.id = GNUTLS_MAC_RMD160,
.output_size = 20,
.key_size = 20,
- .block_size = 64},
+ .block_size = 64
+ },
{.name = "GOSTR341194",
.oid = HASH_OID_GOST_R_3411_94,
.mac_oid = MAC_OID_GOST_R_3411_94,
.id = GNUTLS_MAC_GOSTR_94,
.output_size = 32,
.key_size = 32,
- .block_size = 32},
+ .block_size = 32,
+ .flags = GNUTLS_MAC_FLAG_PREIMAGE_INSECURE
+ },
{.name = "STREEBOG-256",
.oid = HASH_OID_STREEBOG_256,
.mac_oid = MAC_OID_STREEBOG_256,
gnutls_privkey_t key;
gnutls_pubkey_t pub = NULL;
char param_name[32];
+ unsigned vflags = 0;
if (pk == GNUTLS_PK_EC || pk == GNUTLS_PK_GOST_01 ||
pk == GNUTLS_PK_GOST_12_256 || pk == GNUTLS_PK_GOST_12_512) {
snprintf(param_name, sizeof(param_name), "%s",
gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
(bits)));
+
+ if (sigalgo == GNUTLS_SIGN_GOST_94)
+ vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
} else {
snprintf(param_name, sizeof(param_name), "%u", bits);
}
}
ret =
- gnutls_pubkey_verify_data2(pub, sigalgo, 0,
+ gnutls_pubkey_verify_data2(pub, sigalgo, vflags,
&signed_data, &sig);
if (ret < 0) {
ret = GNUTLS_E_SELF_TEST_ERROR;
}
ret =
- gnutls_pubkey_verify_data2(pub, sigalgo, 0,
+ gnutls_pubkey_verify_data2(pub, sigalgo, vflags,
&bad_data, &sig);
if (ret != GNUTLS_E_PK_SIG_VERIFY_FAILED) {
gnutls_pubkey_t pub = NULL;
gnutls_privkey_t key;
char param_name[32];
+ unsigned vflags = 0;
if (pk == GNUTLS_PK_EC || pk == GNUTLS_PK_GOST_01 ||
pk == GNUTLS_PK_GOST_12_256 || pk == GNUTLS_PK_GOST_12_512) {
snprintf(param_name, sizeof(param_name), "%s",
gnutls_ecc_curve_get_name(GNUTLS_BITS_TO_CURVE
(bits)));
+ if (dig == GNUTLS_DIG_GOSTR_94)
+ vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
} else {
snprintf(param_name, sizeof(param_name), "%u", bits);
}
}
ret =
- gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), 0,
+ gnutls_pubkey_verify_data2(pub, gnutls_pk_to_sign(pk, dig), vflags,
&signed_data, &ssig);
if (ret < 0) {
ret = GNUTLS_E_SELF_TEST_ERROR;
Not Before: Fri Aug 17 06:47:36 UTC 2012
Not After: Sat Aug 17 06:47:36 UTC 2013
Subject: CN=SuperTerm0000001,OU=SuperPlat Terminals,O=SuperPlat,L=Moscow,ST=Russia,C=RU
-error importing public key: The curve is unsupported
Subject Public Key Algorithm: GOST R 34.10-2001
+ Algorithm Security Level: High (256 bits)
+ Curve: CryptoPro-A
+ Digest: GOSTR341194
+ ParamSet: CryptoPro-A
+ X:
+ e0:35:f2:a8:40:cf:ea:25:63:b5:c1:eb:fa:fd:1d:7f
+ 45:d6:2a:31:96:56:35:75:25:19:f6:62:69:db:da:eb
+ Y:
+ 57:41:b2:c1:e2:1f:7b:d0:13:c8:dd:eb:9f:ba:cb:42
+ a3:63:c7:0b:f4:e9:24:d7:dd:e9:34:8d:12:18:67:d8
Extensions:
Basic Constraints (not critical):
Certificate Authority (CA): FALSE
Authority Key Identifier (not critical):
9875a3b785c1641b23344d9bfbae0c2a256b44eb
Signature Algorithm: GOSTR341001
+warning: signed using a broken signature algorithm that can be forged.
Signature:
8f:37:24:fd:be:f0:37:d9:f3:1a:5c:31:5e:33:ef:35
61:93:07:03:3d:4d:e8:2c:1b:39:a2:6c:d4:2f:85:35
Fingerprint:
sha1:621f34c4fdd7e93f9b8f18224ba0bcd1c63a4771
sha256:ac6ecf4e7a876edf3e61f538d6061353c2015bfbdf60370492f7404d7f09e13a
+ Public Key ID:
+ sha1:43757042dae9e9f5fa92cc2d2cbf4950f28a7bd0
+ sha256:cee4a59e7803bafb101af8e39e5355d7895e3b85e7616fe624d48f2c51e8bdbf
+ Public Key PIN:
+ pin-sha256:zuSlnngDuvsQGvjjnlNV14leO4XnYW/mJNSPLFHovb8=
-----BEGIN CERTIFICATE-----
MIICXjCCAgugAwIBAgICAR8wCgYGKoUDAgIDBQAwdDELMAkGA1UEBhMCUlUxDzAN
Authority Key Identifier (not critical):
9875a3b785c1641b23344d9bfbae0c2a256b44eb
Signature Algorithm: GOSTR341001
+warning: signed using a broken signature algorithm that can be forged.
