Can't run example with system certificate about rustls HOT 9 CLOSED

Could you create another key that exhibits this problem and upload it?

from rustls.

Actually, nevermind. I realise now that ssl-cert-snakeoil.* are generated by the ssl-cert debian package. I installed that (on debian testing) and got a 2048-bit RSA key in ssl-cert-snakeoil.key, in a PKCS8 file. Converting it with openssl gave me a key I can use with rustls.

I'm guessing you have an older debian which makes a 1024-bit key. Could you confirm that? openssl rsa -text -in /etc/ssl/private/ssl-cert-snakeoil.key | grep bit should do the trick.

If so I agree that the error reporting when rejecting short RSA keys should be improved!

from rustls.

Private-Key: (1024 bit)

Yes, I think it should discriminate invalid and insecure keys. Maybe it should even contain the list of legacy algorithm names just to output better error messages (so DES or whatever is not an Unknown algorithm, but Obsolete algorithm).

from rustls.

I have been looking into ways to improve the error-reporting here, but I'm not really sure what to do yet (I haven't looked super thoroughly, but I've at least learned some things).

My impression now is that rustls can't give more specific information in the error because the ring library doesn't provide it. That could perhaps be rectified in the ring library by making ring::signature::RSAKeyPair::from_der return more information in an error.

Perhaps the best solution for now is to just add some helpful information to the error message, so that in addition to "Invalid RSA private key", we could add ": this may be because the key is using insecure algorithms or is too short".

Any thoughts @ctz?

from rustls.

I believe briansmith/ring#401 and briansmith/ring#384 will provide the foundation for us to provide some more detailed error reporting in ring.

from rustls.

I seem to have run into something similar - when generating a key/cert pair for (essentially)

https://github.com/actix/examples/tree/master/rustls via openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -sha256 -nodes --subj '/CN=localhost/'

this will barf per

thread 'main' panicked at 'assertion failed: index < len', src/liballoc/vec.rs:993:9

tracing back to the line

config.set_single_cert(cert_chain, keys.remove(0)).unwrap();

in the application code. if I unwrap the key from its structure per

mv key.pem key-x.pem && openssl rsa -in key-x.pem -out key.pem

it works just fine.

Seems like rsa_private_keys vs. pkcs8_private_keys just let this problem just run into a wall instead of handling it.

from rustls.

It isn't clear. Are 1024-bit RSA private keys allowed?

from rustls.

It isn't clear. Are 1024-bit RSA private keys allowed?

no

from rustls.

I believe this (specifically, good errors when rejecting 1024-bit keys) has been addressed upstream.

from rustls.