Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(20)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/tlslite/patches/certificate_request.patch

Issue 858373002: Update third_party/tlslite to 0.4.8. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: With rebased patches Created 5 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « third_party/tlslite/README.chromium ('k') | third_party/tlslite/patches/channel_id.patch » ('j') | third_party/tlslite/tlslite/tlsconnection.py » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/tlslite/patches/certificate_request.patch
diff --git a/third_party/tlslite/patches/certificate_request.patch b/third_party/tlslite/patches/certificate_request.patch
new file mode 100644
index 0000000000000000000000000000000000000000..64d653dcceffa93d61183b6b77f6959c0b44c1ef
--- /dev/null
+++ b/third_party/tlslite/patches/certificate_request.patch
@@ -0,0 +1,56 @@
+diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py
+index e1be195..65170de 100644
+--- a/third_party/tlslite/tlslite/messages.py
++++ b/third_party/tlslite/tlslite/messages.py
+@@ -460,7 +460,8 @@ class CertificateRequest(HandshakeMsg):
+ self.version = version
+ self.supported_signature_algs = []
+
+- def create(self, certificate_types, certificate_authorities, sig_algs=()):
++ def create(self, certificate_types, certificate_authorities,
++ sig_algs=((HashAlgorithm.sha256, SignatureAlgorithm.rsa),)):
+ self.certificate_types = certificate_types
+ self.certificate_authorities = certificate_authorities
+ self.supported_signature_algs = sig_algs
+@@ -470,7 +471,8 @@ class CertificateRequest(HandshakeMsg):
+ p.startLengthCheck(3)
+ self.certificate_types = p.getVarList(1, 1)
+ if self.version >= (3,3):
+- self.supported_signature_algs = p.getVarList(2, 2)
++ self.supported_signature_algs = \
++ [(b >> 8, b & 0xff) for b in p.getVarList(2, 2)]
+ ca_list_length = p.get(2)
+ index = 0
+ self.certificate_authorities = []
+@@ -485,7 +487,10 @@ class CertificateRequest(HandshakeMsg):
+ w = Writer()
+ w.addVarSeq(self.certificate_types, 1, 1)
+ if self.version >= (3,3):
+- w.addVarSeq(self.supported_signature_algs, 2, 2)
++ w.add(2 * len(self.supported_signature_algs), 2)
++ for (hash, signature) in self.supported_signature_algs:
++ w.add(hash, 1)
++ w.add(signature, 1)
+ caLength = 0
+ #determine length
+ for ca_dn in self.certificate_authorities:
+@@ -647,6 +652,7 @@ class ClientKeyExchange(HandshakeMsg):
+
+ class CertificateVerify(HandshakeMsg):
+ def __init__(self):
++ # TODO: This does not handle the SignatureAlgorithm in TLS 1.2.
+ HandshakeMsg.__init__(self, HandshakeType.certificate_verify)
+ self.signature = bytearray(0)
+
+diff --git a/third_party/tlslite/tlslite/tlsconnection.py b/third_party/tlslite/tlslite/tlsconnection.py
+index cb743fe..65f8d67 100644
+--- a/third_party/tlslite/tlslite/tlsconnection.py
++++ b/third_party/tlslite/tlslite/tlsconnection.py
+@@ -966,6 +966,7 @@ class TLSConnection(TLSRecordLayer):
+ verifyBytes = self._handshake_md5.digest() + \
+ self._handshake_sha.digest()
+ elif self.version == (3,3):
++ # TODO: This does not handle the PKCS#1 prefix in TLS 1.2.
+ verifyBytes = self._handshake_sha256.digest()
+ if self.fault == Fault.badVerifyMessage:
+ verifyBytes[0] = ((verifyBytes[0]+1) % 256)
« no previous file with comments | « third_party/tlslite/README.chromium ('k') | third_party/tlslite/patches/channel_id.patch » ('j') | third_party/tlslite/tlslite/tlsconnection.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698