[gnutls-devel] GnuTLS | x509: add support for Russian extensions defined for qualified certificate (!1075)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Sat Sep 28 13:19:13 CEST 2019



Merge request https://gitlab.com/gnutls/gnutls/merge_requests/1075 was reviewed by Nikos Mavrogiannopoulos

--
  
Nikos Mavrogiannopoulos started a new discussion on lib/gnutls.asn: https://gitlab.com/gnutls/gnutls/merge_requests/1075#note_223409445

> +-- GOST x509 Extensions
> +IssuerSignTool ::= SEQUENCE {
> +	signTool	UTF8String (SIZE (1..200)),

libtasn1 doesn't support the SIZE directive. If we need to adhere to this limit we need to check it internally. This doesn't apply here as you are only reading the value, but is applicable for the writing.

We may want to remove this SIZE directive as it takes more memory for the asn module (without it having any benefit)

--
  
Nikos Mavrogiannopoulos started a new discussion on lib/x509/output.c: https://gitlab.com/gnutls/gnutls/merge_requests/1075#note_223409447

>  		idx->tlsfeatures++;
> +	} else if (strcmp(oid, "1.2.643.100.111") == 0) {
> +		addf(str, _("%s\t\tSubject Signing Tool(%s):\n"),

Is this the software name of the tool? e.g., certtool?


-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/1075
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190928/58daa033/attachment.html>


More information about the Gnutls-devel mailing list