[gnutls-devel] GnuTLS | There is no 'signature' in the part of 'tbsCertificate' (#983)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue May 5 04:12:08 CEST 2020
Chu Chen created an issue: https://gitlab.com/gnutls/gnutls/-/issues/983
## Description of problem:
In the parsed certificate, there is no 'signature' in the part of tbsCertificate. 'signature' is a field of tbsCertificate in RFC 5280.
```
4.1.2.3. Signature
This field contains the algorithm identifier for the algorithm used
by the CA to sign the certificate.
This field MUST contain the same algorithm identifier as the
signatureAlgorithm field in the sequence Certificate (Section
Cooper, et al. Standards Track [Page 19]
RFC 5280 PKIX Certificate and CRL Profile May 2008
4.1.1.2). The contents of the optional parameters field will vary
according to the algorithm identified. [RFC3279], [RFC4055], and
[RFC4491] list supported signature algorithms, but other signature
algorithms MAY also be supported.
```
## Version of gnutls used:
3.5.5
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu 18.04 x64
## How reproducible:
Steps to Reproduce:
* certtool -i -infile path/to/cert_file
## Actual results:
[cert-example-ie-cer48.zip](/uploads/d00ae05f13d9a2b054a3e7facf72e71e/cert-example-ie-cer48.zip)
[cert-example-ie-cer48.gnutls](/uploads/00a6cde44c6406d63ffa8966cb5447bf/cert-example-ie-cer48.gnutls)
## Expected results:
As RFC 5280, 'signature' in 'tbsCertificate' is parsed.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/983
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200505/dc11cb2e/attachment.html>
More information about the Gnutls-devel
mailing list