[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Help required for CSR validation
|
From: |
Boyan Kasarov |
|
Subject: |
Re: Help required for CSR validation |
|
Date: |
Tue, 24 Nov 2009 21:54:22 +0200 |
Hello,
This patch works for RSA, but doesn't for DSA.
Greetings
Boyan
В 21:34 +0200 на 24.11.2009 (вт), Nikos Mavrogiannopoulos написа:
> Wilankar, Trupti wrote:
> > Hi,
> >
> > I have used Certtool from GnuTLS Windows version 2.9.9.
> > A 2048 bit private key was generated using Certtool (Command: certtool -p
> > --outfile priv.key --bits 2048).
> > This private key was used to create CSRs, both on OpenSSL and Certtool. The
> > DN fields (C, CN, ST, L, O, OU) used in both CSRs are also same.
>
> Could you also try this patch? I noticed that integers in bit strings in
> openssl contain a leading zero. This patch makes certtool behave the same.
>
> Документ с неформатиран текст прикрепен файл (patch-int)
> diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c
> index dc18eaa..50ce873 100644
> --- a/lib/x509/mpi.c
> +++ b/lib/x509/mpi.c
> @@ -380,14 +380,14 @@ _gnutls_x509_write_rsa_params (bigint_t * params, int
> params_size,
> return _gnutls_asn2err (result);
> }
>
> - result = _gnutls_x509_write_int (spk, "modulus", params[0], 0);
> + result = _gnutls_x509_write_int (spk, "modulus", params[0], 1);
> if (result < 0)
> {
> gnutls_assert ();
> goto cleanup;
> }
>
> - result = _gnutls_x509_write_int (spk, "publicExponent", params[1], 0);
> + result = _gnutls_x509_write_int (spk, "publicExponent", params[1], 1);
> if (result < 0)
> {
> gnutls_assert ();
> @@ -514,21 +514,21 @@ _gnutls_x509_write_dsa_params (bigint_t * params, int
> params_size,
> return _gnutls_asn2err (result);
> }
>
> - result = _gnutls_x509_write_int (spk, "p", params[0], 0);
> + result = _gnutls_x509_write_int (spk, "p", params[0], 1);
> if (result < 0)
> {
> gnutls_assert ();
> goto cleanup;
> }
>
> - result = _gnutls_x509_write_int (spk, "q", params[1], 0);
> + result = _gnutls_x509_write_int (spk, "q", params[1], 1);
> if (result < 0)
> {
> gnutls_assert ();
> goto cleanup;
> }
>
> - result = _gnutls_x509_write_int (spk, "g", params[2], 0);
> + result = _gnutls_x509_write_int (spk, "g", params[2], 1);
> if (result < 0)
> {
> gnutls_assert ();
> @@ -580,7 +580,7 @@ _gnutls_x509_write_dsa_public_key (bigint_t * params, int
> params_size,
> return _gnutls_asn2err (result);
> }
>
> - result = _gnutls_x509_write_int (spk, "", params[3], 0);
> + result = _gnutls_x509_write_int (spk, "", params[3], 1);
> if (result < 0)
> {
> gnutls_assert ();
> _______________________________________________
> Gnutls-devel mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/gnutls-devel
- Re: Help required for CSR validation, (continued)
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/18
- RE: Help required for CSR validation, Wilankar, Trupti, 2009/11/19
- Re: Help required for CSR validation, Simon Josefsson, 2009/11/19
- RE: Help required for CSR validation, Wilankar, Trupti, 2009/11/20
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/21
- RE: Help required for CSR validation, Wilankar, Trupti, 2009/11/23
- Re: Help required for CSR validation, Daniel Kahn Gillmor, 2009/11/23
- RE: Help required for CSR validation, Wilankar, Trupti, 2009/11/24
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/24
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/24
- Re: Help required for CSR validation,
Boyan Kasarov <=
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/24
- Re: Help required for CSR validation, Boyan Kasarov, 2009/11/24
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/26
- Re: Help required for CSR validation, Nikos Mavrogiannopoulos, 2009/11/27
- RE: Help required for CSR validation, Wilankar, Trupti, 2009/11/25