Signature:
8f:37:24:fd:be:f0:37:d9:f3:1a:5c:31:5e:33:ef:35
61:93:07:03:3d:4d:e8:2c:1b:39:a2:6c:d4:2f:85:35
1.2.643.100.113.2
2.5.29.32.0
Signature Algorithm: GOSTR341001
+warning: signed using a broken signature algorithm that can be forged.
Signature:
bd:95:dd:5f:3a:2b:74:a5:29:62:20:c2:24:a8:8b:a0
13:1a:21:f5:4a:d6:2e:b1:3f:f5:50:e9:96:a0:a2:c9
${VALGRIND} "${CERTTOOL}" --p7-verify --load-certificate "${srcdir}/../../doc/credentials/x509/cert-gost01.pem" <"${OUTFILE}"
rc=$?
+ if test "${rc}" != "1"; then
+ echo "${FILE}: PKCS7 struct signing succeeded verification with broken algo"
+ exit ${rc}
+ fi
+
+ FILE="gost01-signing-verify"
+ ${VALGRIND} "${CERTTOOL}" --p7-verify --verify-allow-broken --load-certificate "${srcdir}/../../doc/credentials/x509/cert-gost01.pem" <"${OUTFILE}"
+ rc=$?
+
if test "${rc}" != "0"; then
echo "${FILE}: PKCS7 struct signing failed verification"
exit ${rc}
gnutls_pubkey_t pubkey;
gnutls_datum_t signature;
gnutls_digest_algorithm_t digest;
+ unsigned vflags = 0;
assert(gnutls_privkey_init(&privkey) >= 0);
if (ret < 0)
fail("gnutls_pubkey_get_preferred_hash_algorithm\n");
+ if (digest == GNUTLS_DIG_GOSTR_94)
+ vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
+
/* sign arbitrary data */
ret = gnutls_privkey_sign_data(privkey, digest, 0,
&raw_data, &signature);
/* verify data */
ret = gnutls_pubkey_verify_data2(pubkey, gnutls_pk_to_sign(gnutls_pubkey_get_pk_algorithm(pubkey, NULL),digest),
- 0, &raw_data, &signature);
+ vflags, &raw_data, &signature);
if (ret < 0)
fail("gnutls_pubkey_verify_data2\n");
CHECK_INSECURE_SIG(GNUTLS_SIGN_RSA_MD5);
CHECK_INSECURE_SIG(GNUTLS_SIGN_RSA_MD2);
+ CHECK_INSECURE_SIG(GNUTLS_SIGN_GOST_94);
for (i=1;i<GNUTLS_SIGN_MAX;i++) {
#ifndef ALLOW_SHA1
if (i==GNUTLS_SIGN_RSA_SHA1||i==GNUTLS_SIGN_DSA_SHA1||i==GNUTLS_SIGN_ECDSA_SHA1)
continue;
#endif
- if (i==GNUTLS_SIGN_RSA_MD5||i==GNUTLS_SIGN_RSA_MD2||i==GNUTLS_SIGN_UNKNOWN)
+ if (i==GNUTLS_SIGN_GOST_94||i==GNUTLS_SIGN_RSA_MD5||i==GNUTLS_SIGN_RSA_MD2||i==GNUTLS_SIGN_UNKNOWN)
continue;
/* skip any unused elements */
if (gnutls_sign_algorithm_get_name(i)==NULL)
{ "rsa pss: chain with changing hashes - ok", rsa_pss_chain_sha512_sha384_sha256_ok, &rsa_pss_chain_sha512_sha384_sha256_ok[3], 0, 0, 0, 1501159136},
{ "no subject id: chain with missing subject id, but valid auth id - ok", chain_with_no_subject_id_in_ca_ok, &chain_with_no_subject_id_in_ca_ok[4], 0, 0, 0, 1537518468},
#ifdef ENABLE_GOST
- { "gost 34.10-01 - ok", gost01, &gost01[2], 0, 0, 0, 1466612070, 1},
- { "gost 34.10-01 - not ok (due to profile)", gost01, &gost01[2], GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA),
+ { "gost 34.10-01 - ok", gost01, &gost01[2], GNUTLS_VERIFY_ALLOW_BROKEN, 0, 0, 1466612070, 1},
+ { "gost 34.10-01 - not ok (due to gostr94)", gost01, &gost01[2], 0,
+ GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1466612070, 1},
+ { "gost 34.10-01 - not ok (due to profile)", gost01, &gost01[2], GNUTLS_VERIFY_ALLOW_BROKEN|GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_ULTRA),
GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1466612070, 1},
{ "gost 34.10-12-256 - ok", gost12_256, &gost12_256[0], 0, 0, 0, 1466612070, 1},
{ "gost 34.10-12-512 - ok", gost12_512, &gost12_512[0], 0, 0, 0, 1466612070, 1},
vflags |= GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1;
} else if (hash == GNUTLS_DIG_SHA256)
hash_data = &sha256_data;
- else if (hash == GNUTLS_DIG_GOSTR_94)
+ else if (hash == GNUTLS_DIG_GOSTR_94) {
hash_data = &gostr94_data;
- else if (hash == GNUTLS_DIG_STREEBOG_256)
+ vflags |= GNUTLS_VERIFY_ALLOW_BROKEN;
+ } else if (hash == GNUTLS_DIG_STREEBOG_256)
hash_data = &streebog256_data;
else if (hash == GNUTLS_DIG_STREEBOG_512)
hash_data = &streebog512_data;
projects / thirdparty / gnutls.git / commitdiff
