[gnutls-devel] GnuTLS | Invalid certificate policy extension (#1623)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Sat Dec 7 10:03:13 CET 2024
dulanshuangqiao created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1623
## Description of problem:
I provided a test case that has a certificate policy extension containing only optional qualifiers without object identifiers, which should be invalid. Golang determined it as follows: invalid certificate policies
The description of certificate policy extension is as follows:
The certificate policies extension contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers.
## Version of gnutls used:
gnutls-cli 3.7.3
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
Ubuntu
## How reproducible:
Steps to Reproduce:
* one gnutls_x509_crt_import(Cert.der)[Cert.zip](/uploads/32a792f42788d64d19f48a32a1d27a83/Cert.zip)
## Actual results:
Complete
## Expected results:
invalid certificate policies
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1623
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20241207/61c8f7c8/attachment.html>
More information about the Gnutls-devel
mailing list