[Opendnssec-develop] signature verification
Roy Arends
roy at nominet.org.uk
Fri Nov 27 19:48:26 UTC 2009
Roland van Rijswijk wrote on 11/27/2009 03:42:03 PM:
> Hi Matthijs,
>
> IMHO this is a blocking issue, right? It is not acceptable if the
> signatures output by the signer are invalid because of a bug in either
> softHSM or Botan. I assume that Rickard is checking out what causes
> this?
At the moment it is unknown if the bug is in softhsm/botan or the signer.
The work-around is to verify signatures immediately in two places:
softhsm/botan and the signer and when a signature fails, log it,
regenerate it immediately, check it, etc.
> If this cannot be fixed at short notice we should consider a 'plan
> B' so the release of OpenDNSSEC does not have to be postponed because of
> a bug in either softHSM or Botan.
We don't know where the bug is, as it might just as well be in opendnssec
part, and I don't want to assume anything right now. The 'plan b' is the
work-around above. That work-around guarantees that there will not be any
false signatures due to this specific bug.
> BTW, is it a reproducable bug -- i.e. will it consistently output a
> wrong signature given the same input data or is the problem
> intermittent? (the latter would be far worse than the former)
The latter. It only occurred once. On 2009-11-23 12:52:08. We haven't been
able to reproduce it.
We're going to soak-test it, starting monday. Continuous signing loop on
softhsm without the ods signer. Continuous signing loop on an sca6000
using OpenDNSSEC.
There are a few coincidences.
1) The first 52 characters (40 bytes) of the bad signature are correct.
The presentation format causes a wrap after 26 characters. So the first
two lines of the presentation format are correct. This might be a complete
coincidence, but worth checking out. (this is the signer part).
2) Additionally, 40 bytes is a multiple of 20 bytes, which is exactly the
size of the output of SHA1. This is even more far fetched, but I'm just
thinking out loud. (this is botan/softhsm).
Roy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20091127/8e2fbfc4/attachment.htm>
More information about the Opendnssec-develop
mailing list