> From: openssl-users On Behalf Of Rajeswari K > Sent: Monday, February 16, 2015 03:05 > Our current signature and verification logics are working just fine > with TLS1.0 and TLS1.1 for ECDHE_ECDSA cipher suite. > But, when tested the same cipher suite with TLS1.2, SSL handshake > always failing with "bad signature". > Do we need to take care of anything specific for TLS1.2 handshake? Not as such. But you do need to correctly handle truncating a hash to be signed/verified that is longer than the key size, both in bits, as shown in OpenSSL's implementation in ecs_ossl.c. That case will occur for TLS1.2 if SHA512 is offered and chosen for the hash and the key in use is a 384-bit key, which your previous questions have suggested. That case will only occur for 1.0 and 1.1 only if using a key too small to be secure, which obviously you shouldn't do.
