NSS and keys 
Thursday, February 9, 2012, 12:09 PM
Posted by Administrator
Using NSS command line tools can be tricky.

I recently wrote this little HOWTO that describes how you can use the NSS command line utilities to create a CSR (Certificate Signing Request), later import the certificate you receive, and make a backup of key and certificate to a PKCS#12 (p12) file.

http://kuix.de/mozilla/nss/howto/create ... st-etc.txt

Also recently, I was asked for help. An Add-On author had created a key pair using NSS tools, for the purpose of the Add-On updating mechanisms (which involves the McCoy tool). Later it became necessary to extract the private key in order to use it with other applications.

Unfortunately, dealing with raw key pairs can be tricky in NSS, the tools are more powerful when dealing with keys that are bound to certificates.

So, we had an NSS database containing a private key, an external copy of the public key as base64, but no direct way of exporting the private key. The solution we used was tricky, so I'm documenting it here.

Using a separate empty NSS database, we used certutil to create a new CSR, of the same key type and size, and stored the binary encoding of the CSR in file some-other.csr

We also created the binary encoding of the public key that we had externally available (found in an update.rdf file).

Then we used the dumpasn1 tool to create a binary dump of some-other.csr - this told us at which byte position inside the public key starts.

Then we used a binary file editor (dd) to create a remixed CSR...
- start with the initial part of some-other.csr until the public key begins
- append the public key from the production key
- append the remainder of some-other.csr, the part after the public key

At this point we had a CSR for the production key, but an invalid one. It's invalid, because the digital signature inside the CSR (a proof of possesion of the private key) didn't match the contained public key.

Next we created a hacked version of NSS' certutil, we disabled the call to CERT_VerifySignedDataWithPublicKeyInfo - which disabled the check for the signature.

This way, we were able to use a local CA certificate (one that I use for testing purposes) to create a certificate for this certificate request. This certificate could be imported (and a nickname assigned to it) into the original production database that had only keys, but no cert.

Now it was possible to use NSS utility pk12util to export the certificate, including its keys, to a PKCS#12 files. As this is a standard container, you can use tools provided by other crypto toolkits to extract the keys and use it elsewhere.

I'm documenting the procedure in the hope it can be helpful for other's who run into the same dilemma.

But the more important message of this story, please avoid this kind of hassle. You shouldn't deal with raw keys, but rather use certificates.

view entry ( 8769 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 2.9 / 159 )

Fosdem 2012: Web Security, and how to stop the next DigiNotar 
Thursday, February 9, 2012, 12:03 PM
Posted by Administrator
At the Fosdem.org 2012 conference in Brussels I had the opportunity to talk about Web Security, the various proposals we've seen regarding trust of key ownership (including my own MECAI proposal), and my opinion what we should be done next.
The text can be found at: https://kuix.de/fosdem2012/

view entry ( 2661 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 2884 )

The Linux Desktop situation and Cinnamon 
Wednesday, January 18, 2012, 01:41 PM
Posted by Administrator
I need a Linux desktop that is stable, reliable, feature complete, obvious to use, suitable for both programmers (such as myself) and users (such as the variety of people around me that I have converted to use Linux).

Unfortunately, as of today, there is no such desktop.

Once upon a time, we had a great Linux desktop environment, its name was Gnome 2. To my shock, Gnome 2, the central piece of software that gave the Linux desktop a chance for growth and success, has been declared as obsolete.

Because Gnome 2 is no longer supported, it effectively means it's no longer available for use on modern computer hardware that require a current Linux kernel and therefore require to use a very recent Linux distribution.

Gnome 2 had a rich set of features and standard add-ons, that made the Linux desktop really work, for example:
- adjustable starter shortcuts, visible for easy discovery
- a list of running programs and open windows
- an obvious, discoverable mechanism to safely shut off the computer, not requiring to be aware of and having to remember a keyboard shortcut
- notification icons for important events
- a mechanism to always display user configurable important information, such as weatcher, stock quotes or other news
- an obviously reachable place for current files of interest (the Desktop)
- quickly reachable monitor settingsm, helpful when connecting to a video projector
- preview of file contents for easy discovery
- it was very stable and reliable

What have we got instead? Let's have a look at the alternatives that are available today.

