[gnutls-devel] GnuTLS | certtool --generate-self-signed returns crt_sign: ASN1 parser: Value is not valid. (#1144)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Jan 9 03:42:24 CET 2021
libbin commented:
**Similar result in MacOS**
Severity: breaks basic gnutls operation (\--generate-self-signed)
Environment:
MacOS: 11.1 (20C69)
Brew: brew install gnutls
```
$ gnutls-certtool --generate-privkey --outfile key.pem -d3 1>/dev/null
Generating a 3072 bit RSA private key...
|<3>| ASSERT: privkey.c[gnutls_x509_privkey_get_seed]:1925
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: privkey.c[gnutls_x509_privkey_get_seed]:1925
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: privkey.c[gnutls_x509_privkey_get_seed]:1925
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
$ gnutls-certtool --generate-self-signed --load-privkey key.pem --template foo --outfile cert.pem -d3 1>/dev/null
Generating a self signed certificate...
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_issuer_unique_id]:3995
|<3>| ASSERT: x509.c[gnutls_x509_crt_get_subject_unique_id]:3945
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
|<3>| ASSERT: mpi.c[wrap_nettle_mpi_print]:60
X.509 Certificate Information:
<DELETED>
Signing certificate...
|<2>| signing structure using RSA-SHA256
|<3>| ASSERT: common.c[_gnutls_x509_der_encode]:855
|<3>| ASSERT: sign.c[_gnutls_x509_pkix_sign]:174
|<3>| ASSERT: x509_write.c[gnutls_x509_crt_privkey_sign]:1834
crt_sign: ASN1 parser: Value is not valid.
$ ls
foo key.pem
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1144#note_481434187
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210109/00f8f3ae/attachment-0001.html>
More information about the Gnutls-devel
mailing list