[gnutls-devel] GnuTLS | cert auth: filter out unsupported cert types from TLS 1.2 CR (!1434)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon May 17 16:26:26 CEST 2021
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1434 was reviewed by Hubert Kario (@mention me if you need reply)
--
Hubert Kario (@mention me if you need reply) started a new discussion on tests/suite/tls-fuzzer/gnutls-cert.json: https://gitlab.com/gnutls/gnutls/-/merge_requests/1434#note_577035488
> + "-p", "@PORT@",
> + "-s", "sha256+rsa 8+9 8+4 sha256+ecdsa 8+7 sha384+rsa 8+10 8+5 sha384+ecdsa 8+8 sha512+rsa 8+11 8+6 sha512+ecdsa sha1+rsa sha1+ecdsa",
> + "check cert types in cert request"]
why not run all tests in the script?
--
Hubert Kario (@mention me if you need reply) started a new discussion on tests/suite/tls-fuzzer/gnutls-cert.json: https://gitlab.com/gnutls/gnutls/-/merge_requests/1434#note_577035491
> + "-c", "tests/clientX509Cert.pem",
> + "-p", "@PORT@",
> + "-s", "sha256+rsa 8+9 8+4 sha256+ecdsa 8+7 sha384+rsa 8+10 8+5 sha384+ecdsa 8+8 sha512+rsa 8+11 8+6 sha512+ecdsa sha1+rsa sha1+ecdsa",
wouldn't it be more readable to use the following instead?:
```
"-s", "sha256+rsa rsa_pss_pss_sha256 rsa_pss_rsae_sha256 sha256+ecdsa rsa_pss_rsae_sha256 sha384+rsa rsa_pss_pss_sha384 rsa_pss_rsae_sha384 sha384+ecdsa ed448 sha512+rsa rsa_pss_pss_sha512 rsa_pss_rsae_sha512 sha512+ecdsa sha1+rsa sha1+ecdsa",
```
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1434
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210517/56101390/attachment.html>
More information about the Gnutls-devel
mailing list