[Bug 1875920] [NEW] New default %PROFILE_MEDIUM breaks root ceritificates which use SHA1

Wed Apr 29 15:32:25 UTC 2020

Public bug reported:

For example /usr/share/ca-
certificates/mozilla/Certum_Trusted_Network_CA.crt used here:

gnutls-cli --starttls-proto smtp --port 25 smtp.yandex.ru -d 2

- Certificate[2] info:
 - subject `CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL', issuer `CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL', serial 0x00939285400165715f947f288fefc99b28, RSA key 2048 bits, signed using RSA-SHA256, activated `2008-10-22 12:07:37 UTC', expires `2027-06-10 10:46:39 UTC', pin-sha256="qiYwp7YXsE0KKUureoyqpQFubb5gSDeoOoVxn6tmfrU="
|<2>| issuer in verification was not found or insecure; trying against trust list
|<2>| GNUTLS_SEC_PARAM_MEDIUM: certificate's signature hash strength is unacceptable (is 80 bits, needed 112)

Secure check for SHA1 has exception for self-signed certificates
this check is not:

	if (sigalg >= 0 && se) {
		if (is_level_acceptable(cert, issuer, sigalg, flags) == 0) {
			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
		}

		/* If the certificate is not self signed check if the algorithms
		 * used are secure. If the certificate is self signed it doesn't
		 * really matter.
		 */
		if (_gnutls_sign_is_secure2(se, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0 &&
		    _gnutls_is_broken_sig_allowed(se, flags) == 0 &&
		    is_issuer(cert, cert) == 0) {
			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
		}
	}

** Affects: gnutls28 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1875920

Title:
  New default %PROFILE_MEDIUM breaks root  ceritificates which use SHA1

Status in gnutls28 package in Ubuntu:
  New

Bug description:
  For example /usr/share/ca-
  certificates/mozilla/Certum_Trusted_Network_CA.crt used here:

  gnutls-cli --starttls-proto smtp --port 25 smtp.yandex.ru -d 2

  - Certificate[2] info:
   - subject `CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL', issuer `CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL', serial 0x00939285400165715f947f288fefc99b28, RSA key 2048 bits, signed using RSA-SHA256, activated `2008-10-22 12:07:37 UTC', expires `2027-06-10 10:46:39 UTC', pin-sha256="qiYwp7YXsE0KKUureoyqpQFubb5gSDeoOoVxn6tmfrU="
  |<2>| issuer in verification was not found or insecure; trying against trust list
  |<2>| GNUTLS_SEC_PARAM_MEDIUM: certificate's signature hash strength is unacceptable (is 80 bits, needed 112)

  Secure check for SHA1 has exception for self-signed certificates
  this check is not:

  	if (sigalg >= 0 && se) {
  		if (is_level_acceptable(cert, issuer, sigalg, flags) == 0) {
  			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
  		}

  		/* If the certificate is not self signed check if the algorithms
  		 * used are secure. If the certificate is self signed it doesn't
  		 * really matter.
  		 */
  		if (_gnutls_sign_is_secure2(se, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0 &&
  		    _gnutls_is_broken_sig_allowed(se, flags) == 0 &&
  		    is_issuer(cert, cert) == 0) {
  			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
  		}
  	}

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1875920/+subscriptions