diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-08-10 08:34:57 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2016-08-10 08:53:56 +0200 |
commit | 4d50912b0a812f27183e028bd973854e21771751 (patch) | |
tree | 865cefafbc281f63141b412fd5ad68ea1e2f36c8 | |
parent | f310cda689c3068d6da7798192977ccedc6cc8a3 (diff) | |
download | gnutls-4d50912b0a812f27183e028bd973854e21771751.tar.gz |
Prohibit DSA-224 and DSA-256 from being used as signature algorithms with gcrypt
There are interoperability issues with them under gcrypt and this algorithm
never got any serious deployment (in addition to not being specified to
be used with TLS). Thus disable.
-rw-r--r-- | NEWS | 4 | ||||
-rw-r--r-- | lib/gnutls_algorithms.c | 8 |
2 files changed, 12 insertions, 0 deletions
@@ -24,6 +24,10 @@ Version 2.12.24 (unreleased) This improves interoperability against broken servers which assume that this version is supported by the client. +** libgnutls: Prohibit DSA2 signatures when used with the libgcrypt + backend. There are interoperability issues, and these algorithms are + too rare to require a proper fix. + ** libgnutls: Do not call the post client hello callback twice when resuming using session tickets. diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index 1285ebf5a7..739e5bb0c7 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -1941,10 +1941,16 @@ static const gnutls_sign_entry sign_algorithms[] = { GNUTLS_MAC_RMD160, TLS_SIGN_AID_UNKNOWN}, {"DSA-SHA1", SIG_DSA_SHA1_OID, GNUTLS_SIGN_DSA_SHA1, GNUTLS_PK_DSA, GNUTLS_MAC_SHA1, {2, 2}}, +/* DSA2 doesn't work with libgcrypt */ +#ifdef HAVE_LIBNETTLE {"DSA-SHA224", SIG_DSA_SHA224_OID, GNUTLS_SIGN_DSA_SHA224, GNUTLS_PK_DSA, GNUTLS_MAC_SHA224, {3, 2}}, {"DSA-SHA256", SIG_DSA_SHA256_OID, GNUTLS_SIGN_DSA_SHA256, GNUTLS_PK_DSA, GNUTLS_MAC_SHA256, {4, 2}}, +#else + {"DSA-SHA224", SIG_DSA_SHA224_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}, + {"DSA-SHA256", SIG_DSA_SHA256_OID, 0, 0, 0, TLS_SIGN_AID_UNKNOWN}, +#endif {"RSA-MD5", SIG_RSA_MD5_OID, GNUTLS_SIGN_RSA_MD5, GNUTLS_PK_RSA, GNUTLS_MAC_MD5, {1, 1}}, {"RSA-MD2", SIG_RSA_MD2_OID, GNUTLS_SIGN_RSA_MD2, GNUTLS_PK_RSA, @@ -1964,8 +1970,10 @@ static const gnutls_sign_algorithm_t supported_sign[] = { GNUTLS_SIGN_RSA_SHA512, GNUTLS_SIGN_RSA_RMD160, GNUTLS_SIGN_DSA_SHA1, +#ifdef HAVE_LIBNETTLE GNUTLS_SIGN_DSA_SHA224, GNUTLS_SIGN_DSA_SHA256, +#endif GNUTLS_SIGN_RSA_MD5, GNUTLS_SIGN_RSA_MD2, 0 |