Fix sig_alg extension on client.

Temporary solution on server.
This commit is contained in:
Manuel Pégourié-Gonnard 2013-08-22 15:57:15 +02:00
parent bfe32efb9b
commit d11eb7c789
2 changed files with 28 additions and 6 deletions

View File

@ -147,6 +147,7 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
/*
* Prepare signature_algorithms extension (TLS 1.2)
*/
#if defined(POLARSSL_RSA_C)
#if defined(POLARSSL_SHA512_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
@ -167,6 +168,29 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
#endif
#endif /* POLARSSL_RSA_C */
#if defined(POLARSSL_ECDSA_C)
#if defined(POLARSSL_SHA512_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384;
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
#endif
#if defined(POLARSSL_SHA256_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256;
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224;
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
#endif
#if defined(POLARSSL_SHA1_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA1;
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
#endif
#if defined(POLARSSL_MD5_C)
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
#endif
#endif /* POLARSSL_ECDSA_C */
/*
* enum {

View File

@ -442,12 +442,10 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
p = buf + 2;
while( sig_alg_list_size > 0 )
{
if( p[1] != SSL_SIG_RSA )
{
sig_alg_list_size -= 2;
p += 2;
continue;
}
/*
* For now, just ignore signature algorithm and rely on offered
* ciphersuites only. To be fixed later.
*/
#if defined(POLARSSL_SHA512_C)
if( p[0] == SSL_HASH_SHA512 )
{