|
 |
1b6f66 |
--- nss/lib/ssl/ssl3con.prekai 2016-03-23 08:29:25.000000000 -0400
|
|
|
1b6f66 |
+++ nss/lib/ssl/ssl3con.c 2016-03-29 15:00:44.457697131 -0400
|
|
|
1b6f66 |
@@ -204,6 +204,7 @@
|
|
|
1b6f66 |
{ssl_hash_sha512, ssl_sign_ecdsa},
|
|
|
1b6f66 |
{ssl_hash_sha1, ssl_sign_ecdsa},
|
|
|
1b6f66 |
#endif
|
|
|
1b6f66 |
+ {ssl_hash_sha384, ssl_sign_dsa},
|
|
|
1b6f66 |
{ssl_hash_sha256, ssl_sign_dsa},
|
|
|
1b6f66 |
{ssl_hash_sha1, ssl_sign_dsa}
|
|
|
1b6f66 |
};
|
|
|
1b6f66 |
@@ -270,27 +271,6 @@
|
|
|
1b6f66 |
ct_DSS_sign,
|
|
|
1b6f66 |
};
|
|
|
1b6f66 |
|
|
|
1b6f66 |
-/* This block is the contents of the supported_signature_algorithms field of
|
|
|
1b6f66 |
- * our TLS 1.2 CertificateRequest message, in wire format. See
|
|
|
1b6f66 |
- * https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1
|
|
|
1b6f66 |
- *
|
|
|
1b6f66 |
- * We only support TLS 1.2
|
|
|
1b6f66 |
- * CertificateVerify messages that use the handshake PRF hash. */
|
|
|
1b6f66 |
-static const PRUint8 supported_signature_algorithms_sha256[] = {
|
|
|
1b6f66 |
- tls_hash_sha256, tls_sig_rsa,
|
|
|
1b6f66 |
-#ifndef NSS_DISABLE_ECC
|
|
|
1b6f66 |
- tls_hash_sha256, tls_sig_ecdsa,
|
|
|
1b6f66 |
-#endif
|
|
|
1b6f66 |
- tls_hash_sha256, tls_sig_dsa,
|
|
|
1b6f66 |
-};
|
|
|
1b6f66 |
-static const PRUint8 supported_signature_algorithms_sha384[] = {
|
|
|
1b6f66 |
- tls_hash_sha384, tls_sig_rsa,
|
|
|
1b6f66 |
-#ifndef NSS_DISABLE_ECC
|
|
|
1b6f66 |
- tls_hash_sha384, tls_sig_ecdsa,
|
|
|
1b6f66 |
-#endif
|
|
|
1b6f66 |
- tls_hash_sha384, tls_sig_dsa,
|
|
|
1b6f66 |
-};
|
|
|
1b6f66 |
-
|
|
|
1b6f66 |
#define EXPORT_RSA_KEY_LENGTH 64 /* bytes */
|
|
|
1b6f66 |
|
|
|
1b6f66 |
|
|
|
1b6f66 |
@@ -9561,7 +9541,8 @@
|
|
|
1b6f66 |
}
|
|
|
1b6f66 |
|
|
|
1b6f66 |
static SECStatus
|
|
|
1b6f66 |
-ssl3_EncodeCertificateRequestSigAlgs(sslSocket *ss, PRUint8 *buf,
|
|
|
1b6f66 |
+ssl3_EncodeCertificateRequestSigAlgs(sslSocket *ss, PRUint8 allowedHashAlg,
|
|
|
1b6f66 |
+ PRUint8 *buf,
|
|
|
1b6f66 |
unsigned maxLen, PRUint32 *len)
|
|
|
1b6f66 |
{
|
|
|
1b6f66 |
unsigned int i;
|
|
|
1b6f66 |
@@ -9578,7 +9559,7 @@
|
|
|
1b6f66 |
/* Note that we don't support a handshake hash with anything other than
|
|
|
1b6f66 |
* SHA-256, so asking for a signature from clients for something else
|
|
|
1b6f66 |
* would be inviting disaster. */
|
|
|
1b6f66 |
- if (alg->hashAlg == ssl_hash_sha256 || alg->hashAlg == ssl_hash_sha384) {
|
|
|
1b6f66 |
+ if (alg->hashAlg == allowedHashAlg) {
|
|
|
1b6f66 |
buf[(*len)++] = (PRUint8)alg->hashAlg;
|
|
|
1b6f66 |
buf[(*len)++] = (PRUint8)alg->sigAlg;
|
|
|
1b6f66 |
}
|
|
|
1b6f66 |
@@ -9608,6 +9589,7 @@
|
|
|
1b6f66 |
PRUint8 sigAlgs[MAX_SIGNATURE_ALGORITHMS * 2];
|
|
|
1b6f66 |
unsigned int sigAlgsLength = 0;
|
|
|
1b6f66 |
SECOidData *hashOid;
|
|
|
1b6f66 |
+ PRUint8 allowedHashAlg;
|
|
|
1b6f66 |
|
|
|
1b6f66 |
SSL_TRC(3, ("%d: SSL3[%d]: send certificate_request handshake",
|
|
|
1b6f66 |
SSL_GETPID(), ss->fd));
|
|
|
1b6f66 |
@@ -9639,19 +9621,19 @@
|
|
|
1b6f66 |
if (hashOid == NULL) {
|
|
|
1b6f66 |
return SECFailure; /* err set by AppendHandshake. */
|
|
|
1b6f66 |
}
|
|
|
1b6f66 |
+
|
|
|
1b6f66 |
if (hashOid->offset == SEC_OID_SHA256) {
|
|
|
1b6f66 |
- sigAlgsLength = sizeof supported_signature_algorithms_sha256;
|
|
|
1b6f66 |
- PORT_Memcpy(sigAlgs, supported_signature_algorithms_sha256, sigAlgsLength);
|
|
|
1b6f66 |
+ allowedHashAlg = ssl_hash_sha256;
|
|
|
1b6f66 |
} else if (hashOid->offset == SEC_OID_SHA384) {
|
|
|
1b6f66 |
- sigAlgsLength = sizeof supported_signature_algorithms_sha384;
|
|
|
1b6f66 |
- PORT_Memcpy(sigAlgs, supported_signature_algorithms_sha384, sigAlgsLength);
|
|
|
1b6f66 |
+ allowedHashAlg = ssl_hash_sha384;
|
|
|
1b6f66 |
} else {
|
|
|
1b6f66 |
return SECFailure; /* err set by AppendHandshake. */
|
|
|
1b6f66 |
}
|
|
|
1b6f66 |
|
|
|
1b6f66 |
length = 1 + certTypesLength + 2 + calen;
|
|
|
1b6f66 |
if (isTLS12) {
|
|
|
1b6f66 |
- rv = ssl3_EncodeCertificateRequestSigAlgs(ss, sigAlgs, sizeof(sigAlgs),
|
|
|
1b6f66 |
+ rv = ssl3_EncodeCertificateRequestSigAlgs(ss, allowedHashAlg,
|
|
|
1b6f66 |
+ sigAlgs, sizeof(sigAlgs),
|
|
|
1b6f66 |
&sigAlgsLength);
|
|
|
1b6f66 |
if (rv != SECSuccess) {
|
|
|
1b6f66 |
return rv;
|