gital
     signature use (provides a more generic way to enable digital
     signatures for broken hash algorithms).
   • ‘enabled-curve’: to enable the specified elliptic curve.
   • ‘enabled-version’: to enable the specified TLS versions.
   • ‘tls-enabled-cipher’: to enable the specified ciphers for use in
     the TLS or DTLS protocols.
   • ‘tls-enabled-mac’: to enable the specified MAC algorithms for use
     in the TLS or DTLS protocols.
   • ‘tls-enabled-group’: to enable the specified group for use in the
     TLS or DTLS protocols.
   • ‘tls-enabled-kx’: to enable the specified key exchange algorithms
     for use in the TLS or DTLS protocols (applies to TLS1.2 or
     earlier).

The allowlisting mode can be enabled by adding ‘override-mode =
allowlist’ in the ‘[global]’ section.

The following functions allow the applications to modify the setting.

‘INT *note gnutls_ecc_curve_set_enabled:: (gnutls_ecc_curve_t CURVE, unsigned int ENABLED)’
‘INT *note gnutls_sign_set_secure:: (gnutls_sign_algorithm_t SIGN, unsigned int SECURE)’
‘INT *note gnutls_sign_set_secure_for_certs:: (gnutls_sign_algorithm_t SIGN, unsigned int SECURE)’
‘INT *note gnutls_digest_set_secure:: (gnutls_digest_algorithm_t DIG, unsigned int SECURE)’
‘INT *note gnutls_protocol_set_enabled:: (gnutls_protocol_t VERSION, unsigned int ENABLED)’

When the allowlisting mode is in effect, a ‘@SYSTEM’ priority string is
automatically constructed from the options in the ‘[overrides]’ section.
For this reason, the above functions should be called before the
‘@SYSTEM’ priority is used.

8.2.1 Examples
--------------

The following example marks as insecure all digital signature algorithms
which depend on SHA384, as well as the RSA-SHA1 signature algorithm.

     [overrides]
     insecure-hash = sha384
     insecure-sig = rsa-sha1

The following example marks RSA-SHA256 as insecure for use in
certificates and disables the TLS1.0 and TLS1.1 protocols.

     [overrides]
     insecure-sig-for-cert = rsa-sha256
     disabled-version = tls1.0
     disabled-version = tls1.1

The following example disables the ‘AES-128-CBC’ and ‘AES-256-CBC’
ciphers, the ‘HMAC-SHA1’ MAC algorithm and the ‘GROUP-FFDHE8192’ group
for TLS and DTLS protocols.

     [overrides]
     tls-disabled-cipher = aes-128-cbc
     tls-disabled-cipher = aes-256-cbc
     tls-disabled-mac = sha1
     tls-disabled-group = group-ffdhe8192

The following example demonstrates the use of the allowlisting mode.
All the signature algorithms are disabled by default but ‘RSA-SHA256’.
Note that the hash algorithm ‘SHA256’ also needs to be explicitly
enabled.

     [global]
     override-mode = allowlist

     [overrides]
     secure-hash = sha256
     secure-sig = rsa-sha256

To enable a TLS ciphersuite in the allowlist mode requires a more
verbose configuration, explicitly listing algorithm dependencies.  The
following example enables TLS_AES_128_GCM_SHA256, using the SECP256R1
curve for signing and key exchange.

     [global]
     override-mode = allowlist

     [overrides]
     secure-hash = sha256
     enabled-curve = secp256r1
     secure-sig = ecdsa-secp256r1-sha256
     enabled-version = tls1.3
     tls-enabled-cipher = aes-128-gcm
     tls-enabled-mac = aead
     tls-enabled-group = secp256r1