x509: corrected issue in the algorithm parameters comparison (!921) · Merge requests · gnutls / GnuTLS

Nikos Mavrogiannopoulos requested to merge tmp-fix-cert-params-checks into master Feb 11, 2019

Each certificate has two fields to set the signature algorithm and parameters used for the digital signature. One of the fields is authenticated and the other is not. It is required from RFC5280 to enforce the equality of these fields, but currently due to an issue we wouldn't enforce the equality of the parameters fields. This fix corrects the issue.

Resolves: #698 (closed)

Checklist

Code modified for feature
Test suite updated with functionality tests
Test suite updated with negative tests
Documentation updated / NEWS entry present (for non-trivial changes)

Reviewer's checklist:

Any issues marked for closing are addressed
There is a test suite reasonably covering new functionality or modifications
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
This feature/change has adequate documentation added
No obvious mistakes in the code

Edited Feb 12, 2019 by Nikos Mavrogiannopoulos

Admin message

x509: corrected issue in the algorithm parameters comparison

Checklist

Reviewer's checklist:

Merge request reports