quassel-core generates an insecure certificate upon installation
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | quassel (Ubuntu) |
Undecided
|
Unassigned | ||
Bug Description
After installation, quassel-core generates a 1024-bit certificate using the SHA1 hash. Both of these are considered deprecated and somewhat insecure. The attached patch updates the postinst script to generate a 4096-bit certificate using the SHA256 hash instead.
The SHA256 certificate will not cause any compatibility problems because OpenSSL 1.0.0 and later support SHA256 certificates. All supported versions of Ubuntu and Debian have at least 1.0.1 and the supported Windows and Mac builds of Quassel are additionally compiled with a recent enough version to support the SHA256 certificate.
Related branches
| Michael Marley (mamarley) wrote : | #1 |
| summary: |
- Quasselcore generates an insecure certificate upon installation + quassel-core generates an insecure certificate upon installation |
| information type: | Public → Public Security |
| Felix Geyer (debfx) wrote : | #3 |
As it's self signed certificate the signature hash algorithm doesn't matter much.
4096 bit seems a bit excessive, no?
Slightly offtopic:
Quassel stores the md5sum of certs the user has accepted. That's probably a bad idea.
| Michael Marley (mamarley) wrote : | #4 |
While having a 4096-bit certificate is not necessary in order to be secure, its only disadvantages are taking longer to generate (which I don't think is much of an issue because it doesn't get regenerated very often) and taking slightly longer for the handshake (which is practically negligible on modern computers).
Yes, saving the md5 of the accepted certs is a bad idea. I will fix that.
| Scott Kitterman (kitterman) wrote : Re: [Bug 1455990] Re: quassel-core generates an insecure certificate upon installation | #5 |
On Monday, May 18, 2015 09:14:12 PM you wrote:
> While having a 4096-bit certificate is not necessary in order to be
> secure, its only disadvantages are taking longer to generate (which I
> don't think is much of an issue because it doesn't get regenerated very
> often) and taking slightly longer for the handshake (which is
> practically negligible on modern computers).
>
> Yes, saving the md5 of the accepted certs is a bad idea. I will fix
> that.
People run quassel cores on very minimal systems and so I don't think you can
say it's necessarily negligible. If the work someone is doing is so sensitive
that a 2048 bit key is not sufficient, then it probably shouldn't be on IRC.
2048 bit keys are sufficient that there's usually easier ways to get the
information [1]. Let's not go overboard.
| Michael Marley (mamarley) wrote : | #6 |
OK, here is a patch for 2048-bit certificates. I also discovered that OpenSSL generates the SHA256 hash automatically now, so there is no need to specify that explicitly.
| Launchpad Janitor (janitor) wrote : | #7 |
This bug was fixed in the package quassel - 0.12.2-0ubuntu1
---------------
quassel (0.12.2-0ubuntu1) wily; urgency=medium
* Generate a 2048-bit cert. (LP: #1455990)
-- Michael Marley <email address hidden> Sun, 17 May 2015 18:58:08 -0400
| Changed in quassel (Ubuntu): | |
| status: | New → Fix Released |
The attachment "certificate.
[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.]