[Bug 1875920] Re: New default %PROFILE_MEDIUM breaks root ceritificates which use SHA1

Adrien Nader 1875920 at bugs.launchpad.net
Fri Mar 28 14:06:25 UTC 2025 

I've tried to reproduce the issue today on oracular and couldn't. It
looks like the path taken is the same (there's some thing with
expiration date I don't explain but it's in the future anyway). I guess
the issue has been fixed in gnutls. Moreover this issue is old, has seen
no recent activity and upstream indicates they have fixed the issue.
I'll mark this as Fix Released.

** Changed in: gnutls28 (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1875920

Title:
  New default %PROFILE_MEDIUM breaks root  ceritificates which use SHA1

Status in gnutls28 package in Ubuntu:
  Fix Released

Bug description:
  For example /usr/share/ca-
  certificates/mozilla/Certum_Trusted_Network_CA.crt used here:

  gnutls-cli --starttls-proto smtp --port 25 smtp.yandex.ru -d 2

  
  - Certificate[2] info:
   - subject `CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL', issuer `CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL', serial 0x00939285400165715f947f288fefc99b28, RSA key 2048 bits, signed using RSA-SHA256, activated `2008-10-22 12:07:37 UTC', expires `2027-06-10 10:46:39 UTC', pin-sha256="qiYwp7YXsE0KKUureoyqpQFubb5gSDeoOoVxn6tmfrU="
  |<2>| issuer in verification was not found or insecure; trying against trust list
  |<2>| GNUTLS_SEC_PARAM_MEDIUM: certificate's signature hash strength is unacceptable (is 80 bits, needed 112)

  Secure check for SHA1 has exception for self-signed certificates
  this check is not:

  
  	if (sigalg >= 0 && se) {
  		if (is_level_acceptable(cert, issuer, sigalg, flags) == 0) {
  			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
  		}

  		/* If the certificate is not self signed check if the algorithms
  		 * used are secure. If the certificate is self signed it doesn't
  		 * really matter.
  		 */
  		if (_gnutls_sign_is_secure2(se, GNUTLS_SIGN_FLAG_SECURE_FOR_CERTS) == 0 &&
  		    _gnutls_is_broken_sig_allowed(se, flags) == 0 &&
  		    is_issuer(cert, cert) == 0) {
  			MARK_INVALID(GNUTLS_CERT_INSECURE_ALGORITHM);
  		}
  	}

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1875920/+subscriptions

More information about the foundations-bugs mailing list