[gnutls-devel] RSA-SHA512 signature support for gnutls 2.12.x

Nikos Mavrogiannopoulos nmav at gnutls.org
Thu Mar 20 19:06:26 CET 2014

On Thu, 2014-03-20 at 17:02 +0100, Andreas Metzler wrote:
> Hello,
> this is <http://bugs.debian.org/737921>
> GnuTLS 2.12.x seems to fail to connect to servers using a cert signed
> with RSA-SHA512. Since cacert.org seems to be using RSA-SHA512 this
> has become more important.
> More details in abovementioned bugreport.
> Ivan Shmakov <ivan at siamics.net> has provided attached patch for
> GnuTLS 2.12.x. Could you please review it (and if this is successful
> integrate to GIT).

Hello Andreas,
 From a quick glimpse I don't think that this would solve the problem.
This code does not restrict the signature algorithms available for
certificate verification, but rather the signature algorithms that will
be used during the TLS handshake. As I understand (but cannot deduce
because the logs available are very limited) the client advertises only
support for SHA512 hash in the signature algorithms extension.
Unfortunately that version of gnutls could only work with either SHA1 or
SHA256 in the TLS 1.2 handshake and this is what this check takes care

So I will not commit this patch, but nevertheless, I think the issue is
easy solvable, as it is just a misconfiguration of the client. Just make
sure it does not only support SHA512.


More information about the Gnutls-devel mailing list