[gnutls-devel] GnuTLS | Implement new requirements for GOST PublicKeyParameters (!1070)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Oct 3 10:41:26 CEST 2019

Dmitry Eremin-Solenikov commented on a discussion on tests/cert-tests/data/gost-cert-new.pem: https://gitlab.com/gnutls/gnutls/merge_requests/1070#note_225437078

> +X.509 Certificate Information:
> +	Version: 3
> +	Serial Number (hex): 12003b87c2a7948bc008bf49ea0001003b87c2
> +	Issuer: CN=CRYPTO-PRO Test Center 2,O=CRYPTO-PRO LLC,L=Moscow,C=RU,EMAIL=support at cryptopro.ru
> +	Validity:
> +		Not Before: Wed Oct 02 13:52:34 UTC 2019
> +		Not After: Thu Jan 02 14:02:34 UTC 2020
> +	Subject: CN=Test User
> +	Subject Public Key Algorithm: GOST R 34.10-2012-512
> +	Algorithm Security Level: Future (512 bits)

Unfortunately no, CA certificate is an old one. I can generate a chain on my own. Would you like that?
Algorithms are old, the only change standard body has demanded is the change in algorithm parameters. And on top of that this is tested in the `cert-tests/gost` test, where CA is generated using 512-bit curve, so it will use new format for algorithm parameters.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1070#note_225437078
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191003/70a414d8/attachment.html>

More information about the Gnutls-devel mailing list