[gnutls-devel] GnuTLS | GnuTLS chokes on two examples from RFC 4134 (#612)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sun Nov 11 21:34:51 CET 2018


- 4.5 uses BER indefinite-length encoding for `encapContentInfo.eContent`, which fails to be parsed using `asn1_get_length_der()`. Replacing it with `asn1_get_length_ber()` results in signature verification failure.
- 4.6 second signature uses certificate with DSS parameters inherited from parent certificate rather than specified in certificate itself (there are huge FIXMEs in `_gnutls_x509_read_dsa_params()` and `_gnutls_get_asn_mpis()`). @nmav any idea how to handle this in the graceful way?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/612#note_116327601
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181111/63be29a7/attachment-0001.html>


More information about the Gnutls-devel mailing list