Bug 1326451

Summary: gnutls-serv reports "Server Signature" for ciphersuites that don't use it
Product: Red Hat Enterprise Linux 7 Reporter: Hubert Kario <hkario>
Component: gnutlsAssignee: Nikos Mavrogiannopoulos <nmavrogi>
Status: CLOSED ERRATA QA Contact: Stanislav Zidek <szidek>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: nmavrogi, szidek
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: gnutls-3.3.23-1.el7 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-11-04 00:59:26 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Attachments:
Description Flags
Set of certificates to test easily none

Description Hubert Kario 2016-04-12 17:26:04 UTC 
Created attachment 1146558 [details]
Set of certificates to test easily

Description of problem:
When gnutls-serv is used with TLSv1.2 protocol and ciphersuites that use RSA key exchange, it reports "Server Signature", equal to the Client Certificate.

Version-Release number of selected component (if applicable):
gnutls-3.3.8-14.el7_2.x86_64

How reproducible:
always

Steps to Reproduce:
1. git clone https://github.com/tomato42/tlsfuzzer.git
2. pushd tlsfuzzer
3. git clone https://github.com/warner/python-ecdsa .python-ecdsa
4. ln -s .python-ecdsa/ecdsa ecdsa
5. git clone https://github.com/tomato42/tlslite-ng.git .tlslite-ng
6. ln -s .tlslite-ng/tlslite tlslite
7. popd
8. tar xzf certificates.tar.gz
9. gnutls-serv --priority NORMAL:+VERS-TLS1.2 --port 4433 --http --x509cafile ca/cert.pem --x509keyfile server/key.pem --x509certfile server/cert.pem
(in other console, same directory)
10. PYTHONPATH=tlsfuzzer python tlsfuzzer/scripts/test-rsa-sigs-on-certificate-verify.py -k client/key.pem -c client/cert.pem

Actual results:
multiple times (with different hashes) in gnutls-serv output:
...
- Version: TLS1.2
- Key Exchange: RSA
- Server Signature: RSA-SHA256
- Client Signature: RSA-SHA256
- Cipher: AES-128-CBC
- MAC: SHA1
...

Expected results:
no "Server Signature: " lines

Additional info:
Comment 1 Nikos Mavrogiannopoulos 2016-04-13 12:09:57 UTC 
It seems that the while verifying the client's certificate signature, the server's (idea of) signature algorithm gets overwritten. That is something trivial to fix.
Comment 8 errata-xmlrpc 2016-11-04 00:59:26 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-2218.html