITHM-TYPE. > &Params({AlgorithmSet}{@algorithm}) OPTIONAL > } > > pk-rsa PUBLIC-KEY ::= { > IDENTIFIER rsaEncryption > KEY RSAPublicKey > PARAMS TYPE NULL ARE absent > -- Private key format not in this module -- > CERT-KEY-USAGE {digitalSignature, nonRepudiation, > keyEncipherment, dataEncipherment, keyCertSign, cRLSign} > } > > Hence, the correct encoding is for NULL to be absent. > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] BoringSSL's TLS test suite David Benjamin
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Adam Langley
- Re: [TLS] BoringSSL's TLS test suite David Benjamin
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Adam Langley
- Re: [TLS] BoringSSL's TLS test suite David Benjamin
- Re: [TLS] BoringSSL's TLS test suite Jim Schaad
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Jim Schaad
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Jim Schaad
- Re: [TLS] BoringSSL's TLS test suite Henrick Hellström
- Re: [TLS] BoringSSL's TLS test suite Jim Schaad