From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Tue, 30 May 2017 08:13:16 +0000 (+0200)
Subject: gnutls_pubkey_verify_data2: do not utilize GNUTLS_VERIFY_USE_RSA_PSS
X-Git-Tag: gnutls_3_6_0~506
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7586209b70da3ad3eb8d64cdfba361d19024d5cf;p=thirdparty%2Fgnutls.git

gnutls_pubkey_verify_data2: do not utilize GNUTLS_VERIFY_USE_RSA_PSS

This flag is not required for verification since the signature algorithm
is sufficient to detect RSA-PSS without requiring any flags.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---

diff --git a/lib/includes/gnutls/abstract.h b/lib/includes/gnutls/abstract.h
index dec5db4e3f..2182a96597 100644
--- a/lib/includes/gnutls/abstract.h
+++ b/lib/includes/gnutls/abstract.h
@@ -52,7 +52,6 @@ typedef enum gnutls_pubkey_flags {
 } gnutls_pubkey_flags_t;
 
 #define GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA GNUTLS_VERIFY_USE_TLS1_RSA
-#define GNUTLS_PUBKEY_VERIFY_FLAG_RSA_PSS GNUTLS_VERIFY_USE_RSA_PSS
 
 typedef int (*gnutls_privkey_sign_func) (gnutls_privkey_t key,
 					 void *userdata,
diff --git a/lib/includes/gnutls/x509.h b/lib/includes/gnutls/x509.h
index cc30a5fd6c..b67e7c0271 100644
--- a/lib/includes/gnutls/x509.h
+++ b/lib/includes/gnutls/x509.h
@@ -964,8 +964,7 @@ typedef enum gnutls_certificate_verify_flags {
 	GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS = 1 << 12,
 	GNUTLS_VERIFY_USE_TLS1_RSA = 1 << 13,
 	GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONS = 1 << 14,
-	GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 = 1 << 15,
-	GNUTLS_VERIFY_USE_RSA_PSS = 1 << 16
+	GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1 = 1 << 15
 	/* cannot exceed 2^24 due to GNUTLS_PROFILE_TO_VFLAGS() */
 } gnutls_certificate_verify_flags;
 
diff --git a/lib/pubkey.c b/lib/pubkey.c
index e7ad16d60c..f3d72a807a 100644
--- a/lib/pubkey.c
+++ b/lib/pubkey.c
@@ -1626,13 +1626,22 @@ gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey,
 
 	memcpy(&params, &pubkey->params.sign, sizeof(gnutls_x509_spki_st));
 
-	params.pk = pubkey->pk_algorithm;
+	params.pk = gnutls_sign_get_pk_algorithm(algo);
 	params.dig = gnutls_sign_get_hash_algorithm(algo);
 	me = hash_to_entry(params.dig);
 	if (me == NULL)
 		return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
-	if (flags & GNUTLS_VERIFY_USE_RSA_PSS) {
+	if (params.pk != pubkey->pk_algorithm) {
+		if (!gnutls_sign_supports_pk_algorithm(algo, pubkey->pk_algorithm)) {
+			_gnutls_debug_log("have key: %s/%d, with sign %s/%d\n",
+					gnutls_pk_get_name(pubkey->pk_algorithm), pubkey->pk_algorithm,
+					gnutls_sign_get_name(algo), algo);
+			return gnutls_assert_val(GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY);
+		}
+	}
+
+	if (params.pk == GNUTLS_PK_RSA_PSS) {
 		unsigned bits;
 
 		if (!GNUTLS_PK_IS_RSA(pubkey->pk_algorithm))
@@ -1645,7 +1654,6 @@ gnutls_pubkey_verify_data2(gnutls_pubkey_t pubkey,
 			gnutls_pubkey_get_pk_algorithm(pubkey, &bits);
 			params.salt_size = _gnutls_find_rsa_pss_salt_size(bits, me, 0);
 		}
-		params.pk = GNUTLS_PK_RSA_PSS;
 	}
 
 	ret = pubkey_verify_data(params.pk, me, data, signature, &pubkey->params,