On 2009-07-30 19:04 PDT, Howard Chu wrote: > As far as I can see, CERT_VerifyCertName() is still vulnerable to the > embedded NUL hack that was recently published here > http://www.wired.com/threatlevel/2009/07/kaminsky/ and on slashdot. Yet > some comments in the discussion say that Firefox 3.5 is not vulnerable. > Does anyone know on what basis those comments were made?
Yes. > More to the point, CERT_GetCommonName() just returns a bare char *, > instead of returning the string data+length, which makes it impossible > for the default verifiers to detect this attack. I've had to copy the > guts of CERT_GetLastNameElement() into our own code so that the length > info isn't discarded. CERT_GetCommonName, and all the other similar functions that return elements of a subject name or issuer name, now return a zstring that is properly escaped according to RFC 4514. So, a name with a NULL in it will appear as something like www.mybank.com\00*.badguy.org There's no need to use explicit lengths with that scheme. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto