x509/verify: reject SHA1 in signature algorithms for certificate verification

That is, we now use gnutls_sign_is_secure2() with GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
flag for checking the validity of the signature algorithm, when
verifying signatures in certificates.

Resolves #229

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/x509/output.c b/lib/x509/output.c
index b12c4890e4b92c716733971fea2cc880f8705ce9..ac652fee1895fb41b58f4c789be4ba580ae5300d 100644 (file)
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1635,7 +1635,7 @@ print_cert(gnutls_buffer_st * str, gnutls_x509_crt_t cert,
 
                print_crt_sig_params(str, cert, format);
 
-               if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) {
+               if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {
                        adds(str,
                             _("warning: signed using a broken signature "
                               "algorithm that can be forged.\n"));
@@ -1862,7 +1862,7 @@ static void print_oneline(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
                else
                        p = name;
 
-               if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure( err) == 0)
+               if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0)
                        addf(str, _("signed using %s (broken!), "), p);
                else
                        addf(str, _("signed using %s, "), p);
@@ -2279,7 +2279,7 @@ print_crl(gnutls_buffer_st * str, gnutls_x509_crl_t crl, int notsigned)
                addf(str, _("\tSignature Algorithm: %s\n"), p);
                gnutls_free(name);
 
-               if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) {
+               if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {
                        adds(str,
                             _("warning: signed using a broken signature "
                               "algorithm that can be forged.\n"));

diff --git a/lib/x509/verify.c b/lib/x509/verify.c
index e27c5dfdaa6256b1fa66ed185751afe770a57d83..002fac6f2acbcbdacc9e996db5e081a06ec17af3 100644 (file)
--- a/lib/x509/verify.c
+++ b/lib/x509/verify.c
@@ -782,7 +782,7 @@ verify_crt(gnutls_x509_crt_t cert,
                 * used are secure. If the certificate is self signed it doesn't
                 * really matter.
                 */
-               if (gnutls_sign_is_secure(sigalg) == 0 &&
+               if (gnutls_sign_is_secure2(sigalg, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0 &&
                    _gnutls_is_broken_sig_allowed(sigalg, flags) == 0 &&
                    is_issuer(cert, cert) == 0) {
                        MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);