[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnutls-dev] [gnutls-cvs PATCH] Fix handling of PKCS#12 and contents
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: [gnutls-dev] [gnutls-cvs PATCH] Fix handling of PKCS#12 and contents without apassphrase |
Date: |
Tue, 27 Sep 2005 16:05:05 +0200 |
User-agent: |
KMail/1.8.2 |
On Tuesday 27 September 2005 11:34, Anton Altaparmakov wrote:
> Hi,
> Gnutls has bugs when handling PKCS#12 files and their contents when
> they do not have a passphrase.
> OpenSSL's "openssl pkcs12" utility worked fine to load and dump those
> PKCS#12 files which made me look into the gnutls source code and I managed
> to find out what was going on after a log of debugging. For example
> gnutls didn't allow a 0 MPI which is perfectly valid. Also it had no
> concept of empty passwords (it assumed password = NULL means not encrypted
> which is wrong) and finally it did not understand the difference between
> password = NULL and password = "".
> The below patch fixes all the above problems. It is against the current
> gnutls cvs (generated using "cvs diff"). Please apply.
Hello Anton,
Thank you for the patch. I've changed some things since some parts of gnutls
rely on this property of mpi_scan(). If the attached patch works for you I'll
apply it to the cvs.
--
Nikos Mavrogiannopoulos
diff.txt
Description: Text document