View Issue Details

IDProjectCategoryView StatusLast Update
0003268UAImplementation Bugpublic2016-05-04 07:17
ReporterBernd Edlinger Assigned Touser319 
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Summary0003268: AnsiC stack uses SHA1 for explicit trust check
Description

The function OpcUa_P_OpenSSL_CertificateStore_IsExplicitlyTrusted
uses only SHA1 to check if a certificate is in the explicit trust list.

That is not sufficient, we should binary compare the certificates
with X509_cmp for instance.

Note: SHA1 is broken.

TagsNo tags attached.
Fix Due Date

Activities

user319

2016-05-04 07:17

  ~0006859

fixed in 1.03.340
Certificates have to be binary identical to be trusted.

Issue History

Date Modified Username Field Change
2016-01-13 10:07 Bernd Edlinger New Issue
2016-05-04 07:16 user319 Assigned To => user319
2016-05-04 07:16 user319 Status new => acknowledged
2016-05-04 07:17 user319 Note Added: 0006859
2016-05-04 07:17 user319 Status acknowledged => resolved
2016-05-04 07:17 user319 Resolution open => fixed