[openssl-users] i2d and d2i fucntions

Dave Thompson dthompson at prinpay.com
Mon Feb 16 18:23:46 UTC 2015

> From: openssl-users On Behalf Of Rajeswari K
> Sent: Monday, February 16, 2015 03:05

> Our current signature and verification logics are working just fine 
> with TLS1.0 and TLS1.1 for ECDHE_ECDSA cipher suite.

> But, when tested the same cipher suite with TLS1.2, SSL handshake 
> always failing with "bad signature".

> Do we need to take care of anything specific for TLS1.2 handshake?

Not as such. But you do need to correctly handle truncating a hash 
to be signed/verified that is longer than the key size, both in bits, 
as shown in OpenSSL's implementation in ecs_ossl.c.

That case will occur for TLS1.2 if SHA512 is offered and chosen for the 
hash and the key in use is a 384-bit key, which your previous questions 
have suggested. That case will only occur for 1.0 and 1.1 only if using 
a key too small to be secure, which obviously you shouldn't do.

More information about the openssl-users mailing list