vincenthz
commented
5 years ago nice one once again ! thanks ! sorry I dropped the ball completely on #101 .. I remember starting reviewing it and probably got distracted ..
Closed ocheron closed 5 years ago
vincenthz
commented
5 years ago nice one once again ! thanks ! sorry I dropped the ball completely on #101 .. I remember starting reviewing it and probably got distracted ..
kazu-yamamoto
commented
5 years ago @vincenthz Did you mean "approved"?
ocheron
commented
5 years ago I'm sorry but something must have slipped through before I sent this.
The encoding of EdDSA signature algorithms still generates a Null parameter when it should be absent. Ed25519/Ed448 certificates generated by the library are rejected by OpenSSL :-(
There is no visible impact when using certificates generated externally and kept as SignedCertificate since the input encoding is retained and used by SignedExact.
So probably no reason to release again just for this.
I'll send PR to address the bug as well as the Fingerprint empty instance.
Adds support for the new algorithm identifiers defined in RFC 8410.
SignatureALGis extended with a single-value constructor, as the hash algorithm is not needed ("intrinsic" being the TLS vocabulary in RFC 8422).Motivation: to add EdDSA support in tls, increase test coverage with ECDHE_ECDSA, and replace DSA still used for TLS13 tests