diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-25 11:12:33 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-05-29 08:23:49 +0200 |
commit | 2e9ef4138440832d5cb39c47d021f882bf15a25e (patch) | |
tree | 2ef382a3c354995bf320a5d01d2ebb0243c231ae /lib/errors.c | |
parent | 7822f10e9229af74998b3daeafcf9e7f22bc0f8d (diff) | |
download | gnutls-2e9ef4138440832d5cb39c47d021f882bf15a25e.tar.gz |
gnutls_pubkey_verify_hash2: corrected operation with RSA-PSS keys
That is, do not check the flag GNUTLS_VERIFY_USE_RSA_PSS, as we
already have enough information to determine whether an RSA-PSS
signature is used (the sign algorithm). Also return the code
GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY when a signature algorithm
incompatible with the public key is encountered.
In addition, fixed few misplacements of GNUTLS_PK_RSA_PSS in switch
cases.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/errors.c')
-rw-r--r-- | lib/errors.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/errors.c b/lib/errors.c index b77ba48b1d..bd39172803 100644 --- a/lib/errors.c +++ b/lib/errors.c @@ -412,6 +412,8 @@ static const gnutls_error_entry error_entries[] = { GNUTLS_E_PK_INVALID_PRIVKEY), ERROR_ENTRY(N_("The DER time encoding is invalid."), GNUTLS_E_ASN1_TIME_ERROR), + ERROR_ENTRY(N_("The signature is incompatible with the public key."), + GNUTLS_E_INCOMPATIBLE_SIG_WITH_KEY), {NULL, NULL, 0} }; |