TLS 1.2 with standard signature? Why hash->size == 36??
Simon Josefsson
simon at josefsson.org
Mon Nov 9 19:09:51 CET 2009
Carolin,
I just re-ran the x509signself self-test with gnutls 2.9.x and the hash
size passed to the function is now 20 bytes. I suppose GnuTLS adds the
right PKCS#1 ASN.1 OID internally. It occurs to me that perhaps the
callback should receive the entire PKCS#1 blob, to avoid having the
callback reconstruct it, instead of just the hash value, but maybe this
is sufficient to make things work for you? I'll release 2.9.9 in a few
minutes with some minor fixes, please test it.
/Simon
Carolin Latze <carolin.latze at unifr.ch> writes:
> Hi Simon,
>
> I tried to use TLS 1.2 with and without sign callback, and I still see a
> signature of 36 bytes... Even if there is a leading SHA-1 OID, shouldn't
> it be max 35 then? Maybe we should check, whether I check the right
> variables:
>
> In gnutls_sig.c, method _gnutls_tls_sign_hdata, there is a structure
> called dconcat. dconcat.size holds the hash size, right? and
> dconcat.data should hold the hash itself? dconcat.size has a value of 36
> for me...
>
> If I use the sign callback, I print the value of hash->size (=36) and
> hash->data (cannot see the OID included in that value, so for me it
> looks like it is really not SHA-1 only).
>
> Maybe I check the wrong values?
>
> BTW: I used the latest Snapshot, 2.9.8 to test it.
>
> Sorry... :-/
> Carolin
>
> Simon Josefsson wrote:
>> Carolin Latze <carolin.latze at unifr.ch> writes:
>>
>>
>>> Hi all,
>>>
>>> according to RFC 5246, TLS 1.2 should use a standard signature, but if
>>> I enable TLS 1.2 in GnuTLS and print out the hash size it says
>>> 36... that does not sound like a standard signature.. I would expect
>>> something like 20 for SHA1. Am I wrong?
>>>
>>
>> Hi! With GnuTLS 2.9.7 I hope this should work better -- could you take
>> a look? It should have more solid TLS 1.2 support.
>>
>> Thanks,
>> Simon
>>
More information about the Gnutls-help
mailing list