[sr #107785] gnutls_sign_func called with hash size of 20 bytes

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Sep 23 14:30:28 CEST 2011


On 09/23/2011 02:16 PM, Bjørn Christensen wrote:

> I have got it working with TLS1.2 also by determine the Hash Algorithm by the size of the Hash.

In TLS 1.2 truncated hashes are allowed. Thus you'll not be able to 
distinguish between SHA256 truncated to 20 bytes from SHA1. This is not 
a common case (I suppose no-one uses it) but it is allowed.

regards,
Nikos




More information about the Gnutls-devel mailing list