[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] [gnutls-cvs PATCH] Fix handling of PKCS#12 and contents
Re: [gnutls-dev] [gnutls-cvs PATCH] Fix handling of PKCS#12 and contents without apassphrase
Tue, 27 Sep 2005 16:05:05 +0200
On Tuesday 27 September 2005 11:34, Anton Altaparmakov wrote:
> Gnutls has bugs when handling PKCS#12 files and their contents when
> they do not have a passphrase.
> OpenSSL's "openssl pkcs12" utility worked fine to load and dump those
> PKCS#12 files which made me look into the gnutls source code and I managed
> to find out what was going on after a log of debugging. For example
> gnutls didn't allow a 0 MPI which is perfectly valid. Also it had no
> concept of empty passwords (it assumed password = NULL means not encrypted
> which is wrong) and finally it did not understand the difference between
> password = NULL and password = "".
> The below patch fixes all the above problems. It is against the current
> gnutls cvs (generated using "cvs diff"). Please apply.
Thank you for the patch. I've changed some things since some parts of gnutls
rely on this property of mpi_scan(). If the attached patch works for you I'll
apply it to the cvs.
Description: Text document