pidgin/pidgin

certificate: Use public key fingerprint to compare certificates
release-2.x.y
2017-03-07, dx
887efbd652d8
certificate: Use public key fingerprint to compare certificates

This fixes an issue with google talk's certificates and gnutls, where the root
certificate in the provided chain is a slightly different version of the one
that is usually present in the certificate stores, but the SubjectPublicKeyInfo
section is the same.

This adds a PurpleCertificateScheme function, compare_pubkeys, and its wrapper
purple_certificate_compare_pubkeys().

This is only implemented for gnutls, since the NSS plugin only uses the NSS
certificate validation code. Even if that path was reachable from a plugin that
doesn't implement this method, it would return FALSE and behave as if this bug
was never fixed.

The gnutls implementation uses the gnutls_x509_crt_get_key_id() function,
which returns a hash of the SubjectPublicKeyInfo section of the certificate.

In gnutls versions older than 3.4.1, this may be a SHA1 hash, but after that
version SHA256 support was added (without much fanfare - the documentation
barely mentions this at all), and we just use the constant for the best known
algo, which for current versions is just SHA256. Older versions ignore that
flag parameter.

The whole comparison is modeled after the private _gnutls_check_if_same_key(),
which checks if both certificates have the same DN ("unique id") and does a
memcmp() of the raw SPKI section. We don't have direct access to the raw SPKI
section but comparing their fingerprints is good enough.
/**
* @file ntlm.h
*/
/* purple
*
* Copyright (C) 2005, Thomas Butter <butter@uni-mannheim.de>
*
* ntlm structs are taken from NTLM description on
* http://www.innovation.ch/java/ntlm.html
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
*/
#ifndef _PURPLE_NTLM_H
#define _PURPLE_NTLM_H
#ifdef __cplusplus
extern "C" {
#endif
/**
* Generates the base64 encoded type 1 message needed for NTLM authentication
*
* @param hostname Your hostname
* @param domain The domain to authenticate to
* @return base64 encoded string to send to the server. This should
* be g_free'd by the caller.
*/
gchar *purple_ntlm_gen_type1(const gchar *hostname, const gchar *domain);
/**
* Parses the ntlm type 2 message
*
* @param type2 String containing the base64 encoded type2 message
* @param flags If not @c NULL, this will store the flags for the message
*
* @return The nonce for use in message type3. This is a statically
* allocated 8 byte binary string.
*/
guint8 *purple_ntlm_parse_type2(const gchar *type2, guint32 *flags);
/**
* Generates a type3 message
*
* @param username The username
* @param passw The password
* @param hostname The hostname
* @param domain The domain to authenticate against
* @param nonce The nonce returned by purple_ntlm_parse_type2
* @param flags Pointer to the flags returned by purple_ntlm_parse_type2
* @return A base64 encoded type3 message. This should be g_free'd by
* the caller.
*/
gchar *purple_ntlm_gen_type3(const gchar *username, const gchar *passw, const gchar *hostname, const gchar *domain, const guint8 *nonce, guint32 *flags);
#ifdef __cplusplus
}
#endif
#endif /* _PURPLE_NTLM_H */