diff options
-rw-r--r-- | lib/gnutls_handshake.c | 12 | ||||
-rw-r--r-- | lib/gnutls_pk.c | 4 | ||||
-rw-r--r-- | lib/gnutls_state.c | 4 |
3 files changed, 14 insertions, 6 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 7c10fbbc67..83dc54e78c 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -236,7 +236,7 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) else { _gnutls_hash_deinit (&td_sha, concat); - len = 20; + len = _gnutls_hash_get_algo_len (td_sha.algorithm); } if (type == GNUTLS_SERVER) @@ -2170,6 +2170,8 @@ _gnutls_abort_handshake (gnutls_session_t session, int ret) inline static int _gnutls_handshake_hash_init (gnutls_session_t session) { + gnutls_protocol_t ver = gnutls_protocol_get_version (session); + gnutls_digest_algorithm_t hash_algo = GNUTLS_MAC_SHA1; if (session->internals.handshake_mac_handle_init == 0) { @@ -2183,9 +2185,15 @@ _gnutls_handshake_hash_init (gnutls_session_t session) return ret; } + /* The algorithm to compute hash over handshake messages must be + same as the one used as the basis for PRF. By now we use + SHA256. */ + if (_gnutls_version_has_selectable_prf (ver)) + hash_algo = GNUTLS_MAC_SHA256; + ret = _gnutls_hash_init (&session->internals.handshake_mac_handle_sha, - GNUTLS_MAC_SHA1); + hash_algo); if (ret < 0) { gnutls_assert (); diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c index ff9fbf1887..ccd98a4a57 100644 --- a/lib/gnutls_pk.c +++ b/lib/gnutls_pk.c @@ -500,8 +500,8 @@ _gnutls_dsa_verify (const gnutls_datum_t * vdata, pk_params.params[i] = params[i]; pk_params.params_nr = params_len; - if (vdata->size != 20) - { /* sha-1 only */ + if (vdata->size > 20) + { /* SHA1 or better only */ gnutls_assert (); return GNUTLS_E_PK_SIG_VERIFY_FAILED; } diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index e1bfc66fec..fede2a0011 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -785,7 +785,7 @@ _gnutls_P_hash (gnutls_mac_algorithm_t algorithm, digest_hd_st td2; int i, times, how, blocksize, A_size; - opaque final[20], Atmp[MAX_SEED_SIZE]; + opaque final[MAX_HASH_SIZE], Atmp[MAX_SEED_SIZE]; int output_bytes, result; if (seed_size > MAX_SEED_SIZE || total_bytes <= 0) @@ -906,7 +906,7 @@ _gnutls_PRF (gnutls_session_t session, if (_gnutls_version_has_selectable_prf(ver)) { result = - _gnutls_P_hash (GNUTLS_MAC_SHA1, secret, secret_size, + _gnutls_P_hash (GNUTLS_MAC_SHA256, secret, secret_size, s_seed, s_seed_size, total_bytes, ret); if (result < 0) { |