diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-26 09:20:22 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-08-03 11:57:53 +0200 |
| commit | 44c92997f0bbc1be2641b0c83a825fb539716a74 (patch) | |
| tree | e1cde5c0179dcbcd4dfdd080c0d35f46b86bb154 | |
| parent | 2f0e285ad8e2762b280c4ed8163ab8f5c915d4d4 (diff) | |
| download | gnutls-44c92997f0bbc1be2641b0c83a825fb539716a74.tar.gz | |
pubkey_verify_hashed_data: simplified and made static
That also removes its ability to operate with the 'unknown'
signature algorithm, and forces the TLS 1.0 key exchange to
supply the right algorithm or flags.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | lib/abstract_int.h | 8 | ||||
| -rw-r--r-- | lib/pubkey.c | 46 | ||||
| -rw-r--r-- | lib/tls-sig.c | 13 |
3 files changed, 38 insertions, 29 deletions
diff --git a/lib/abstract_int.h b/lib/abstract_int.h index c1bd7f7f25..b3f99c2505 100644 --- a/lib/abstract_int.h +++ b/lib/abstract_int.h @@ -99,14 +99,6 @@ int _gnutls_pubkey_compatible_with_sig(gnutls_session_t, int _gnutls_pubkey_get_mpis(gnutls_pubkey_t key, gnutls_pk_params_st * params); -int -pubkey_verify_hashed_data(gnutls_pk_algorithm_t pk, - const mac_entry_st * algo, - const gnutls_datum_t * hash, - const gnutls_datum_t * signature, - gnutls_pk_params_st * params, - gnutls_x509_spki_st * sign_params); - int pubkey_verify_data(const gnutls_sign_entry_st *se, const gnutls_datum_t * data, const gnutls_datum_t * signature, diff --git a/lib/pubkey.c b/lib/pubkey.c index ce372dbaea..f54f9e54eb 100644 --- a/lib/pubkey.c +++ b/lib/pubkey.c @@ -38,6 +38,12 @@ #include "urls.h" #include <ecc.h> +static int +pubkey_verify_hashed_data(const gnutls_sign_entry_st *se, + const gnutls_datum_t * hash, + const gnutls_datum_t * signature, + gnutls_pk_params_st * params, + gnutls_x509_spki_st * sign_params); unsigned pubkey_to_bits(gnutls_pk_params_st * params) { @@ -1634,9 +1640,6 @@ gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, /* we do not check for insecure algorithms with this flag */ return _gnutls_pk_verify(params.pk, hash, signature, &key->params, ¶ms); - } else if (algo == GNUTLS_SIGN_UNKNOWN) { - params.pk = key->params.algo; - me = NULL; } else { se = _gnutls_sign_to_entry(algo); if (se == NULL) @@ -1652,15 +1655,13 @@ gnutls_pubkey_verify_hash2(gnutls_pubkey_t key, if (ret < 0) return gnutls_assert_val(ret); - } - - ret = pubkey_verify_hashed_data(params.pk, me, - hash, signature, - &key->params, - ¶ms); - if (ret < 0) { - gnutls_assert(); - return ret; + ret = pubkey_verify_hashed_data(se, hash, signature, + &key->params, + ¶ms); + if (ret < 0) { + gnutls_assert(); + return ret; + } } if (algo != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(algo) == 0 && _gnutls_is_broken_sig_allowed(algo, flags) == 0) { @@ -1908,19 +1909,25 @@ dsa_verify_data(gnutls_pk_algorithm_t pk, /* Verifies the signature data, and returns GNUTLS_E_PK_SIG_VERIFY_FAILED if * not verified, or 1 otherwise. */ -int -pubkey_verify_hashed_data(gnutls_pk_algorithm_t pk, - const mac_entry_st *hash_algo, +static int +pubkey_verify_hashed_data(const gnutls_sign_entry_st *se, const gnutls_datum_t * hash, const gnutls_datum_t * signature, gnutls_pk_params_st * params, gnutls_x509_spki_st * sign_params) { - switch (pk) { + const mac_entry_st *me; + + me = hash_to_entry(se->hash); + + switch (se->pk) { case GNUTLS_PK_RSA: case GNUTLS_PK_RSA_PSS: + if (unlikely(me==NULL)) + return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + if (_pkcs1_rsa_verify_sig - (pk, hash_algo, NULL, hash, signature, params, sign_params) != 0) + (se->pk, me, NULL, hash, signature, params, sign_params) != 0) { gnutls_assert(); return GNUTLS_E_PK_SIG_VERIFY_FAILED; @@ -1931,8 +1938,11 @@ pubkey_verify_hashed_data(gnutls_pk_algorithm_t pk, case GNUTLS_PK_ECDSA: case GNUTLS_PK_DSA: + if (unlikely(me==NULL)) + return gnutls_assert_val(GNUTLS_E_UNKNOWN_HASH_ALGORITHM); + if (dsa_verify_hashed_data - (pk, hash_algo, hash, signature, params, sign_params) != 0) { + (se->pk, me, hash, signature, params, sign_params) != 0) { gnutls_assert(); return GNUTLS_E_PK_SIG_VERIFY_FAILED; } diff --git a/lib/tls-sig.c b/lib/tls-sig.c index 378ed3e1a3..4ebab54f88 100644 --- a/lib/tls-sig.c +++ b/lib/tls-sig.c @@ -218,8 +218,12 @@ _gnutls_handshake_verify_data10(gnutls_session_t session, if (pk_algo == GNUTLS_PK_RSA) { hash_algo = GNUTLS_DIG_MD5_SHA1; verify_flags |= GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA; - } else + } else { hash_algo = GNUTLS_DIG_SHA1; + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + sign_algo = gnutls_pk_to_sign(pk_algo, hash_algo); + } + } me = hash_to_entry(hash_algo); @@ -506,8 +510,11 @@ _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session, if (pk_algo == GNUTLS_PK_RSA) { me = hash_to_entry(GNUTLS_DIG_MD5_SHA1); verify_flags |= GNUTLS_PUBKEY_VERIFY_FLAG_TLS1_RSA; - } else + sign_algo = GNUTLS_SIGN_UNKNOWN; + } else { me = hash_to_entry(GNUTLS_DIG_SHA1); + sign_algo = gnutls_pk_to_sign(pk_algo, GNUTLS_DIG_SHA1); + } ret = _gnutls_hash_init(&td_sha, me); if (ret < 0) { gnutls_assert(); @@ -523,7 +530,7 @@ _gnutls_handshake_verify_crt_vrfy(gnutls_session_t session, dconcat.data = concat; dconcat.size = _gnutls_hash_get_algo_len(me); - ret = gnutls_pubkey_verify_hash2(cert->pubkey, GNUTLS_SIGN_UNKNOWN, + ret = gnutls_pubkey_verify_hash2(cert->pubkey, sign_algo, GNUTLS_VERIFY_ALLOW_SIGN_WITH_SHA1|verify_flags, &dconcat, signature); if (ret < 0) |