Gnome 3 is removing features and hiding functionality.
You no longer have a list of open windows, important for people that understand what's going on and want to have full control, and who want to check which applications might have unsaved data.
There are no easily customizable starters, only the ability to run applications with their default parameters.
It's difficult to create a list of easily visible shortcuts, which can help users to be reminded what applications they are supposed to use.
Instead, all users are expected to be smart and remember the name of programs and type those names in. How is that easier?
If a user moves the mouse to a certain position (upper left), the whole display changes, giving users the impression that something is suddenly broken.

XFCE has a nice and simple concept. In many areas it uses the expected, traditional approach to use the desktop.
Unfortunately it appears to be unrealiable. The most important part of the desktop environment, the window manager xfwm4, crashes frequently.
Whenever that happens, an ordinary user is completely helpless. No, they don't know how to open a terminal and restart it.
Sometimes the desktop gets stuck and it's impossible to logout or shutdown.
The desktop doesn't have a preview of file contents and labels are shortened radically.
The drag-and-drop interaction when interacting with files is unexpected and causes confusion, e.g. when dragging files to a folder within the filesystem, files get copied, not moved.
The sound level control is very complicated to use and not as elegant as in Gnome.

I have not looked at LXDE in much detail.
It appears to be very incomplete in terms of features, and does't seem like an alternative for demanding users.

My experience with KDE is mixed. I was a KDE user many years ago and I liked it. When incomplete KDE 4 came out, I had to switch to Gnome.
Now I've tried recent version 4.7. In the beginning I was very enthusiastic. I had the hope that I found what I was looking for, because a lot of things behave as I'd expect it.
But I quickly encountered frequent crashes.
Sorry guys. It's simply not acceptable to use unstable software for the central piece of computer interaction.

A group of people has started the Mate project, an understandable attempt to revive and maintain Gnome 2.
But it appears it's difficult to make Gnome 2 and Gnome 3 work right in parallel, and offer the full set of capabilities that Gnome 2 used to had, which effectively means to adjust and provide a large set of software around Gnome 2.
I honestly wish them good luck, but I'm not sure it's the right path, as attention focuses on the Gnome 3 libraries.

Then I heard about Mint Gnome Shell Extensions (MGSE), which is an attempt to "fix" Gnome 3 by adding workarounds to it.
That's what I'm using currently, but it was a mess to get installed correctly on Fedora.
I had to experiment with the shell extensions made available by Gnome on their own, with MGSE, and with some independent extensions published by third parties.
It was a mess to find a mix of extensions that is compatible with each other and provide a desktop experience as I expect it.
This is certainly not something an ordinary user can do.
I see this as a temporary workaround, feasible for me as a programmer, while I'm waiting for something better.

The most recent initiative I heard about is called Cinnamon.
This approach makes a lot of sense to me.

It uses the modern base libraries made available by the Gnome 3 project, so there is hope that it can be as reliable and as feature complete as Gnome 2 used to be.
It brings back the classic desktop interaction, list of open windows, area for system notifications, and panel starters.

There are a couple of things that don't work right yet.
The notification icons of some applications, such as the deja-dup backup tool, are not yet visible, apparently there is incompatibility between applications and the desktop environment. That's not surprising based on today's chaos of Desktop alternatives. I hope that can be fixed.
Cinnamon should fix the upper left mouse area and remove the desktop shuffle confusion.
Cinnamon should offer a mechanism to adjust the starter shortcuts shown on the desktop or the panel (something like the right mouse click, edit properties, command line) that we used to have in Gnome 2.
The integration of system control widgets needs to be completed and fixed.

