On 09/01/2012 07:32 PM, brian m. carlson wrote: > On Sat, Sep 01, 2012 at 10:31:55AM +0200, Nikos Mavrogiannopoulos wrote: >> Interesting case. >>> |<3>| HSK[0x188ae60]: Selected ECC curve SECP384R1 (3) >>> |<3>| HSK[0x188ae60]: verify handshake data: using ECDSA-SHA256 >>> |<2>| ASSERT: gnutls_sig.c:365 >> >> I suppose that your server's certificate has the SECP384R1 curve, is >> that right? In that case the server should have used the SHA-384 or >> SHA-512 hash algorithms (see >> http://tools.ietf.org/html/rfc5480#section-4 ). However your server used >> SHA-256 instead and that's why gnutls complains. > Yes, that is the case. I suppose this is a bug in OpenSSL?
Unfortunately yes, and I'm afraid the issue may be bigger. IETF has failed to clarify details of ECDSA/DSA usage and this is one of the side-effects. That's why I think I'll deviate from the ECDSA protocol to support those buggy implementations. regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
