diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-09-01 19:07:18 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-09-16 22:10:31 +0200 |
| commit | 2360035b59e3b9a5d0ea6b20a3d32f5b18cdbbc7 (patch) | |
| tree | b0e9cceac7584e81293a98ea98a71629509fd0ed | |
| parent | 827114a45e4af37aa1986e9a444d3287fc6b7055 (diff) | |
| download | gnutls-2360035b59e3b9a5d0ea6b20a3d32f5b18cdbbc7.tar.gz | |
Be tolerant is ECDSA-violating signatures.
| -rw-r--r-- | lib/gnutls_pubkey.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c index f2be13031d..18541063c7 100644 --- a/lib/gnutls_pubkey.c +++ b/lib/gnutls_pubkey.c @@ -1532,6 +1532,7 @@ unsigned int sig_hash_size; else if (sign != GNUTLS_SIGN_UNKNOWN) { sig_hash_size = _gnutls_hash_get_algo_len(_gnutls_sign_get_hash_algorithm(sign)); + if (sig_hash_size < hash_size) _gnutls_audit_log(session, "The hash size used in signature (%u) is less than the expected (%u)\n", sig_hash_size, hash_size); } |