mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-29 08:34:19 +01:00
Fix sig_alg extension on client.
Temporary solution on server.
This commit is contained in:
parent
bfe32efb9b
commit
d11eb7c789
@ -147,6 +147,7 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
|
|||||||
/*
|
/*
|
||||||
* Prepare signature_algorithms extension (TLS 1.2)
|
* Prepare signature_algorithms extension (TLS 1.2)
|
||||||
*/
|
*/
|
||||||
|
#if defined(POLARSSL_RSA_C)
|
||||||
#if defined(POLARSSL_SHA512_C)
|
#if defined(POLARSSL_SHA512_C)
|
||||||
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
|
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
|
||||||
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
|
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
|
||||||
@ -167,6 +168,29 @@ static void ssl_write_signature_algorithms_ext( ssl_context *ssl,
|
|||||||
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
|
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
|
||||||
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
|
sig_alg_list[sig_alg_len++] = SSL_SIG_RSA;
|
||||||
#endif
|
#endif
|
||||||
|
#endif /* POLARSSL_RSA_C */
|
||||||
|
#if defined(POLARSSL_ECDSA_C)
|
||||||
|
#if defined(POLARSSL_SHA512_C)
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA512;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA384;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||||
|
#endif
|
||||||
|
#if defined(POLARSSL_SHA256_C)
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA256;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA224;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||||
|
#endif
|
||||||
|
#if defined(POLARSSL_SHA1_C)
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_HASH_SHA1;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||||
|
#endif
|
||||||
|
#if defined(POLARSSL_MD5_C)
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_HASH_MD5;
|
||||||
|
sig_alg_list[sig_alg_len++] = SSL_SIG_ECDSA;
|
||||||
|
#endif
|
||||||
|
#endif /* POLARSSL_ECDSA_C */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* enum {
|
* enum {
|
||||||
|
@ -442,12 +442,10 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
|
|||||||
p = buf + 2;
|
p = buf + 2;
|
||||||
while( sig_alg_list_size > 0 )
|
while( sig_alg_list_size > 0 )
|
||||||
{
|
{
|
||||||
if( p[1] != SSL_SIG_RSA )
|
/*
|
||||||
{
|
* For now, just ignore signature algorithm and rely on offered
|
||||||
sig_alg_list_size -= 2;
|
* ciphersuites only. To be fixed later.
|
||||||
p += 2;
|
*/
|
||||||
continue;
|
|
||||||
}
|
|
||||||
#if defined(POLARSSL_SHA512_C)
|
#if defined(POLARSSL_SHA512_C)
|
||||||
if( p[0] == SSL_HASH_SHA512 )
|
if( p[0] == SSL_HASH_SHA512 )
|
||||||
{
|
{
|
||||||
|
Loading…
Reference in New Issue
Block a user