Third-Party Audit of Rustls

栏目: IT技术 · 发布时间: 5年前

内容简介:In May and June 2020, Cure53 completed an audit ofFirst off, though, Dirkjan Ochtman (of theThe

Third-party audit of rustls

In May and June 2020, Cure53 completed an audit of ring , webpki , and rustls . Their report ( PDF ) fully describes the audit, and makes for interesting reading.

First off, though, Dirkjan Ochtman (of the Quinn project) deserves a great deal of thanks for ultimately making this happen. We first discussed the possibility of an audit like this at RustFest Paris 2018. He worked with great determination for almost two years to secure a sponsor. Thanks Dirkjan!

The Cloud Native Computing Foundation (a part of the Linux Foundation) funded this audit, at the request of Buoyant who use rustls in the data plane of linkerd . So further thanks are due to Chris Aniszczyk of the Linux Foundation, and Oliver Gould of Buoyant for their support of these projects.

Finally, thanks to the staff at Cure53 for being a pleasure to work with.

Highlights

Some choice quotes:

“[..] the team of auditors considered the general code quality really good and can attest to a solid impression left consistently by all scope items”

“Both from a design point of view as from an implementation perspective the entire scope can be considered of exceptionally high standard .”

“The developer’s intent to provide a high-quality TLS implementation is very clear and this goal can be considered as achieved successfully .”

“Minor recommendations here and there are always possible for any project, but this does not change the fact that there is really not much to improve at rustls. Cure53 had the rare pleasure of being incredibly impressed with the presented software .”

Findings

There were two informational and two minor-severity findings. See the report for the full details. The discussion below reflects my opinion on these issues.

TLS-01-001 - Formally Verified Cryptography Recommendations (info)

This finding suggests ring uses formally verified cryptography implementations from the EverCrypt project. It’s hard to argue against formal verification of foundational cryptography code. It’s worth noting here that ring does already use a formally verified curve25519 implementation (from the fiat-crypto project).

TLS-01-002 - Unchecked usage of unwrap (info)

This finding relates to instances of unwrap() that were free of panics, but where it was too hard to reason that this was the case. The reasoning spanned several different modules, which itself is a readability and maintenance hazard. The code in question has been improved as a result.

TLS-01-003 - Support for Non-Contiguous Subnet Masks (low)

This finding relates to certificate name constraints expressed as a space of IP addresses as specified in RFC5280 . The RFC doesn’t specify any constraints on network masks, but it does seem sensible to disallow sparse masks.

TLS-01-004 - Data Truncation in DER Encoding Implementation (low)

This finding rightly points out a function in rustls that produces incorrect output when applied to an X.501 Name that is larger than 64KB. While that’s an exceedingly unlikely case, and the bug does not cause unsafe operation (but perhaps connection failure), the function has been corrected to produce valid output for all inputs.

Conclusion

As with other forms of software testing, ultimately a third-party audit can only show the presence of defects but not their absence. With that said, the positive feedback in the report and the low severity of these findings are certainly encouraging.


以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

CSS实战精粹

CSS实战精粹

(美)克拉夫特 / 李方进 / 电子工业 / 2008-1 / 59.80元

《CSS实战精粹》囊括了CSS工作原理的所有细节,主要介绍了能够在项目中使用的具体CSS设计技巧,包括CSS布局、创建一般页面元素以及如何排版从而使内容兼具可读性和艺术性。另外,《CSS实战精粹》还讨论了CSS中一些常见的问题,给出了一些解决办法。一起来看看 《CSS实战精粹》 这本书的介绍吧!

JS 压缩/解压工具
JS 压缩/解压工具

在线压缩/解压 JS 代码

RGB转16进制工具
RGB转16进制工具

RGB HEX 互转工具

SHA 加密
SHA 加密

SHA 加密工具