summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2012-08-26 20:04:47 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2012-08-26 20:04:47 +0200
commit8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170 (patch)
tree757172bac89f74881520800e65baf1a486f1c69b
parent19c9b16e562a00b8aa9bcc4e39599ad41a049b2d (diff)
downloadgnutls-8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170.tar.gz
Use _gnutls_dsa_q_to_hash() only for warning reasons.
Diffstat
-rw-r--r--lib/nettle/pk.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index 41a0fb1af1..126374b169 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -481,10 +481,15 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo,
memcpy (&sig.s, tmp[1], sizeof (sig.s));
_gnutls_dsa_q_to_hash (algo, pk_params, &hash_len);
+
if (hash_len > vdata->size)
- hash_len = vdata->size;
+ {
+ gnutls_assert ();
+ _gnutls_debug_log("Security level of algorithm requires a hash of %d bytes or better (have %d)\n", hash_len, (int)vdata->size);
+ hash_len = vdata->size;
+ }
- ret = ecc_verify_hash(&sig, vdata->data, hash_len, &stat, &pub);
+ ret = ecc_verify_hash(&sig, vdata->data, vdata->size, &stat, &pub);
if (ret != 0 || stat != 1)
{
gnutls_assert();
@@ -516,9 +521,13 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo,
_gnutls_dsa_q_to_hash (algo, pk_params, &hash_len);
if (hash_len > vdata->size)
- hash_len = vdata->size;
+ {
+ gnutls_assert ();
+ _gnutls_debug_log("Security level of algorithm requires a hash of %d bytes or better (have %d)\n", hash_len, (int)vdata->size);
+ hash_len = vdata->size;
+ }
- ret = _dsa_verify (&pub, hash_len, vdata->data, &sig);
+ ret = _dsa_verify (&pub, vdata->size, vdata->data, &sig);
if (ret == 0)
{
gnutls_assert();
View Lorry Controller Status