Re: ECDSA support for l_parse_ssl_certificate

[Jacob Gajek <jgajek () gmail com>]

Hi Brandon,

similar considerations would also apply to fixed Diffie-Hellman modular
integer groups (DH key exchange algorithm).   The group parameters would
also be encoded in the server certificate.  Though I imagine these variants
would be extremely rare in practice.  If you do the elliptic-curve patch,
you could probably cover the modular integer case at the same time.

Jacob

On Tue, Jul 21, 2015 at 3:38 PM, Brandon Paulsen <pauls658 () d umn edu> wrote:

> Hello list!
>
> I'm scraping the github issue list for something I can do this summer to
> contribute to nmap, and I've been looking into issue 173 [1].
>
> Solving this issue is trivial for servers that use ECDHE. In this type of
> key exchange, the server will send a SeverKeyExchange TLS record which can
> be parsed for the curve name using the key exchange functions found in
> nselib/tls.lua (namely unpack_ecdhparams). In addition, the function
> supports extracting parameters for non-named curves.
>
> The solution isn't as trivial when the server uses ECDH ECDSA. In this
> type of key exchange, the server sends the exchange parameters (for
> non-named curves) or the curve name (for named curves) in the certificate.
> As far as I can tell, nmap doesn't have any functions in its lua library
> for extracting these parameters from a certificate. The NSE uses C for
> parsing certificates so that it can use the openssl API. The function that
> does the parsing is l_parse_ssl_certificate found in nse_ssl_cert.cc. I've
> already altered this function to extract the curve name, and I'd like to
> write a patch that works for all types of curves and returns them in a lua
> object structured similarly to the one that unpack_ecdhparams returns. That
> is, the object returned by get_ssl_certificate found in sslcert.lua would
> have an additional member in pubkey called ecdhparams (if ECDH is being
> used) like so:
>
> -- subject = { commonName = "...", countryName = "...",
> --             { "2", "5", "4", "15" } = "...", ... },subject = {
> commonName = "...", countryName = "...",
> --             { "2", "5", "4", "15" } = "...", ... },
> -- issuer = { commonName = "...", ... },
> -- pubkey = { type = "ec", bits = 256, ecdhparams = { ec_curve_type =
> "...", ... } },
> -- validity = { notBefore = { year = 2020, month = 5, day = 5,
> --                            hour = 0, min = 0, sec = 0 },
> --              notAfter = { year = 2021, month = 5, day = 5,
> --                           hour = 0, min = 0, sec = 0 } },
> -- pem = "-----BEGIN
> CERTIFICATE-----\nMIIFxzCCBK+gAwIBAgIQX02QuADDB7CVj..."
>
>
> Thoughts? Suggestions? Is this something the nmap community would like to
> have? The implementation would be relatively straight simple because the
> openssl API provides functions for parsing the ecdh parameters.
>
> Brandon
>
> [1] https://github.com/nmap/nmap/issues/173
>
> _______________________________________________
> Sent through the dev mailing list
> https://nmap.org/mailman/listinfo/dev
> Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/