Test failure of ‘chainverify’

Ludovic Courtès ludo at gnu.org
Thu Mar 11 12:28:45 CET 2010


Hello,

The ‘chainverify’ test currently fails with the latest libtasn1 and
libgcrypt:

--8<---------------cut here---------------start------------->8---
Chain 'verisign.com v1 fail' (1)...
	Adding certificate 0...done
	Certificate 0: subject `serialNumber=2497886,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,C=US,2.5.4.17=#14053934303433,ST=California,L=Mountain View,STREET=487 East Middlefield Road,O=VeriSign\, Inc.,OU=Production Security Services,OU=Terms of use at www.verisign.com/rpa (c)06,CN=www.verisign.com', issuer `C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign Class 3 Extended Validation SSL SGC CA', RSA key 1024 bits, signed using RSA-SHA1, activated `2007-05-09 00:00:00 UTC', expires `2009-05-08 23:59:59 UTC', SHA-1 fingerprint `c6750e8da95f5a65bb046d6079d4fc87402e0381'
	Adding certificate 1...done
	Certificate 1: subject `C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=Terms of use at https://www.verisign.com/rpa (c)06,CN=VeriSign Class 3 Extended Validation SSL SGC CA', issuer `C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5', RSA key 2048 bits, signed using RSA-SHA1, activated `2006-11-08 00:00:00 UTC', expires `2016-11-07 23:59:59 UTC', SHA-1 fingerprint `4a8a2a0e276ff33b5dd88a362146010f2a8b6aee'
	Adding certificate 2...done
	Certificate 2: subject `C=US,O=VeriSign\, Inc.,OU=VeriSign Trust Network,OU=(c) 2006 VeriSign\, Inc. - For authorized use only,CN=VeriSign Class 3 Public Primary Certification Authority - G5', issuer `C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority', RSA key 2048 bits, signed using RSA-SHA1, activated `2006-11-08 00:00:00 UTC', expires `2021-11-07 23:59:59 UTC', SHA-1 fingerprint `7e7e026f71bfe7bbc7e7e5c591b1915cb6684e6c'
	Adding certificate 3...done
	Certificate 3: subject `C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority', issuer `C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority', RSA key 1024 bits, signed using RSA-MD2 (broken!), activated `1996-01-29 00:00:00 UTC', expires `2028-08-01 23:59:59 UTC', SHA-1 fingerprint `742c3192e607e424eb4549542be1bbc53e6174e2'
	Adding CA certificate...done
	CA Certificate: subject `C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority', issuer `C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary Certification Authority|<2>| ASSERT: verify.c:181
|<2>| ASSERT: verify.c:313
|<2>| ASSERT: verify.c:482
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:1211
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
|<2>| ASSERT: dn.c:304
--8<---------------cut here---------------end--------------->8---

(From <http://hydra.nixos.org/build/321623>.)

Ideas?

Thanks,
Ludo’.






More information about the Gnutls-devel mailing list