diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-03-21 16:46:30 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-03-21 16:47:36 +0100 |
| commit | 2f28a301dcda092626833b58ba95ebc2187bebb6 (patch) | |
| tree | b0f00701fb420f5c1738a4395ac36a87fafcbdb9 | |
| parent | 35a22b43060dfd90f2a371f3a141db8282142e69 (diff) | |
| download | gnutls-2f28a301dcda092626833b58ba95ebc2187bebb6.tar.gz | |
correct issue with the (deprecated) external key signing and TLS 1.2
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | lib/gnutls_sig.c | 2 |
2 files changed, 4 insertions, 1 deletions
@@ -15,6 +15,9 @@ modules, and not only the ones loaded via p11-kit. ** libgnutls: Load CA certificates in android 4.x systems. +** libgnutls: Corrected issue in the (deprecated) external key +signing interface, when used with TLS 1.2. Reported by Bjorn H. Christensen. + ** libgnutls: PKCS #11 slots are scanned only when needed, not on initialization. This speeds up gnutls initialization when smart cards are present. diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c index c6a0f166c3..b9a26bfc0f 100644 --- a/lib/gnutls_sig.c +++ b/lib/gnutls_sig.c @@ -244,7 +244,7 @@ sign_tls_hash (gnutls_session_t session, gnutls_digest_algorithm_t hash_algo, if (ret < 0) return gnutls_assert_val(ret); - ret = pk_prepare_hash (gnutls_privkey_get_pk_algorithm(pkey, NULL), hash_algo, &digest); + ret = pk_prepare_hash (gnutls_pubkey_get_pk_algorithm(cert->pubkey, NULL), hash_algo, &digest); if (ret < 0) { gnutls_assert (); |