diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2019-12-19 09:37:34 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-12-19 20:13:47 +0100 |
commit | 1abb4298398ec6a942dc77384a19b3e3a2392341 (patch) | |
tree | 535697628d8d8745d51ab70cbfbb56ee9bbb2112 /tests/certs | |
parent | 88b3fb2978558eb319eebdf776ac60884359a573 (diff) | |
download | gnutls-1abb4298398ec6a942dc77384a19b3e3a2392341.tar.gz |
_gnutls_verify_crt_status: apply algorithm checks to trusted CAs
If a CA is found in the trusted list, check in addition to
time validity, whether the algorithms comply to the expected
level. This addresses the problem of accepting CAs which would
have been marked as insecure otherwise.
Resolves: #877
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/certs')
-rw-r--r-- | tests/certs/rsa-512.pem | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/tests/certs/rsa-512.pem b/tests/certs/rsa-512.pem new file mode 100644 index 0000000000..46fbe62589 --- /dev/null +++ b/tests/certs/rsa-512.pem @@ -0,0 +1,20 @@ +-----BEGIN PRIVATE KEY----- +MIIBVwIBADANBgkqhkiG9w0BAQEFAASCAUEwggE9AgEAAkEAwZFO/Vz94lR3/TKz +76qRCV2skqthX7PB6YxeLHH3ifWSYR2qCYTBikaASm6PGDvAliviIjGjKTkdDdqZ +X2S94QIDAQABAkEAsV+L+FN8OieZBCWwCNBNsz1pY8Uzp1S7Pl3n9eZBJOKNc/tI +Tr0/zwAR+5C7IE7xjfuYHZDWN+yXg0LhH+GYgQIhAP0rzSdsjuPJ9XA9wpnYLN4O +fqXnA7mzW5QKzYuzy3RJAiEAw7sCwUSi7030NszYd7A63o2WrzqWRoX1V1vt6FMd +zNkCIQDmsytXaY0r9bU6eo0CNANutjaiZ0j1x4MD/HQhgc08QQIhALdYYLZF4xKj +RRZoQIWtURfULciq6sXZCf7xICQ2Z33RAiEA/M/OnKZijdWg13dchmdaXLgNGxJO +N90VucFVWK8nXzo= +-----END PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIBTjCB+aADAgECAhQcc65I8jSxWRjcS1czw4MRLIc8qDANBgkqhkiG9w0BAQsF +ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwHhcNMTkxMjE1MDI1NTU4WhcNMjkxMjEy +MDI1NTU4WjAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwXDANBgkqhkiG9w0BAQEFAANL +ADBIAkEAwZFO/Vz94lR3/TKz76qRCV2skqthX7PB6YxeLHH3ifWSYR2qCYTBikaA +Sm6PGDvAliviIjGjKTkdDdqZX2S94QIDAQABoyMwITAJBgNVHRMEAjAAMBQGA1Ud +EQQNMAuCCWxvY2FsaG9zdDANBgkqhkiG9w0BAQsFAANBAHslvfVxod5p+Gt7l4LV +M2HBxOt4YM8mRCtyNSmJEGAe+aIzXaiSiRnVkVvjQvdxacu2D4yP52BUo1vzNnCq +2UI= +-----END CERTIFICATE----- |