Use ASN1_NULL when writing parameters for RSA signatures. This makes us comply with RFC3279. Reported by Michael Rommel.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-12-05 16:33:01 +0100
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2010-12-05 17:05:54 +0100
commit: 6808f0bddae9ebaa81a85f0f22bbf88afe1da9d0 (patch)
tree: 0909b26e68bb55f8db4b932d0b54f27bfb91f2d9 /lib/x509/mpi.c
parent: 86ecfeed9948097dd9f34f2cefc49654521b3e69 (diff)
download: gnutls-6808f0bddae9ebaa81a85f0f22bbf88afe1da9d0.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/x509/mpi.c b/lib/x509/mpi.c
index 2ce6a53ef7..4b1aa169ed 100644
--- a/lib/x509/mpi.c
+++ b/lib/x509/mpi.c
@@ -456,7 +456,10 @@ _gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name,
   _gnutls_str_cpy (name, sizeof (name), dst_name);
   _gnutls_str_cat (name, sizeof (name), ".parameters");
 
-  result = asn1_write_value (dst, name, NULL, 0);
+  if (pk_algorithm == GNUTLS_PK_RSA)
+    result = asn1_write_value (dst, name, ASN1_NULL, ASN1_NULL_SIZE);
+  else
+    result = asn1_write_value (dst, name, NULL, 0);
 
   if (result != ASN1_SUCCESS && result != ASN1_ELEMENT_NOT_FOUND)
     {
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-12-05 16:33:01 +0100
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2010-12-05 17:05:54 +0100
commit	6808f0bddae9ebaa81a85f0f22bbf88afe1da9d0 (patch)
tree	0909b26e68bb55f8db4b932d0b54f27bfb91f2d9 /lib/x509/mpi.c
parent	86ecfeed9948097dd9f34f2cefc49654521b3e69 (diff)
download	gnutls-6808f0bddae9ebaa81a85f0f22bbf88afe1da9d0.tar.gz