[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Help-gnutls] Re: Really I can not understand nothing of SSL...
|
From: |
Simon Josefsson |
|
Subject: |
[Help-gnutls] Re: Really I can not understand nothing of SSL... |
|
Date: |
Wed, 10 Aug 2005 11:15:12 +0200 |
|
User-agent: |
Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) |
Fran <address@hidden> writes:
>> There are many options, but the most flexible is probably to use a
>> real bignum library. There is one in libgcrypt, which GnuTLS uses.
> Thanks, seems good choice; but I think (in my opinion) that serial
> number should be unique (not int here and BIGNUM there).
Agreed, but the GnuTLS API never uses int for X.509 serials. The tool
does, but it has to convert it to a printable format somehow.
Arguable it should use libgcrypt..
>> Right, strtoll will only work for small integers.
> Right
>> If I don't have time to implement ideas, I try to write them down into
>> TODO. Are your ideas in there? Code, on the other hand, doesn't
>> write itself...
> Ideas = tar.gz archive with C code (as well I can). Skeleton of interface +
> Makefile for examples/doc
I fixed the examples now, they should be built during a normal build,
so any problems should be spotted easily. I don't recall the other
matters, do you have a message-id or something?
> Another thing, in 1.2.4 one certificate dn_size for
> gnutls_x509_crt_get_dn -> 111 bytes
> gnutls_x509_crt_get_issuer_dn -> 98 bytes
> now, the same certificate, in 1.2.6
> - 110 bytes and 97bytes
> ¿It is ok?
Yes, see NEWS:
- Fixed off-by-one bug in the size parameter of gnutls_x509_crt_get*_dn,
reported by Adam Langley <address@hidden>.
Cheers,
Simon