Fix regression with certificate verification

rusticata / x509-parser

X.509 parser written in pure Rust. Fast, zero-copy, safe.

Other

206 stars 67 forks source link

Fix regression with certificate verification #118

Closed flavio closed 2 years ago

flavio commented 2 years ago

Handle verification of ASN.1 DER-encoded ECDSA signatures using the P-256 curve and SHA-384.

Even though this specific combination is not recommended by ring, the verify_signature method already supports other not recommended combinations.

Moreover, this used to work until the release 0.12.0, but stopped with the 0.13.0 one.

chifflier commented 2 years ago

Good catch, thanks! Scheduled for the next bugfix release.