[Cryptography] distrusted root CA: WoSign

Ralf Senderek crypto at senderek.ie
Sun Oct 2 06:32:00 EDT 2016 

On Sat, 1 Oct 2016, Jerry Leichter wrote:

> Suppose you want to provide a secure connection between a couple of
> endpoints, all of which you own.
> Unless you want to roll your own software, you have two widely-accepted
> choices for secure connections: SSH and SSL.
> SSH *as a library* is a fairly unusual thing.

It's not. There's Cryptlib which has all the support for SSH you'll ever
want. (https://admin.fedoraproject.org/pkgdb/package/rpms/cryptlib/)

> There are a couple of implementations to be had, but you'd find yourself
> justifying the choice, and its not clear how the configuration works.

For SSH (and even SSL) the configuration options are quite straight-forward:

You can use SSL/TLS with shared keys on any client using Cryptlib, see
page 115 of the manual. In addition you'll need to enable fingerprint
verification of the server (see page 121 of the manual), but as you have
control over all endpoints, that shouldn't be a problem in your 
environment.


> SSL libraries, on the other hand, are almost universal - and come with 
> Java and other common frameworks because they are needed for HTTPS.

There are (at least) bindings for JAVA, C/C++, Perl and Python for
Cryptlib. So these mechanisms *can* be used to build client applications.


> What I would *really* want to do - if I have to use SSL, and anything
> else raises so many issues with security auditors it's rarely worth
> the effort - is to use a self-signed cert and then use certificate
> pinning to ensure that exactly that cert is the only one that will
> ever be accepted.
> In other works, turn the certificate into a pre-shared key.

A quote from the Cryptlib manual (page 233):

   "Certificate Trust Management

     In order to provide extended control over certificate usage, cryptlib
     allows you to both further restrict the usage given in the certificate’s
     CRYPT_CERTINFO_KEYUSAGE attribute and to specify whether a given
     certificate should be implicitly trusted, avoiding the requirement to
     process a (potentially large) chain of certificates in order to
     determine the certificate’s validity"

     more info (and code examples) can be found in the manual.


     --ralf

More information about the cryptography mailing list