]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Revert "Use _gnutls_dsa_q_to_hash() only for warning reasons."
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 26 Aug 2012 19:18:53 +0000 (21:18 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sun, 26 Aug 2012 19:18:53 +0000 (21:18 +0200)
This reverts commit 8bb82a3d386abc1c59cb16d3a6d8c68fb66a2170.

lib/nettle/pk.c

index 126374b16984e596a34f10533ae263cf0f884100..41a0fb1af1fafc629f34f3fba3757b3b06c896f9 100644 (file)
@@ -481,15 +481,10 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo,
         memcpy (&sig.s, tmp[1], sizeof (sig.s));
 
         _gnutls_dsa_q_to_hash (algo, pk_params, &hash_len);
-
         if (hash_len > vdata->size)
-          {
-            gnutls_assert ();
-            _gnutls_debug_log("Security level of algorithm requires a hash of %d bytes or better (have %d)\n", hash_len, (int)vdata->size);
-            hash_len = vdata->size;
-          }
+          hash_len = vdata->size;
 
-        ret = ecc_verify_hash(&sig, vdata->data, vdata->size, &stat, &pub);
+        ret = ecc_verify_hash(&sig, vdata->data, hash_len, &stat, &pub);
         if (ret != 0 || stat != 1)
           {
             gnutls_assert();
@@ -521,13 +516,9 @@ _wrap_nettle_pk_verify (gnutls_pk_algorithm_t algo,
 
         _gnutls_dsa_q_to_hash (algo, pk_params, &hash_len);
         if (hash_len > vdata->size)
-          {
-            gnutls_assert ();
-            _gnutls_debug_log("Security level of algorithm requires a hash of %d bytes or better (have %d)\n", hash_len, (int)vdata->size);
-            hash_len = vdata->size;
-          }
+          hash_len = vdata->size;
 
-        ret = _dsa_verify (&pub, vdata->size, vdata->data, &sig);
+        ret = _dsa_verify (&pub, hash_len, vdata->data, &sig);
         if (ret == 0)
           {
             gnutls_assert();