[gnutls-help] Suport for signature algorithm 1.3.14.3.2.29 (sha1WithRSA)
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Fri Oct 25 20:09:48 CEST 2013
On 10/25/2013 10:43 AM, Tobias Gruetzmacher wrote:
> while working with a self-signed certificate I got from a client, I
> noticed, certtool will spit out:
>
> Signature Algorithm: unknown
> warning: signed using a broken signature algorithm that can be forged.
>
> while OpenSSL detects this correctly as:
>
> Signature Algorithm: sha1WithRSA
that's odd. SHA1 with RSA would normally be: 1.2.840.113549.1.1.5
> When I activate debugging I get this additional message:
>
> |<2>| Unknown SIGN OID: '1.3.14.3.2.29'
how was this generated?
https://bugzilla.mozilla.org/show_bug.cgi?id=405966#c1
snd follow-on remarks suggest that this is a duplicate of the PKCS#1 OID
definitions. I think that libNSS interprets this as a synonym. maybe
gnutls should do the same?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20131025/70277ec3/attachment-0001.sig>
More information about the Gnutls-help
mailing list