gnutls_openpgp_crt_verify_self and key fingerprint

[Nikos Mavrogiannopoulos]

Ilari Liusvaara wrote:
> I'm writing new protocol implementation that utilizes TLS-OpenPGP
> and GnuTLS and I am not completely sure what I'm doing with
> authentication is safe thing to do:
> 
> Does gnutls_openpgp_crt_verify_self() verify OpenPGP certificate
> throughly enough that the gnutls_openpgp_crt_get_fingerprint()
> output can be trusted not to be forgeable by grabbing certificate
> (without stealing/deriving corresponding private keys) with desired 
> fingerprint and tampering with it?

Hello,
 The verify_self() verifies the self signature and that's all. It
doesn't say whether someone you trust has signed this certificate.

> The scenario I'm most worried about is attacker using unauthorized
> subkey (missing/invalid main->subkey signature) to pass TLS signature
> checks. If that is not caught, the fingerprint value will be
> completely untrustworthy (since AFAIK fingerprint comes from the
> main key and does not directly cover subkeys). I'm guessing whole
> purpose of ...verify_self() is to catch trickery like that (if not,
> what it is for?)

Could you please elaborate on the scenario above? I cannot really
understand what you worry of.

regards,
Nikos