[gnutls-devel] GnuTLS | There is no 'signature' in the part of 'tbsCertificate' (#983)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue May 5 04:12:08 CEST 2020

Chu Chen created an issue: https://gitlab.com/gnutls/gnutls/-/issues/983

## Description of problem:

In the parsed certificate, there is no 'signature' in the part of tbsCertificate. 'signature' is a field of tbsCertificate in RFC 5280. 

```  Signature

   This field contains the algorithm identifier for the algorithm used
   by the CA to sign the certificate.

   This field MUST contain the same algorithm identifier as the
   signatureAlgorithm field in the sequence Certificate (Section

Cooper, et al.              Standards Track                    [Page 19]

RFC 5280            PKIX Certificate and CRL Profile            May 2008  The contents of the optional parameters field will vary
   according to the algorithm identified.  [RFC3279], [RFC4055], and
   [RFC4491] list supported signature algorithms, but other signature
   algorithms MAY also be supported.

## Version of gnutls used:


## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)

Ubuntu 18.04 x64

## How reproducible:

Steps to Reproduce:

 * certtool -i -infile path/to/cert_file 

## Actual results:



## Expected results:

As RFC 5280, 'signature' in 'tbsCertificate' is parsed.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/983
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200505/dc11cb2e/attachment.html>

More information about the Gnutls-devel mailing list