[sr #107785] gnutls_sign_func called with hash size of 20 bytes

Nikos Mavrogiannopoulos INVALID.NOREPLY at gnu.org
Mon Aug 29 22:26:26 CEST 2011

Update of sr #107785 (project gnutls):

                  Status:                    None => Confirmed              


Follow-up Comment #4:

1. Unfortunately the sign callback doesn't pass the hash algorithm and seems
to be relied on, only if you fix your protocol to be SSL 3.0 or TLS 1.0 (maybe
TLS 1.1 too, but I don't remember).

2. You would need a PKCS #11 front-end to the microsoft certificate store. I
don't know if such thing exists.

PKCS #11 is an API to access cryptographic keys without exposing them. I
suppose the MCS does the same thing.


Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list