<div dir="ltr"><div>Hi Junxiao,</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Feb 18, 2021 at 5:22 AM Junxiao Shi <<a href="mailto:shijunxiao@email.arizona.edu">shijunxiao@email.arizona.edu</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div>Hi Zhiyi</div><div><br></div><div>I'm finally able to obtain a certificate from your CA.</div><div>However, there are still a few remaining issues.</div><div><br></div><div><font size="4">Missing prefix registration of issued certificate</font></div><div>Currently, it's impossible to retrieve an issued certificate unless the requester is directly connected to the CA host.</div>To solve this issue, the CA needs to perform a prefix registration for each certificate, and use Origin=0x41 in the registration. This would cause local NLSR to initiate a routing announcement on each certificate name, so that the certificate is reachable from anywhere on the network.<div>This prefix registration should be deleted when the certificate falls out of CA's issued certificate cache, which also withdraws the routing announcement.</div></div></div></blockquote><div><br></div><div>I think this is not an issue given the requester will directly contact the CA?</div><div>After fetching the certificate, the requester should take responsibility to make his certificate available to the network.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div><br></div><div dir="ltr"><div><font size="4">decryptionIv check<br></font></div></div></div><div class="gmail_quote"><div>The IV check code is now:</div></div><div class="gmail_quote"><a href="https://github.com/Zhiyi-Zhang/ndncert/blob/de58e605fe26391833c883f1927f7f4cdc226e5b/src/detail/crypto-helpers.cpp#L404-L415" target="_blank">https://github.com/Zhiyi-Zhang/ndncert/blob/de58e605fe26391833c883f1927f7f4cdc226e5b/src/detail/crypto-helpers.cpp#L404-L415</a></div><div class="gmail_quote"><span style="font-family:monospace"> if (decryptionIv.empty()) {<br> decryptionIv = currentIv;<br> }<br> else {<br> if (loadBigU32(currentIv, 8) < loadBigU32(decryptionIv, 8)) {<br> NDN_THROW(std::runtime_error("Error when decrypting the AES Encrypted Block: "<br> "The observed IV is incorrectly formed."));<br> }<br> else {<br> decryptionIv = currentIv;<br> }<br> }</span></div><div class="gmail_quote"><br></div><div class="gmail_quote">The counter check is correct, but it still fails to fulfill these two requirements in the protocol:</div><div class="gmail_quote"><ul><li>The random value portion chosen by the requester must be different from the random value portion chosen by the CA.</li><li>The random value portion in every message from the requester must be the same.<br></li></ul></div></div></blockquote><div><br></div><div>Fixed.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_quote"><br></div><div class="gmail_quote"><font size="4">Crypto timing vulnerability</font></div><div class="gmail_quote">There is timing vulnerability in
<span style="font-family:monospace"><span>ECDHState::deriveSecret</span></span>, <span style="font-family:monospace">hkdf</span>, <span style="font-family:monospace">aesGcm128Decrypt</span> functions.<br></div><div class="gmail_quote"><a href="https://github.com/Zhiyi-Zhang/ndncert/blob/de58e605fe26391833c883f1927f7f4cdc226e5b/src/detail/crypto-helpers.cpp" target="_blank">https://github.com/Zhiyi-Zhang/ndncert/blob/de58e605fe26391833c883f1927f7f4cdc226e5b/src/detail/crypto-helpers.cpp</a></div><div class="gmail_quote">These functions should not check return values or throw errors in the middle, but can only do one check at the end.<br></div></div></blockquote><div><br></div><div>I've updated the code in crypto helpers. (tho I wouldn't worry too much about this issue for now).</div><div><br></div><div>Best,</div><div>Zhiyi</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div class="gmail_quote"></div><div class="gmail_quote"><br></div><div class="gmail_quote">Yours, Junxiao<br> </div></div>
</blockquote></div></div>