diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2019-11-06 15:14:48 +0300 |
---|---|---|
committer | Dmitry Baryshkov <dbaryshkov@gmail.com> | 2020-01-20 03:36:30 +0300 |
commit | 47a5f1e15a24005620fde80815a29d962ee7b826 (patch) | |
tree | 0bf253902753416f34d71223ce9d195aa6c25fc9 | |
parent | 4023d63f0b2795c0c0447282c808671ae8503ac3 (diff) | |
download | gnutls-47a5f1e15a24005620fde80815a29d962ee7b826.tar.gz |
x509: include digestParamSet into GOST 512-bit curves A and B params
Old implementations do not understand PublicKeyParams with omitted
digestParamSet. So include the field for old 512-bit curves to improve
compatibility with old implementations.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
-rw-r--r-- | lib/x509/key_encode.c | 4 | ||||
-rw-r--r-- | tests/cert-tests/data/gost-cert-ca.pem | 6 | ||||
-rw-r--r-- | tests/cert-tests/data/gost-cert-new.pem | 6 |
3 files changed, 10 insertions, 6 deletions
diff --git a/lib/x509/key_encode.c b/lib/x509/key_encode.c index a589dd4f33..c2bc89aad1 100644 --- a/lib/x509/key_encode.c +++ b/lib/x509/key_encode.c @@ -569,6 +569,10 @@ _gnutls_x509_write_gost_params(const gnutls_pk_params_st * params, params->curve == GNUTLS_ECC_CURVE_GOST256CPXA || params->curve == GNUTLS_ECC_CURVE_GOST256CPXB)) oid = HASH_OID_STREEBOG_256; + else if (params->algo == GNUTLS_PK_GOST_12_512 && + (params->curve == GNUTLS_ECC_CURVE_GOST512A || + params->curve == GNUTLS_ECC_CURVE_GOST512B)) + oid = HASH_OID_STREEBOG_512; else oid = NULL; diff --git a/tests/cert-tests/data/gost-cert-ca.pem b/tests/cert-tests/data/gost-cert-ca.pem index 2816461a24..b29e1bd5a6 100644 --- a/tests/cert-tests/data/gost-cert-ca.pem +++ b/tests/cert-tests/data/gost-cert-ca.pem @@ -45,10 +45,10 @@ Other Information: sha1:652264ab8efad9f4e17b41f84e52d5244c2752ab sha256:47f73d42e8b14f5c940dbfaaa4f13a6f7e64c26d72c0aa094885c55eb53fb06e Public Key ID: - sha1:74cf59b3e174a809e4debf3b7ad63094343e5a4a - sha256:df62d016d9bf5b4197e9fb6b18657a989597689c0fb7942a9c049cc0eef44def + sha1:a60d930b427a73b45a8d8bc3f1b184d651f48239 + sha256:38c9e68a183c9e53f31550ca25f18eac10e14018e978844548667c033c69d68d Public Key PIN: - pin-sha256:32LQFtm/W0GX6ftrGGV6mJWXaJwPt5QqnAScwO70Te8= + pin-sha256:OMnmihg8nlPzFVDKJfGOrBDhQBjpeIRFSGZ8Azxp1o0= -----BEGIN CERTIFICATE----- MIIB6zCCAVegAwIBAgIUK5KdJ0OeewhbIiZIH+JbamvH9+4wCgYIKoUDBwEBAwMw diff --git a/tests/cert-tests/data/gost-cert-new.pem b/tests/cert-tests/data/gost-cert-new.pem index 33fbb79834..e700dcf527 100644 --- a/tests/cert-tests/data/gost-cert-new.pem +++ b/tests/cert-tests/data/gost-cert-new.pem @@ -49,10 +49,10 @@ Other Information: sha1:087e529deb0bc108e536c79fbaf6d9a67655caac sha256:3ec70a1ba9610ef92429681a82f3d8da299dce0a54b9ecbabbe618de4bd79d3e Public Key ID: - sha1:04e41e66a4bf78e63e28bb34eed6956a20d47616 - sha256:59e05ec4906a8985d1f207a549c5eaa46258c086ab5c7759737686122e65674b + sha1:817128c34ab7d8f90b2498e56735c9dee8b4cc44 + sha256:7e1c1612baf3fa9fbdf653456639b59124e462a6599ece01c2a64b902847755b Public Key PIN: - pin-sha256:WeBexJBqiYXR8gelScXqpGJYwIarXHdZc3aGEi5lZ0s= + pin-sha256:fhwWErrz+p+99lNFZjm1kSTkYqZZns4BwqZLkChHdVs= -----BEGIN CERTIFICATE----- MIICOjCCAaagAwIBAgIUM1rl1X0+lDjgDHpz5M84MxNFv+4wCgYIKoUDBwEBAwMw |