mirrors/utls

Fork 0

mirror of https://github.com/refraction-networking/utls.git synced 2025-04-05 04:57:35 +03:00

Commit graph

Author	SHA1	Message	Date
Joël Stemmer	c1444f153a	crypto/tls: return correct hash function when using client certificates in handshake Commit f1d669aee994b28e1afcfe974680565932d25b70 added support for AES_256_GCM_SHA384 cipher suites as specified in RFC5289. However, it did not take the arbitrary hash function into account in the TLS client handshake when using client certificates. The hashForClientCertificate method always returned SHA256 as its hashing function, even if it actually used a different one to calculate its digest. Setting up the connection would eventually fail with the error "tls: failed to sign handshake with client certificate: crypto/rsa: input must be hashed message". Included is an additional test for this specific situation that uses the SHA384 hash. Fixes #9808 Change-Id: Iccbf4ab225633471ef897907c208ad31f92855a3 Reviewed-on: https://go-review.googlesource.com/7040 Reviewed-by: Adam Langley <agl@golang.org> Run-TryBot: Adam Langley <agl@golang.org>	2015-03-16 23:38:51 +00:00
Jacob H. Haven	01861d435c	crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289 Generalizes PRF calculation for TLS 1.2 to support arbitrary hashes (SHA-384 instead of SHA-256). Testdata were all updated to correspond with the new cipher suites in the handshake. Change-Id: I3d9fc48c19d1043899e38255a53c80dc952ee08f Reviewed-on: https://go-review.googlesource.com/3265 Reviewed-by: Adam Langley <agl@golang.org>	2015-02-04 00:18:14 +00:00
Russ Cox	bb890c0d27	build: move package sources from src/pkg to src Preparation was in CL 134570043. This CL contains only the effect of 'hg mv src/pkg/* src'. For more about the move, see golang.org/s/go14nopkg.	2014-09-08 00:08:51 -04:00

Author

SHA1

Message

Date

Joël Stemmer

c1444f153a

crypto/tls: return correct hash function when using client certificates in handshake

Commit f1d669aee994b28e1afcfe974680565932d25b70 added support for
AES_256_GCM_SHA384 cipher suites as specified in RFC5289. However, it
did not take the arbitrary hash function into account in the TLS client
handshake when using client certificates.

The hashForClientCertificate method always returned SHA256 as its
hashing function, even if it actually used a different one to calculate
its digest. Setting up the connection would eventually fail with the
error "tls: failed to sign handshake with client certificate:
crypto/rsa: input must be hashed message".

Included is an additional test for this specific situation that uses the
SHA384 hash.

Fixes #9808

Change-Id: Iccbf4ab225633471ef897907c208ad31f92855a3
Reviewed-on: https://go-review.googlesource.com/7040
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>

2015-03-16 23:38:51 +00:00

Jacob H. Haven

01861d435c

crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289

Generalizes PRF calculation for TLS 1.2 to support arbitrary hashes (SHA-384 instead of SHA-256).
Testdata were all updated to correspond with the new cipher suites in the handshake.

Change-Id: I3d9fc48c19d1043899e38255a53c80dc952ee08f
Reviewed-on: https://go-review.googlesource.com/3265
Reviewed-by: Adam Langley <agl@golang.org>

2015-02-04 00:18:14 +00:00

Russ Cox

bb890c0d27

build: move package sources from src/pkg to src

Preparation was in CL 134570043.
This CL contains only the effect of 'hg mv src/pkg/* src'.
For more about the move, see golang.org/s/go14nopkg.

2014-09-08 00:08:51 -04:00

3 commits