net/third_party/nss/ssl/ssl3con.c - Issue 23596013: Prefer to generate SHA-1 signatures for TLS 1.2 client authentication if

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/third_party/nss/ssl/ssl3con.c

Issue 23596013: Prefer to generate SHA-1 signatures for TLS 1.2 client authentication if (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Created 7 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/third_party/nss/ssl/ssl3con.c

===================================================================

--- net/third_party/nss/ssl/ssl3con.c (revision 220983)

+++ net/third_party/nss/ssl/ssl3con.c (working copy)

@@ -3934,7 +3934,6 @@

return SECFailure;

}

-#ifdef _WIN32

/* A backup SHA-1 hash for a potential client auth signature. */

if (!ss->sec.isServer) {

ss->ssl3.hs.md5 = PK11_CreateDigestContext(SEC_OID_SHA1);

@@ -3948,7 +3947,6 @@

return SECFailure;

}

-#endif

} else {

/* Both ss->ssl3.hs.md5 and ss->ssl3.hs.sha should be NULL or

* created successfully. */

@@ -7049,14 +7047,40 @@

if (isTLS12 && ss->ssl3.hs.md5) {

PRBool need_backup_hash = PR_FALSE;

+ PRBool prefer_sha1 = PR_FALSE;

#ifdef _WIN32

/* If the key is in CAPI, assume conservatively that the CAPI

* service provider may be unable to sign SHA-256 hashes.

- * Use SHA-1 if the server supports it. */

+ */

if (ss->ssl3.platformClientKey->dwKeySpec !=

CERT_NCRYPT_KEY_SPEC) {

+ /* CAPI only supports RSA and DSA signatures, so we don't

+ * need to check the key type. */

+ prefer_sha1 = PR_TRUE;

+ }

+#endif /* _WIN32 */

+ /* If the key is a 1024-bit RSA or DSA key, assume

+ * conservatively that it may be unable to sign SHA-256

+ * hashes. This is the case for older Estonian ID cards that

+ * have 1024-bit RSA keys. In FIPS 186-2 and older, DSA key

+ * size is at most 1024 bits and the hash function must be

+ * SHA-1.

+ */

+ if (!prefer_sha1) {

+ SECKEYPublicKey *pubk =

+ CERT_ExtractPublicKey(ss->ssl3.clientCertificate);

+ if (pubk == NULL) {

+ errCode = SSL_ERROR_EXTRACT_PUBLIC_KEY_FAILURE;

+ goto loser;

+ }

+ if (pubk->keyType == rsaKey || pubk->keyType == dsaKey) {

+ prefer_sha1 = SECKEY_PublicKeyStrength(pubk) <= 128;

wtc 2013/09/05 21:53:21 SECKEY_PublicKeyStrength returns the key size in b

+ }

+ SECKEY_DestroyPublicKey(pubk);

+ }

+ /* Use SHA-1 if the server supports it. */

+ if (prefer_sha1) {

for (i = 0; i < algorithms.len; i += 2) {

- /* CAPI only supports RSA and DSA signatures. */

if (algorithms.data[i] == tls_hash_sha1 &&

(algorithms.data[i+1] == tls_sig_rsa ||

algorithms.data[i+1] == tls_sig_dsa)) {

@@ -7065,7 +7089,6 @@

}

-#endif /* _WIN32 */

if (!need_backup_hash) {

PK11_DestroyContext(ss->ssl3.hs.md5, PR_TRUE);

ss->ssl3.hs.md5 = NULL;

« no previous file with comments | « net/third_party/nss/patches/tls12backuphash.patch ('k') | net/third_party/nss/ssl/sslimpl.h » ('j') | no next file with comments »