headers
Sam Varshavchik | 23 Jun 00:28

PEM generated by gnutls_rsa_params_export_pkcs1 and gnutls_dh_params_import_pkcs3

The buffer size return value from gnutls_dh_params_import_pkcs3(), when 
specifying GNUTLS_X509_FMT_PEM, seems to include a trailing \0 byte, after 
"-----END DH PARAMETERS-----<NL>". On the other hand, 
gnutls_rsa_params_export_pkcs1() with GNUTLS_X509_FMT_PEM sets the returned 
buffer size to not include any trailing \0, after "-----END RSA PRIVATE 
KEY-----<NL>".

That's the behavior I've observed with 2.0.4; and I haven't yet built 2.4.0. 
If that's the case, I'm not really sure if it's a major issue, but perhaps 
this should be noted in the man pages.


_______________________________________________
Gnutls-devel mailing list
Gnutls-devel <at> gnu.org
http://lists.gnu.org/mailman/listinfo/gnutls-devel
Permalink | Reply |
headers
Nikos Mavrogiannopoulos | 23 Jun 01:24

Re: PEM generated by gnutls_rsa_params_export_pkcs1 and gnutls_dh_params_import_pkcs3

Sam Varshavchik wrote:
> The buffer size return value from gnutls_dh_params_import_pkcs3(), when
> specifying GNUTLS_X509_FMT_PEM, seems to include a trailing \0 byte,
> after "-----END DH PARAMETERS-----<NL>". On the other hand,
> gnutls_rsa_params_export_pkcs1() with GNUTLS_X509_FMT_PEM sets the
> returned buffer size to not include any trailing \0, after "-----END RSA
> PRIVATE KEY-----<NL>".
> 
> That's the behavior I've observed with 2.0.4; and I haven't yet built
> 2.4.0. If that's the case, I'm not really sure if it's a major issue,
> but perhaps this should be noted in the man pages.

Hello,
 This is a bug for sure, thank you for reporting it. Does the attached
patch solve your issue?

regards,
Nikos

diff --git a/lib/gnutls_dh_primes.c b/lib/gnutls_dh_primes.c
index 8abab8f..720d2ee 100644
--- a/lib/gnutls_dh_primes.c
+++ b/lib/gnutls_dh_primes.c
@@ -547,21 +547,19 @@ gnutls_dh_params_export_pkcs3 (gnutls_dh_params_t params,
 	  return GNUTLS_E_INTERNAL_ERROR;
 	}

-      if ((unsigned) result + 1 > *params_data_size)
+      if ((unsigned) result > *params_data_size)
(Continue reading)

Permalink | Reply |
headers
Sam Varshavchik | 23 Jun 03:28

Re: PEM generated by gnutls_rsa_params_export_pkcs1 and gnutls_dh_params_import_pkcs3

Nikos Mavrogiannopoulos writes:

> Sam Varshavchik wrote:
>> The buffer size return value from gnutls_dh_params_import_pkcs3(), when
>> specifying GNUTLS_X509_FMT_PEM, seems to include a trailing \0 byte,
>> after "-----END DH PARAMETERS-----<NL>". On the other hand,
>> gnutls_rsa_params_export_pkcs1() with GNUTLS_X509_FMT_PEM sets the
>> returned buffer size to not include any trailing \0, after "-----END RSA
>> PRIVATE KEY-----<NL>".
>> 
>> That's the behavior I've observed with 2.0.4; and I haven't yet built
>> 2.4.0. If that's the case, I'm not really sure if it's a major issue,
>> but perhaps this should be noted in the man pages.
> 
> Hello,
>  This is a bug for sure, thank you for reporting it. Does the attached
> patch solve your issue?

Yes, with this patch gnutls_dh_params_import_pkcs3() no longer produces the 
trailing null byte.


_______________________________________________
Gnutls-devel mailing list
Gnutls-devel <at> gnu.org
http://lists.gnu.org/mailman/listinfo/gnutls-devel
Permalink | Reply |

Gmane