[gnutls-dev] [PATCH] incredibly large RSA modulus not handled

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[gnutls-dev] [PATCH] incredibly large RSA modulus not handled

From:	Ian Peters
Subject:	[gnutls-dev] [PATCH] incredibly large RSA modulus not handled
Date:	Tue Mar 11 22:55:02 2003

The default root CA pem file, as shipped with most browsers, includes a
cert from Thawte that uses a 16384 bit RSA modulus.  The value of
MAX_PARAMETER_SIZE in gnutls_cert.h (1200) appears to have been set for
an 8192 bit modulus, max, which was causing libtasn1 to return
ASN1_E_MEMORY, eventually causing a fatal error in gnutls while parsing
the ca file.

This patch bumps that define up to 2400, which allows the successful
parsing of the Thawte cert.

I've attached a copy of the Thawte cert for testing purposes, as well.

Ian

gnutls-0.8.4-thawte-cert.patch
Description: Text Data

thawte.pem
Description: Text document

[Prev in Thread]

Current Thread

[Next in Thread]

[gnutls-dev] [PATCH] incredibly large RSA modulus not handled, Ian Peters <=
- Re: [gnutls-dev] [PATCH] incredibly large RSA modulus not handled, Ian Peters, 2003/03/11
  - Re: [gnutls-dev] [PATCH] incredibly large RSA modulus not handled, Nikos Mavroyanopoulos, 2003/03/12
    - Re: [gnutls-dev] [PATCH] incredibly large RSA modulus not handled, Nikos Mavroyanopoulos, 2003/03/12

Prev by Date: [gnutls-dev] [PATCH] error handling large CA files
Next by Date: Re: [gnutls-dev] [PATCH] error handling large CA files
Previous by thread: [gnutls-dev] [PATCH] error handling large CA files
Next by thread: Re: [gnutls-dev] [PATCH] incredibly large RSA modulus not handled
Index(es):
- Date
- Thread