gnutls-commit
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-91-gc0aae93

From: Nikos Mavrogiannopoulos
Subject: [SCM] GNU gnutls branch, master, updated. gnutls_2_99_1-91-gc0aae93
Date: Mon, 23 May 2011 20:58:07 +0000 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=c0aae931debb4b059647d5c90a7f903b804f74af

The branch, master has been updated
       via  c0aae931debb4b059647d5c90a7f903b804f74af (commit)
       via  e22fc7cc7bd584c476c726f03b90ef84044ed393 (commit)
      from  fc2b813d1a6034e45906ed014c6a1babe8555bd5 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c0aae931debb4b059647d5c90a7f903b804f74af
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Mon May 23 22:57:59 2011 +0200

    Only warn on invalid security level hashes.

commit e22fc7cc7bd584c476c726f03b90ef84044ed393
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Mon May 23 22:57:26 2011 +0200

    SHA256 is the default hash algorithm in certtool.

-----------------------------------------------------------------------

Summary of changes:
 lib/nettle/pk.c |    8 ++------
 src/certtool.c  |    2 +-
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index cfa5285..39dd118 100644
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -364,9 +364,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
         if (hash_len > vdata->size)
           {
             gnutls_assert ();
-            _gnutls_debug_log("Asked to sign %d bytes with hash %s\n", 
vdata->size, gnutls_mac_get_name(hash));
-            ret = GNUTLS_E_PK_SIGN_FAILED;
-            goto ecdsa_fail;
+            _gnutls_debug_log("Security level of algorithm requires hash %s or 
better\n", gnutls_mac_get_name(hash));
           }
 
         ret = ecc_sign_hash(vdata->data, vdata->size, 
@@ -409,9 +407,7 @@ _wrap_nettle_pk_sign (gnutls_pk_algorithm_t algo,
         if (hash_len > vdata->size)
           {
             gnutls_assert ();
-            _gnutls_debug_log("Asked to sign %d bytes with hash %s\n", 
vdata->size, gnutls_mac_get_name(hash));
-            ret = GNUTLS_E_PK_SIGN_FAILED;
-            goto dsa_fail;
+            _gnutls_debug_log("Security level of algorithm requires hash %s or 
better\n", gnutls_mac_get_name(hash));
           }
 
         ret =
diff --git a/src/certtool.c b/src/certtool.c
index dce9c54..f35efbb 100644
--- a/src/certtool.c
+++ b/src/certtool.c
@@ -50,7 +50,7 @@
 #include "certtool-gaa.h"
 #include "certtool-common.h"
 
-#define SIGN_HASH GNUTLS_DIG_SHA1
+#define SIGN_HASH GNUTLS_DIG_SHA256
 
 static void privkey_info_int (gnutls_x509_privkey_t key);
 static void print_crl_info (gnutls_x509_crl_t crl, FILE * out);


hooks/post-receive
-- 
GNU gnutls
reply via email to
[Prev in Thread] Current Thread [Next in Thread]