[gnutls-devel] GnuTLS | gnutls with allowlisting doesn't allow enabling sigalgs with priority strings (#1681)

[Read-only notification of GnuTLS library development activities]

Zoltán Fridrich created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1681



a signature algorithm disabled through allowlisting (e.g. with crypto-policies)
cannot be reenabled back with priority strings alone

How reproducible: reliably

Steps to Reproduce (you can find the full steps in the attached reproducer):
1. remove mentions of RSA-PSS-RSAE-SHA256 from gnutls config,
e.g., using a `sign = -RSA-PSS-RSAE-SHA2-256` subpolicy
2. attempt a connection from a client to the server which both use
`@SYSTEM:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256` as a priority string

Actual results:
<4> 	HSK[0x55f399502800]: CERTIFICATE VERIFY (15) was received. Length 260[260], frag offset 0, frag length: 260, sequence: 0
<4> 	HSK[0x55f399502800]: Parsing certificate verify
<4> 	HSK[0x55f399502800]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
<3> 	ASSERT: pubkey.c[pubkey_verify_data]:2426
<3> 	ASSERT: pubkey.c[gnutls_pubkey_verify_data2]:1942
<3> 	ASSERT: tls13-sig.c[_gnutls13_handshake_verify_data]:128
<3> 	ASSERT: tls13/certificate_verify.c[_gnutls13_recv_certificate_verify]:131
<3> 	ASSERT: handshake-tls13.c[_gnutls13_handshake_client]:129

            Fatal error: One of the involved algorithms has insufficient security level.

<5> 	REC: Sending Alert[2|71] - Insufficient security

Expected results: connections succeeds and uses RSA-PSS-RSAE-SHA256

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1681
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250311/536aa91a/attachment.html>