]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
DSA signatures and DHE-DSS are disabled by default
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 3 Mar 2015 08:31:16 +0000 (09:31 +0100)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 3 Mar 2015 08:31:17 +0000 (09:31 +0100)
DSA was an algorithm that was never deployed on the Internet
and had, until very recently, several limitations such as
restriction of its keys to 1024 bits, SHA1-only etc. Given
that there are literally 0 internet (HTTPS) certificates using
DSA, there is no point to enable it by default and increase
our attack surface.

lib/gnutls_priority.c

index 37f488bce2996dcc107ec5d03e9c9360f1fd3467..1727dd2a7401519c7de357fe9d7586c40b277dac 100644 (file)
@@ -181,7 +181,6 @@ static const int _kx_priority_performance[] = {
 #endif
 #ifdef ENABLE_DHE
        GNUTLS_KX_DHE_RSA,
-       GNUTLS_KX_DHE_DSS,
 #endif
        0
 };
@@ -194,7 +193,6 @@ static const int _kx_priority_pfs[] = {
 #endif
 #ifdef ENABLE_DHE
        GNUTLS_KX_DHE_RSA,
-       GNUTLS_KX_DHE_DSS,
 #endif
        0
 };
@@ -221,7 +219,6 @@ static const int _kx_priority_secure[] = {
         */
 #ifdef ENABLE_DHE
        GNUTLS_KX_DHE_RSA,
-       GNUTLS_KX_DHE_DSS,
 #endif
        /* GNUTLS_KX_ANON_DH: Man-in-the-middle prone, don't add!
         */
@@ -336,7 +333,6 @@ static const int comp_priority[] = {
 
 static const int _sign_priority_default[] = {
        GNUTLS_SIGN_RSA_SHA256,
-       GNUTLS_SIGN_DSA_SHA256,
        GNUTLS_SIGN_ECDSA_SHA256,
 
        GNUTLS_SIGN_RSA_SHA384,
@@ -346,11 +342,9 @@ static const int _sign_priority_default[] = {
        GNUTLS_SIGN_ECDSA_SHA512,
 
        GNUTLS_SIGN_RSA_SHA224,
-       GNUTLS_SIGN_DSA_SHA224,
        GNUTLS_SIGN_ECDSA_SHA224,
 
        GNUTLS_SIGN_RSA_SHA1,
-       GNUTLS_SIGN_DSA_SHA1,
        GNUTLS_SIGN_ECDSA_SHA1,
        0
 };
@@ -371,7 +365,6 @@ static const int* sign_priority_suiteb192 = _sign_priority_suiteb192;
 
 static const int _sign_priority_secure128[] = {
        GNUTLS_SIGN_RSA_SHA256,
-       GNUTLS_SIGN_DSA_SHA256,
        GNUTLS_SIGN_ECDSA_SHA256,
        GNUTLS_SIGN_RSA_SHA384,
        GNUTLS_SIGN_ECDSA_SHA384,