summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDmitry Eremin-Solenikov <dbaryshkov@gmail.com>2019-11-06 15:14:48 +0300
committerDmitry Baryshkov <dbaryshkov@gmail.com>2020-01-20 03:36:30 +0300
commit47a5f1e15a24005620fde80815a29d962ee7b826 (patch)
tree0bf253902753416f34d71223ce9d195aa6c25fc9
parent4023d63f0b2795c0c0447282c808671ae8503ac3 (diff)
downloadgnutls-47a5f1e15a24005620fde80815a29d962ee7b826.tar.gz
x509: include digestParamSet into GOST 512-bit curves A and B params
Old implementations do not understand PublicKeyParams with omitted digestParamSet. So include the field for old 512-bit curves to improve compatibility with old implementations. Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
-rw-r--r--lib/x509/key_encode.c4
-rw-r--r--tests/cert-tests/data/gost-cert-ca.pem6
-rw-r--r--tests/cert-tests/data/gost-cert-new.pem6
3 files changed, 10 insertions, 6 deletions
diff --git a/lib/x509/key_encode.c b/lib/x509/key_encode.c
index a589dd4f33..c2bc89aad1 100644
--- a/lib/x509/key_encode.c
+++ b/lib/x509/key_encode.c
@@ -569,6 +569,10 @@ _gnutls_x509_write_gost_params(const gnutls_pk_params_st * params,
params->curve == GNUTLS_ECC_CURVE_GOST256CPXA ||
params->curve == GNUTLS_ECC_CURVE_GOST256CPXB))
oid = HASH_OID_STREEBOG_256;
+ else if (params->algo == GNUTLS_PK_GOST_12_512 &&
+ (params->curve == GNUTLS_ECC_CURVE_GOST512A ||
+ params->curve == GNUTLS_ECC_CURVE_GOST512B))
+ oid = HASH_OID_STREEBOG_512;
else
oid = NULL;
diff --git a/tests/cert-tests/data/gost-cert-ca.pem b/tests/cert-tests/data/gost-cert-ca.pem
index 2816461a24..b29e1bd5a6 100644
--- a/tests/cert-tests/data/gost-cert-ca.pem
+++ b/tests/cert-tests/data/gost-cert-ca.pem
@@ -45,10 +45,10 @@ Other Information:
sha1:652264ab8efad9f4e17b41f84e52d5244c2752ab
sha256:47f73d42e8b14f5c940dbfaaa4f13a6f7e64c26d72c0aa094885c55eb53fb06e
Public Key ID:
- sha1:74cf59b3e174a809e4debf3b7ad63094343e5a4a
- sha256:df62d016d9bf5b4197e9fb6b18657a989597689c0fb7942a9c049cc0eef44def
+ sha1:a60d930b427a73b45a8d8bc3f1b184d651f48239
+ sha256:38c9e68a183c9e53f31550ca25f18eac10e14018e978844548667c033c69d68d
Public Key PIN:
- pin-sha256:32LQFtm/W0GX6ftrGGV6mJWXaJwPt5QqnAScwO70Te8=
+ pin-sha256:OMnmihg8nlPzFVDKJfGOrBDhQBjpeIRFSGZ8Azxp1o0=
-----BEGIN CERTIFICATE-----
MIIB6zCCAVegAwIBAgIUK5KdJ0OeewhbIiZIH+JbamvH9+4wCgYIKoUDBwEBAwMw
diff --git a/tests/cert-tests/data/gost-cert-new.pem b/tests/cert-tests/data/gost-cert-new.pem
index 33fbb79834..e700dcf527 100644
--- a/tests/cert-tests/data/gost-cert-new.pem
+++ b/tests/cert-tests/data/gost-cert-new.pem
@@ -49,10 +49,10 @@ Other Information:
sha1:087e529deb0bc108e536c79fbaf6d9a67655caac
sha256:3ec70a1ba9610ef92429681a82f3d8da299dce0a54b9ecbabbe618de4bd79d3e
Public Key ID:
- sha1:04e41e66a4bf78e63e28bb34eed6956a20d47616
- sha256:59e05ec4906a8985d1f207a549c5eaa46258c086ab5c7759737686122e65674b
+ sha1:817128c34ab7d8f90b2498e56735c9dee8b4cc44
+ sha256:7e1c1612baf3fa9fbdf653456639b59124e462a6599ece01c2a64b902847755b
Public Key PIN:
- pin-sha256:WeBexJBqiYXR8gelScXqpGJYwIarXHdZc3aGEi5lZ0s=
+ pin-sha256:fhwWErrz+p+99lNFZjm1kSTkYqZZns4BwqZLkChHdVs=
-----BEGIN CERTIFICATE-----
MIICOjCCAaagAwIBAgIUM1rl1X0+lDjgDHpz5M84MxNFv+4wCgYIKoUDBwEBAwMw