mirror of
https://github.com/refraction-networking/utls.git
synced 2025-04-04 20:47:36 +03:00
[dev.boringcrypto] all: merge master into dev.boringcrypto
Change-Id: I9246c8228d38559c40e69fa403fa946ac1b31dbe
This commit is contained in:
Filippo Valsorda
commit
96f0ccfb2d
41 changed files with 2727 additions and 1977 deletions
|
|
@ -10,7 +10,6 @@ import (
|
|||
"crypto/hmac"
|
||||
"crypto/rsa"
|
||||
"errors"
|
||||
"fmt"
|
||||
"hash"
|
||||
"sync/atomic"
|
||||
"time"
|
||||
|
|
@ -453,7 +452,7 @@ func (hs *clientHandshakeStateTLS13) readServerCertificate() error {
|
|||
}
|
||||
|
||||
// See RFC 8446, Section 4.4.3.
|
||||
if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms()) {
|
||||
if !isSupportedSignatureAlgorithm(certVerify.signatureAlgorithm, supportedSignatureAlgorithms(VersionTLS13)) {
|
||||
c.sendAlert(alertIllegalParameter)
|
||||
return errors.New("tls: invalid certificate signature algorithm")
|
||||
}
|
||||
|
|
@ -552,7 +551,7 @@ func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
|
|||
return err
|
||||
}
|
||||
|
||||
// If the client is sending an empty certificate message, skip the CertificateVerify.
|
||||
// If we sent an empty certificate message, skip the CertificateVerify.
|
||||
if len(cert.Certificate) == 0 {
|
||||
return nil
|
||||
}
|
||||
|
|
@ -560,10 +559,10 @@ func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
|
|||
certVerifyMsg := new(certificateVerifyMsg)
|
||||
certVerifyMsg.hasSignatureAlgorithm = true
|
||||
|
||||
supportedAlgs := signatureSchemesForCertificate(cert)
|
||||
supportedAlgs := signatureSchemesForCertificate(c.vers, cert)
|
||||
if supportedAlgs == nil {
|
||||
c.sendAlert(alertInternalError)
|
||||
return fmt.Errorf("tls: unsupported certificate key (%T)", cert.PrivateKey)
|
||||
return unsupportedCertificateError(cert)
|
||||
}
|
||||
// Pick signature scheme in server preference order, as the client
|
||||
// preference order is not configurable.
|
||||
|
|
@ -573,14 +572,17 @@ func (hs *clientHandshakeStateTLS13) sendClientCertificate() error {
|
|||
break
|
||||
}
|
||||
}
|
||||
if certVerifyMsg.signatureAlgorithm == 0 {
|
||||
// getClientCertificate returned a certificate incompatible with the
|
||||
// CertificateRequestInfo supported signature algorithms.
|
||||
c.sendAlert(alertHandshakeFailure)
|
||||
return errors.New("tls: server doesn't support selected certificate")
|
||||
}
|
||||
|
||||
sigType := signatureFromSignatureScheme(certVerifyMsg.signatureAlgorithm)
|
||||
sigHash, err := hashFromSignatureScheme(certVerifyMsg.signatureAlgorithm)
|
||||
if sigType == 0 || err != nil {
|
||||
// getClientCertificate returned a certificate incompatible with the
|
||||
// CertificateRequestInfo supported signature algorithms.
|
||||
c.sendAlert(alertInternalError)
|
||||
return err
|
||||
return c.sendAlert(alertInternalError)
|
||||
}
|
||||
h := sigHash.New()
|
||||
writeSignedMessage(h, clientSignatureContext, hs.transcript)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue