Verify MD2 algorithm signed certificates

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Aug 25 17:13:51 CEST 2010


On 08/25/2010 09:02 AM, liuxiaoyu wrote:

> Hi,
> I am attemping to verify some MD2 algorithm signed certificates using GnuTLS 2.6.3. 
> I notice it says in the GnuTLS manual that MD2 algorithms have been broken and should not be trusted, but flag "GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2" can be used with verification functions "guntls_x509_crt_verify()" to allow certificates to be signed using the old MD2 algorithm.
> However, when I used the following function call it still return "GNUTLS_CERT_INVALID".
>  gnutls_x509_crt_verify (crt, ca_list, ca_list_size,
>     GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2, &output);

MD2 is not supported by libgcrypt thus verification or generation always
fails. If you insist in verifying that you could try the gnutls 2.11.x
versions compiled against nettle.

In any case you shouldn't even bother. MD2 is so broken that even if the
signature check is correct you shouldn't trust the certificate anyway.

regards,
Nikos






More information about the Gnutls-help mailing list