[PATCH 0/1] MR3203: bcrypt: Pass GNUTLS_VERIFY_ALLOW_BROKEN to gnutls_pubkey_verify_hash2().
gnutls now may fail signature verification for the old hash algorithms which are considered insecure (e. g., md5). The test added in the patch fails on Fedora 38 without the flag. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/3203
From: Paul Gofman <pgofman(a)codeweavers.com> --- dlls/bcrypt/gnutls.c | 7 ++++++- dlls/bcrypt/tests/bcrypt.c | 13 +++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c index c54ebc471a9..bc0e036a53d 100644 --- a/dlls/bcrypt/gnutls.c +++ b/dlls/bcrypt/gnutls.c @@ -1714,6 +1714,11 @@ static NTSTATUS pubkey_set_rsa_pss_params( gnutls_pubkey_t key, gnutls_digest_al static NTSTATUS key_asymmetric_verify( void *args ) { +#ifdef GNUTLS_VERIFY_ALLOW_BROKEN + static const unsigned int verify_flags = GNUTLS_VERIFY_ALLOW_BROKEN; +#else + static const unsigned int verify_flags = 0; +#endif const struct key_asymmetric_verify_params *params = args; struct key *key = params->key; unsigned flags = params->flags; @@ -1806,8 +1811,8 @@ static NTSTATUS key_asymmetric_verify( void *args ) gnutls_hash.data = params->hash; gnutls_hash.size = params->hash_len; - ret = pgnutls_pubkey_verify_hash2( key_data(key)->a.pubkey, sign_alg, 0, &gnutls_hash, &gnutls_signature ); + ret = pgnutls_pubkey_verify_hash2( key_data(key)->a.pubkey, sign_alg, verify_flags, &gnutls_hash, &gnutls_signature ); if (gnutls_signature.data != params->signature) free( gnutls_signature.data ); return (ret < 0) ? STATUS_INVALID_SIGNATURE : STATUS_SUCCESS; } diff --git a/dlls/bcrypt/tests/bcrypt.c b/dlls/bcrypt/tests/bcrypt.c index f58df8bcbbd..b0f7200ba2d 100644 --- a/dlls/bcrypt/tests/bcrypt.c +++ b/dlls/bcrypt/tests/bcrypt.c @@ -2583,12 +2583,25 @@ static void test_RSA(void) ret = BCryptSetProperty(key, BCRYPT_KEY_LENGTH, (UCHAR *)&keylen, sizeof(keylen), 0); ok(ret == STATUS_SUCCESS, "got %#lx\n", ret); + pad.pszAlgId = BCRYPT_MD5_ALGORITHM; + memset(sig, 0, sizeof(sig)); + len = 0; + ret = BCryptSignHash(key, &pad, hash, 16, sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1); + ok(!ret, "got %#lx\n", ret); + ok(len == 256, "got %lu\n", len); + pad.pszAlgId = BCRYPT_MD5_ALGORITHM; + ret = BCryptVerifySignature(key, &pad, hash, 16, sig, len, BCRYPT_PAD_PKCS1); + ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret); + pad.pszAlgId = BCRYPT_SHA1_ALGORITHM; memset(sig, 0, sizeof(sig)); len = 0; ret = BCryptSignHash(key, &pad, hash, sizeof(hash), sig, sizeof(sig), &len, BCRYPT_PAD_PKCS1); ok(!ret, "got %#lx\n", ret); ok(len == 256, "got %lu\n", len); + pad.pszAlgId = BCRYPT_SHA1_ALGORITHM; + ret = BCryptVerifySignature(key, &pad, hash, sizeof(hash), sig, len, BCRYPT_PAD_PKCS1); + ok(!ret, "BCryptVerifySignature failed: %#lx\n", ret); pad_pss.pszAlgId = BCRYPT_SHA384_ALGORITHM; pad_pss.cbSalt = 48; -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/3203
This merge request was approved by Hans Leidekker. -- https://gitlab.winehq.org/wine/wine/-/merge_requests/3203
participants (3)
-
Hans Leidekker (@hans) -
Paul Gofman
-
Paul Gofman (@gofman)