deprecating MD5 in signature verification for gnutls-{cli, serv}

[Simon Josefsson]

Daniel Kahn Gillmor <dkg at fifthhorseman.net> writes:

> On 01/05/2009 01:48 PM, Tomas Mraz wrote:
>> If the only MD5 used in signatures is in the _trusted_ CA cert (and not
>> in the leaf and intermediate certificates) it is OK. But it is not the
>> case of the support.mayfirst.org site. But I don't see how the removal
>> of the last selfsigned certificate from the chain could break the
>> algorithm. There must be some different bug in play.
>
> I agree with this assessment.  It would be really useful in debugging if
> certtool was able to use the same internal algorithm that the other
> tools use.

Indeed, and I've now made that happen.  Look at the final line at:

jas at mocca:~/src/gnutls/src master$ (echo | gnutls-cli --print-cert --x509cafile /etc/ssl/certs/Equifax_Secure_Global_eBusiness_CA.pem support.mayfirst.org; cat /etc/ssl/certs/Equifax_Secure_Global_eBusiness_CA.pem) | ./certtool -e
Certificate[0]: C=US,O=support.mayfirst.org,OU=GT69079880,OU=See www.rapidssl.com/resources/cps (c)07,OU=Domain Control Validated - RapidSSL(R),CN=support.mayfirst.org
	Issued by: C=US,O=Equifax Secure Inc.,CN=Equifax Secure Global eBusiness CA-1
	Verifying against certificate[1].
	Verification output: Not verified, Insecure algorithm.

Certificate[1]: C=US,O=Equifax Secure Inc.,CN=Equifax Secure Global eBusiness CA-1
	Issued by: C=US,O=Equifax Secure Inc.,CN=Equifax Secure Global eBusiness CA-1
	Verification output: Verified.

Chain verification output: Not verified, Insecure algorithm.
jas at mocca:~/src/gnutls/src master$ 

The last line contains the result from validating the chain using the
library algorithm.  The flags are always 0 which can vary from how
libgnutls is used by applications, though, but at least this is a step
in the right direction.

/Simon