[gnutls-devel] Upgrade from 2.10.1 to 3.0.18 caused my external signing stop working.
nmav at gnutls.org
Thu Mar 21 16:07:48 CET 2013
On Thu, Mar 21, 2013 at 2:51 PM, Bjørn H. Christensen <BHC at insight.dk> wrote:
> I know that the code have been depreciated, but I can see it is still there:
> I am using :
> to use Certificates from the Microsoft Certificate Store.
> I am using version 3.0.18 and in gnutls_sig.c in the function sign_tls_hash
> on line 228.
> The use of pkey seems wrong.
Nice catch. Note however, that this issue should only occur if you use
TLS 1.2. If you restrict to TLS 1.0 or 1.1 there should be no issues.
I will see whether there can be a hack to solve that, or just return
an error in case TLS 1.2 is mixed with the deprecated function.
To use gnutls_privkey_import_ext2() check lib/tpm.c.
More information about the Gnutls-devel