[gnutls-devel] GnuTLS | gnutls with allowlisting doesn't allow enabling sigalgs with priority strings (#1681)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Tue Mar 11 14:46:23 CET 2025
Zoltán Fridrich created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1681
a signature algorithm disabled through allowlisting (e.g. with crypto-policies)
cannot be reenabled back with priority strings alone
How reproducible: reliably
Steps to Reproduce (you can find the full steps in the attached reproducer):
1. remove mentions of RSA-PSS-RSAE-SHA256 from gnutls config,
e.g., using a `sign = -RSA-PSS-RSAE-SHA2-256` subpolicy
2. attempt a connection from a client to the server which both use
`@SYSTEM:-SIGN-ALL:+SIGN-RSA-PSS-RSAE-SHA256` as a priority string
Actual results:
<4> HSK[0x55f399502800]: CERTIFICATE VERIFY (15) was received. Length 260[260], frag offset 0, frag length: 260, sequence: 0
<4> HSK[0x55f399502800]: Parsing certificate verify
<4> HSK[0x55f399502800]: verifying TLS 1.3 handshake data using RSA-PSS-RSAE-SHA256
<3> ASSERT: pubkey.c[pubkey_verify_data]:2426
<3> ASSERT: pubkey.c[gnutls_pubkey_verify_data2]:1942
<3> ASSERT: tls13-sig.c[_gnutls13_handshake_verify_data]:128
<3> ASSERT: tls13/certificate_verify.c[_gnutls13_recv_certificate_verify]:131
<3> ASSERT: handshake-tls13.c[_gnutls13_handshake_client]:129
Fatal error: One of the involved algorithms has insufficient security level.
<5> REC: Sending Alert[2|71] - Insufficient security
Expected results: connections succeeds and uses RSA-PSS-RSAE-SHA256
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1681
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20250311/536aa91a/attachment.html>
More information about the Gnutls-devel
mailing list