Verify MD2 algorithm signed certificates
liuxiaoyu
wkfta at hotmail.com
Wed Aug 25 09:02:20 CEST 2010
Hi,
I am attemping to verify some MD2 algorithm signed certificates using GnuTLS 2.6.3.
I notice it says in the GnuTLS manual that MD2 algorithms have been broken and should not be trusted, but flag "GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2" can be used with verification functions "guntls_x509_crt_verify()" to allow certificates to be signed using the old MD2 algorithm.
However, when I used the following function call it still return "GNUTLS_CERT_INVALID".
gnutls_x509_crt_verify (crt, ca_list, ca_list_size,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2, &output);
I have attached the certificates I used. Zip password: guntls
Is there any problem in the certificates? Any advise on what I should do to make it work?
Thanks and Regards,
Sean
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20100825/0dd67987/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cred.zip
Type: application/x-zip-compressed
Size: 2307 bytes
Desc: not available
URL: </pipermail/attachments/20100825/0dd67987/attachment.bin>
More information about the Gnutls-help
mailing list