ERROR_ENTRY(N_("Function was interrupted."), GNUTLS_E_INTERRUPTED),
ERROR_ENTRY(N_("Rehandshake was requested by the peer."),
GNUTLS_E_REHANDSHAKE),
+ ERROR_ENTRY(N_("One of the involved algorithms has insufficient security level."),
+ GNUTLS_E_INSUFFICIENT_SECURITY),
{NULL, NULL, 0}
};
}
+#define OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA 1
+
/**
* gnutls_pubkey_verify_data2:
* @pubkey: Holds the public key
* @algo: The signature algorithm used
- * @flags: Zero or one of %gnutls_pubkey_flags_t
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
* @data: holds the signed data
* @signature: contains the signature
*
* parameters from the certificate.
*
* Returns: In case of a verification failure %GNUTLS_E_PK_SIG_VERIFY_FAILED
- * is returned, and zero or positive code on success.
+ * is returned, and zero or positive code on success. For known to be insecure
+ * signatures this function will return %GNUTLS_E_INSUFFICIENT_SECURITY unless
+ * the flag %GNUTLS_VERIFY_ALLOW_BROKEN is specified.
*
* Since: 3.0
**/
return GNUTLS_E_INVALID_REQUEST;
}
- if (flags & GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA)
+ if (flags & OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA || flags & GNUTLS_VERIFY_USE_TLS1_RSA)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
me = hash_to_entry(gnutls_sign_get_hash_algorithm(algo));
data, signature, &pubkey->params);
if (ret < 0) {
gnutls_assert();
+ return ret;
+ }
+
+ if (!(flags & GNUTLS_VERIFY_ALLOW_BROKEN)) {
+ if (gnutls_sign_is_secure(algo) == 0) {
+ return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_SECURITY);
+ }
}
return ret;
* gnutls_pubkey_verify_hash2:
* @key: Holds the public key
* @algo: The signature algorithm used
- * @flags: Zero or one of %gnutls_pubkey_flags_t
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
* @hash: holds the hash digest to be verified
* @signature: contains the signature
*
return GNUTLS_E_INVALID_REQUEST;
}
- if (flags & GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA) {
+ if (flags & OLD_PUBKEY_VERIFY_FLAG_TLS1_RSA || flags & GNUTLS_VERIFY_USE_TLS1_RSA) {
return _gnutls_pk_verify(GNUTLS_PK_RSA, hash, signature,
&key->params);
} else {
#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS_RSA GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA
/**
* gnutls_pubkey_flags:
- * @GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA: This indicates that a (raw) RSA signature is provided
- * as in the TLS 1.0 protocol.
* @GNUTLS_PUBKEY_DISABLE_CALLBACKS: The following flag disables call to PIN callbacks. Only
* relevant to TPM keys.
* @GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT: request an OPENPGP fingerprint instead of the default.
* Enumeration of different certificate import flags.
*/
typedef enum gnutls_pubkey_flags {
- GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA = 1,
GNUTLS_PUBKEY_DISABLE_CALLBACKS = 1 << 2,
GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT = 1 << 3
} gnutls_pubkey_flags_t;
+#define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA
+
typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
void *userdata,
const gnutls_datum_t *
#define GNUTLS_E_BAD_COOKIE -214
#define GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR -215
#define GNUTLS_E_INCOMPAT_DSA_KEY_WITH_TLS_PROTOCOL -216
+#define GNUTLS_E_INSUFFICIENT_SECURITY -217
#define GNUTLS_E_HEARTBEAT_PONG_RECEIVED -292
#define GNUTLS_E_HEARTBEAT_PING_RECEIVED -293
* using the broken MD2 algorithm.
* @GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5: Allow certificates to be signed
* using the broken MD5 algorithm.
+ * @GNUTLS_VERIFY_ALLOW_BROKEN: Allow certificates to be signed
+ * using any broken algorithm.
* @GNUTLS_VERIFY_DISABLE_TIME_CHECKS: Disable checking of activation
* and expiration validity periods of certificate chains. Don't set
* this unless you understand the security implications.
* using certificate revocation lists or the available OCSP data.
* @GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS: When including a hostname
* check in the verification, do not consider any wildcards.
+ * @GNUTLS_VERIFY_USE_TLS1_RSA: This indicates that a (raw) RSA signature is provided
+ * as in the TLS 1.0 protocol. Not all functions accept this flag.
*
* Enumeration of different certificate verify flags. Additional
* verification profiles can be set using GNUTLS_PROFILE_TO_VFLAGS()
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN = 1 << 10,
GNUTLS_VERIFY_DO_NOT_ALLOW_UNSORTED_CHAIN = 1 << 11,
GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 << 12,
+ GNUTLS_VERIFY_USE_TLS1_RSA = 1 << 13
/* cannot exceed 2^24 due to GNUTLS_PROFILE_TO_VFLAGS() */
} gnutls_certificate_verify_flags;
+#define GNUTLS_VERIFY_ALLOW_BROKEN (GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2|GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5)
+
/**
* gnutls_certificate_verification_profiles_t:
* @GNUTLS_PROFILE_VERY_WEAK: A verification profile that
* @signer: the certificate believe to have signed the structure
* @idx: the index of the signature info to check
* @data: The data to be verified or %NULL
- * @flags: Should be zero
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
*
* This function will verify the provided data against the signature
* present in the SignedData of the PKCS #7 structure. If the data
return gnutls_assert_val(ret);
}
- ret = gnutls_x509_crt_verify_data2(signer, info.algo, 0, &sigdata, &info.sig);
+ ret = gnutls_x509_crt_verify_data2(signer, info.algo, flags, &sigdata, &info.sig);
if (ret < 0) {
gnutls_assert();
}
* @vdata_size: the number of data elements
* @idx: the index of the signature info to check
* @data: The data to be verified or %NULL
- * @flags: Should be zero
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
*
* This function will verify the provided data against the signature
* present in the SignedData of the PKCS #7 structure. If the data
signer = find_signer(pkcs7, tl, vdata, vdata_size, &info);
if (signer) {
- ret = gnutls_x509_crt_verify_data2(signer, info.algo, 0, &sigdata, &info.sig);
+ ret = gnutls_x509_crt_verify_data2(signer, info.algo, flags, &sigdata, &info.sig);
if (ret < 0) {
gnutls_assert();
}
* gnutls_x509_crt_verify_data2:
* @crt: Holds the certificate to verify with
* @algo: The signature algorithm used
- * @flags: Must be zero
+ * @flags: Zero or an OR list of #gnutls_certificate_verify_flags
* @data: holds the signed data
* @signature: contains the signature
*
projects / thirdparty / gnutls.git / commitdiff
