diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-09-16 23:12:21 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-09-16 23:12:21 +0200 |
commit | 804f01c627215d39d44694ecdcb2280558c72055 (patch) | |
tree | 3f2e4d890fb6ef6947f7a6b03fa3485ca836d028 | |
parent | 2360035b59e3b9a5d0ea6b20a3d32f5b18cdbbc7 (diff) | |
download | gnutls-804f01c627215d39d44694ecdcb2280558c72055.tar.gz |
fix ECDSA issues with openssl
-rw-r--r-- | lib/gnutls_pubkey.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/lib/gnutls_pubkey.c b/lib/gnutls_pubkey.c index 18541063c7..9b029fa2be 100644 --- a/lib/gnutls_pubkey.c +++ b/lib/gnutls_pubkey.c @@ -1660,16 +1660,18 @@ _pkcs1_rsa_verify_sig (gnutls_digest_algorithm_t hash_algo, /* Hashes input data and verifies a signature. */ static int -dsa_verify_hashed_data (const gnutls_datum_t * hash, +dsa_verify_hashed_data (gnutls_pk_algorithm_t pk, + gnutls_digest_algorithm_t algo, + const gnutls_datum_t * hash, const gnutls_datum_t * signature, - gnutls_pk_algorithm_t pk, gnutls_pk_params_st* params) { gnutls_datum_t digest; - unsigned int algo; unsigned int hash_len; - algo = _gnutls_dsa_q_to_hash (pk, params, &hash_len); + if (algo == GNUTLS_DIG_UNKNOWN) + algo = _gnutls_dsa_q_to_hash (pk, params, &hash_len); + else hash_len = _gnutls_hash_get_algo_len(algo); /* SHA1 or better allowed */ if (!hash->data || hash->size < hash_len) @@ -1742,7 +1744,7 @@ pubkey_verify_hashed_data (gnutls_pk_algorithm_t pk, case GNUTLS_PK_EC: case GNUTLS_PK_DSA: - if (dsa_verify_hashed_data(hash, signature, pk, issuer_params) != 0) + if (dsa_verify_hashed_data(pk, hash_algo, hash, signature, issuer_params) != 0) { gnutls_assert (); return GNUTLS_E_PK_SIG_VERIFY_FAILED; |