tls13: server: Add comment when trying another sig alg

Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2022-09-27 10:02:42 +02:00
parent b72dac4ed7
commit c27a9074c4

View file

@ -1021,6 +1021,12 @@ static int ssl_tls13_write_certificate_verify_body( mbedtls_ssl_context *ssl,
MBEDTLS_SSL_DEBUG_MSG( 2, ( "CertificateVerify signature failed with %s", MBEDTLS_SSL_DEBUG_MSG( 2, ( "CertificateVerify signature failed with %s",
mbedtls_ssl_sig_alg_to_str( *sig_alg ) ) ); mbedtls_ssl_sig_alg_to_str( *sig_alg ) ) );
MBEDTLS_SSL_DEBUG_RET( 2, "mbedtls_pk_sign_ext", ret ); MBEDTLS_SSL_DEBUG_RET( 2, "mbedtls_pk_sign_ext", ret );
/* The signature failed. This is possible if the private key
* was not suitable for the signature operation as purposely we
* did not check its suitability completely. Let's try with
* another signature algorithm.
*/
continue; continue;
} }