x509 output: don't warn about insecure algorithm when unknown

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-04-09 13:31:54 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-04-09 13:40:24 +0200
commit: 63573ee97f331831ff7f2e490a275d422fd1e5dd (patch)
tree: 778168897e77794fbd0ab2f61b78536b6f0a284c /lib/x509/output.c
parent: 42cd76b35fbb4381dcd8edcbe540f8ebfe651bf9 (diff)
download: gnutls-63573ee97f331831ff7f2e490a275d422fd1e5dd.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/x509/output.c b/lib/x509/output.c
index 29a94df867..cf72019bc2 100644
--- a/lib/x509/output.c
+++ b/lib/x509/output.c
@@ -1453,7 +1453,7 @@ print_cert(gnutls_buffer_st * str, gnutls_x509_crt_t cert,
 				name = _("unknown");
 			addf(str, _("\tSignature Algorithm: %s\n"), name);
 		}
-		if (gnutls_sign_is_secure(err) == 0) {
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) {
 			adds(str,
 			     _("warning: signed using a broken signature "
 			       "algorithm that can be forged.\n"));
@@ -2095,7 +2095,7 @@ print_crl(gnutls_buffer_st * str, gnutls_x509_crl_t crl, int notsigned)
 				name = _("unknown");
 			addf(str, _("\tSignature Algorithm: %s\n"), name);
 		}
-		if (gnutls_sign_is_secure(err) == 0) {
+		if (err != GNUTLS_SIGN_UNKNOWN && gnutls_sign_is_secure(err) == 0) {
 			adds(str,
 			     _("warning: signed using a broken signature "
 			       "algorithm that can be forged.\n"));
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-04-09 13:31:54 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-04-09 13:40:24 +0200
commit	63573ee97f331831ff7f2e490a275d422fd1e5dd (patch)
tree	778168897e77794fbd0ab2f61b78536b6f0a284c /lib/x509/output.c
parent	42cd76b35fbb4381dcd8edcbe540f8ebfe651bf9 (diff)
download	gnutls-63573ee97f331831ff7f2e490a275d422fd1e5dd.tar.gz