From 757fc7be14d2a4fdf77cf5ed421fc4d8aaba9ba6 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 20 Jul 2017 13:18:10 +0200
Subject: x509/verify: reject SHA1 in signature algorithms for certificate
 verification

That is, we now use gnutls_sign_is_secure2() with GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS
flag for checking the validity of the signature algorithm, when
verifying signatures in certificates.

Resolves #229

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/x509/output.c | 6 +++---
 lib/x509/verify.c | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/x509/output.c b/lib/x509/output.c
index b12c4890e4..ac652fee18 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1635,7 +1635,7 @@ print_cert(gnutls_buffer_st * str, gnutls_x509_crt_t cert,
 
 		print_crt_sig_params(str, cert, format);
 
-		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) {
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {
 			adds(str,
 			     _("warning: signed using a broken signature "
 			       "algorithm that can be forged.\n"));
@@ -1862,7 +1862,7 @@ static void print_oneline(gnutls_buffer_st * str, gnutls_x509_crt_t cert)
 		else
 			p = name;
 
-		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure( err) == 0)
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0)
 			addf(str, _("signed using %s (broken!), "), p);
 		else
 			addf(str, _("signed using %s, "), p);
@@ -2279,7 +2279,7 @@ print_crl(gnutls_buffer_st * str, gnutls_x509_crl_t crl, int notsigned)
 		addf(str, _("\tSignature Algorithm: %s\n"), p);
 		gnutls_free(name);
 
-		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) {
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure2(err, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0) {
 			adds(str,
 			     _("warning: signed using a broken signature "
 			       "algorithm that can be forged.\n"));
diff --git a/lib/x509/verify.c b/lib/x509/verify.c
index e27c5dfdaa..002fac6f2a 100644
--- a/lib/x509/verify.c
+++ b/lib/x509/verify.c
@@ -782,7 +782,7 @@ verify_crt(gnutls_x509_crt_t cert,
 		 * used are secure. If the certificate is self signed it doesn't
 		 * really matter.
 		 */
-		if (gnutls_sign_is_secure(sigalg) == 0 &&
+		if (gnutls_sign_is_secure2(sigalg, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0 &&
 		    _gnutls_is_broken_sig_allowed(sigalg, flags) == 0 &&
 		    is_issuer(cert, cert) == 0) {
 			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
-- 
cgit v1.2.1