[dev.boringcrypto] all: merge master into dev.boringcrypto

Signing-side signature algorithm selection moved to selectSignatureScheme, so add FIPS logic there. Change-Id: I827e7296d01ecfd36072e2139e74603ef42c6b24
2025-04-03 20:17:36 +03:00 · 2019-11-19 15:20:53 -05:00 · 2019-11-19 15:20:53 -05:00 · c40e793800
commit c40e793800
parent dab13a5aaf 0c490ab182
59 changed files with 3191 additions and 3183 deletions
--- a/cipher_suites.go
+++ b/cipher_suites.go
@ -40,7 +40,7 @@ type keyAgreement interface {
 }

 const (
-	// suiteECDH indicates that the cipher suite involves elliptic curve
+	// suiteECDHE indicates that the cipher suite involves elliptic curve
 	// Diffie-Hellman. This means that it should only be selected when the
 	// client indicates that it supports ECC with a curve and point format
 	// that we're happy with.
@ -105,6 +105,24 @@ var cipherSuites = []*cipherSuite{
 	{TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, 16, 20, 0, ecdheECDSAKA, suiteECDHE | suiteECSign | suiteDefaultOff, cipherRC4, macSHA1, nil},
 }

+// selectCipherSuite returns the first cipher suite from ids which is also in
+// supportedIDs and passes the ok filter.
+func selectCipherSuite(ids, supportedIDs []uint16, ok func(*cipherSuite) bool) *cipherSuite {
+	for _, id := range ids {
+		candidate := cipherSuiteByID(id)
+		if candidate == nil || !ok(candidate) {
+			continue
+		}
+
+		for _, suppID := range supportedIDs {
+			if id == suppID {
+				return candidate
+			}
+		}
+	}
+	return nil
+}
+
 // A cipherSuiteTLS13 defines only the pair of the AEAD algorithm and hash
 // algorithm to be used with HKDF. See RFC 8446, Appendix B.4.
 type cipherSuiteTLS13 struct {