Fix selection of hash from sig_alg ClientHello ext.
This commit is contained in:
parent
ef5087d150
commit
480905d563
4 changed files with 28 additions and 10 deletions
|
@ -1,6 +1,10 @@
|
|||
PolarSSL ChangeLog (Sorted per branch, date)
|
||||
|
||||
= 1.3 branch
|
||||
Security
|
||||
* Lowest common hash was selected from signature_algorithms extension in
|
||||
TLS 1.2 (found by Darren Bane) (introduced in 1.3.8).
|
||||
|
||||
Bugfix
|
||||
* Support escaping of commas in x509_string_to_names()
|
||||
* Fix compile error in ssl_pthread_server (found by Julian Ospald).
|
||||
|
|
|
@ -53,13 +53,13 @@ static void polarssl_zeroize( void *v, size_t n ) {
|
|||
static const int supported_digests[] = {
|
||||
|
||||
#if defined(POLARSSL_SHA512_C)
|
||||
POLARSSL_MD_SHA384,
|
||||
POLARSSL_MD_SHA512,
|
||||
POLARSSL_MD_SHA384,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA256_C)
|
||||
POLARSSL_MD_SHA224,
|
||||
POLARSSL_MD_SHA256,
|
||||
POLARSSL_MD_SHA224,
|
||||
#endif
|
||||
|
||||
#if defined(POLARSSL_SHA1_C)
|
||||
|
|
|
@ -494,11 +494,16 @@ static int ssl_parse_signature_algorithms_ext( ssl_context *ssl,
|
|||
for( p = buf + 2; p < end; p += 2 ) {
|
||||
if( *md_cur == (int) ssl_md_alg_from_hash( p[0] ) ) {
|
||||
ssl->handshake->sig_alg = p[0];
|
||||
break;
|
||||
goto have_sig_alg;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* Some key echanges do not need signatures at all */
|
||||
SSL_DEBUG_MSG( 3, ( "no signature_algorithm in common" ) );
|
||||
return( 0 );
|
||||
|
||||
have_sig_alg:
|
||||
SSL_DEBUG_MSG( 3, ( "client hello v3, signature_algorithm ext: %d",
|
||||
ssl->handshake->sig_alg ) );
|
||||
|
||||
|
|
|
@ -235,32 +235,33 @@ run_test() {
|
|||
fi
|
||||
|
||||
# check other assertions
|
||||
# lines beginning with == are added by valgrind, ignore them
|
||||
while [ $# -gt 0 ]
|
||||
do
|
||||
case $1 in
|
||||
"-s")
|
||||
if grep "$2" $SRV_OUT >/dev/null; then :; else
|
||||
if grep -v '^==' $SRV_OUT | grep "$2" >/dev/null; then :; else
|
||||
fail "-s $2"
|
||||
return
|
||||
fi
|
||||
;;
|
||||
|
||||
"-c")
|
||||
if grep "$2" $CLI_OUT >/dev/null; then :; else
|
||||
if grep -v '^==' $CLI_OUT | grep "$2" >/dev/null; then :; else
|
||||
fail "-c $2"
|
||||
return
|
||||
fi
|
||||
;;
|
||||
|
||||
"-S")
|
||||
if grep "$2" $SRV_OUT >/dev/null; then
|
||||
if grep -v '^==' $SRV_OUT | grep "$2" >/dev/null; then
|
||||
fail "-S $2"
|
||||
return
|
||||
fi
|
||||
;;
|
||||
|
||||
"-C")
|
||||
if grep "$2" $CLI_OUT >/dev/null; then
|
||||
if grep -v '^==' $CLI_OUT | grep "$2" >/dev/null; then
|
||||
fail "-C $2"
|
||||
return
|
||||
fi
|
||||
|
@ -352,12 +353,20 @@ trap cleanup INT TERM HUP
|
|||
|
||||
# Basic test
|
||||
|
||||
# Checks that:
|
||||
# - things work with all ciphersuites active (used with config-full in all.sh)
|
||||
# - the expected (highest security) parameters are selected
|
||||
# ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
|
||||
run_test "Default" \
|
||||
"$P_SRV" \
|
||||
"$P_SRV debug_level=3" \
|
||||
"$P_CLI" \
|
||||
0 \
|
||||
-S "Last error was" \
|
||||
-C "Last error was"
|
||||
-s "Protocol is TLSv1.2" \
|
||||
-s "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
|
||||
-s "client hello v3, signature_algorithm ext: 6" \
|
||||
-s "ECDHE curve: secp521r1" \
|
||||
-S "error" \
|
||||
-C "error"
|
||||
|
||||
# Test for SSLv2 ClientHello
|
||||
|
||||
|
|
Loading…
Reference in a new issue