Besides that, to me, Gnome 3 base plus Cinnamon appears to be the most reasonable initiative to fix the Linux desktop at this point of time.
While some convenience usability features are missing, at least the desktop is based on modern libraries and behaves according to my expectations

If you can, please support the Cinnamon project. I'm desperately waiting for it to be ready and available as the new default Linux desktop environment.

view entry ( 4375 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 2475 )

CA Knockout updated - version 0.2.5 
Sunday, September 11, 2011, 06:03 PM
Posted by Administrator
I've uploaded an updated version 0.2.5, please udpate as soon as possible. Besides an important bugfix, I've added a status information, that will report the version number of the revocation information that you have installed.

When you install this version, it will download the currently known knockout information.

https://kuix.de/ca-knockout/
view entry ( 2570 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 3934 )

Firefox Add-On: CA-Knockout 
Thursday, September 8, 2011, 09:07 PM
Posted by Administrator
We need a mechanism to dynamically revoke CA certificates from the Firefox browser (and other Mozilla software). We might see such a solution in the near future.

However, I would like to offer an immediate solution for those who are eagerly waiting for it. During the last two days I worked on a Firefox Add-On which doesn't require any new infrastructure. As of now it's compatible with Firefox 6 and later.

The idea is to dynamically deliver information to your browser, if CA certificates should no longer be trusted, and it can be effective immediately, without having to wait for a software update.

CA-Knockout is an Add-On which I have signed with my code signing certificate.

The Add-On will attempt to download the most recent information, which I currently host on my private server. The data that is download is also signed with my code signing certificate. The Add-On will ignore any data lacking a valid signature.

Another feature is manual import. If user's connections to my server are blocked (e.g. by a smart Man-In-The-Middle), this feature could be used to circumvent the blockade. Users might share the revocation data via other channels, like email, or direct file transfer. With the Add-On installed, open the Tools menu, select CA-Knockout / Import, and in the dialog that shows up, paste the data you have received. As of today, assuming there are no bugs in the Add-On, I'm the only one who is able to create a signed blob that will be accepted by the Add-On.

If you would like to try it, get the Add-On from https://kuix.de/ca-knockout/ – when installing, in the dialog that asks you to confirm the import, ensure it shows my name (Kai Engert). This tells you that the Add-On has been digitally signed by me. (Please update as soon as possible, initial version 0.2.1 contained a bug.)

In this initial version, the Add-On attempts to download just once per session, shortly after starting Firefox (each time you start Firefox). However, you should get notifications if it fails, and it should offer you to retry the download.

The initial data block that I have prepared is at http://kuix.de/ca-knockout/ca-knockout-latest.txt

It contains the same set of knockout certificates that were shipped with NSSCKBI 1.87 and is contained in Firefox 6.0.2

(Only for testing purposes, get Firefox 6, use a new profile, disable Firefox update checking, install the addon and allow it to import the knockout certs. From this time you should be similarly protected when visiting SSL/https sites running DigiNotar certificates. Remember to reenable Firefox update checking after testing.)

There is at least one usability disadvantage of the current implementation. Because the Add-On is restricted to use the features and APIs that are currently available in the Mozilla platform, in order to install the CA knockout certificates, the Add-On uses the same API that is used to install new CA certificates. This means, you will get a dialog asking you „do you want to trust this CA“, showing several checkboxes where you control which trust you would like to add. The default mode is all checkboxes off – which is good, which is what we want. In order to benefit from the Add-On, you must manually confirm with OK each of the knockout certificates that the Add-On wants to download.

Note that it will try to protect confused users. If a user checks any of the checkboxes, the Add-On will automatically remove that trust after import.

I would like to see many users try this. Who knows, maybe we'll see CA disasters in the near future, before software vendors can implement a better mechanism into their core products? If we do, I'll try to give you updated revocation blobs as soon as I can.

Please try it out and let me know what you think.

Disclaimer: I did this as a private project. Provided as is. Provided under MPL license. No guarantees. Add-On might contain evil bugs. If you can, please look at the code and let me know what you think and report bugs. Also, if you decide to use it, please come back and check for updates – there is no automatic update mechanism. I might host it on the official Add-Ons site later, should feedback be positive.

Good luck,
Kai

view entry ( 3910 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 2822 )


<<First <Back | 1 | 2 | 3 | 4 | 5 | Next> Last>>