feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

bug fix

Browse Source
This commit is contained in:
John Safranek
2013-02-13 12:05:56 -08:00
parent afb0cb3e20
commit d65e5ef3e4
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/internal.c
View File

@ -4374,8 +4374,8 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes)
if (ssl->options.tls) { if (ssl->options.tls) {
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
if (ssl->specs.mac_algorithm == sha_mac) { if (ssl->specs.mac_algorithm <= sha_mac) {
ShaFinal(&ssl->hashSha, hashes->hash); ShaFinal(&ssl->hashSha, &hashes->hash[MD5_DIGEST_SIZE]);
} }
else if (ssl->specs.mac_algorithm == sha256_mac) { else if (ssl->specs.mac_algorithm == sha256_mac) {
#ifndef NO_SHA256 #ifndef NO_SHA256
@ -7003,18 +7003,20 @@ int SetCipherList(Suites* s, const char* list)
} }
else { else {
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
byte* digest = ssl->certHashes.hash; byte* digest = &ssl->certHashes.hash[MD5_DIGEST_SIZE];
int digestSz = SHA_DIGEST_SIZE; int digestSz = SHA_DIGEST_SIZE;
int typeH = SHAh; int typeH = SHAh;
if (ssl->specs.mac_algorithm == sha256_mac) { if (ssl->specs.mac_algorithm == sha256_mac) {
#ifndef NO_SHA256 #ifndef NO_SHA256
digest = ssl->certHashes.hash;
typeH = SHA256h; typeH = SHA256h;
digestSz = SHA256_DIGEST_SIZE; digestSz = SHA256_DIGEST_SIZE;
#endif #endif
} }
else if (ssl->specs.mac_algorithm == sha384_mac) { else if (ssl->specs.mac_algorithm == sha384_mac) {
#ifdef CYASSL_SHA384 #ifdef CYASSL_SHA384
digest = ssl->certHashes.hash;
typeH = SHA384h; typeH = SHA384h;
digestSz = SHA384_DIGEST_SIZE; digestSz = SHA384_DIGEST_SIZE;
#endif #endif
@ -7357,7 +7359,7 @@ int SetCipherList(Suites* s, const char* list)
XMEMCPY(output + idx, exportBuf, expSz); XMEMCPY(output + idx, exportBuf, expSz);
idx += expSz; idx += expSz;
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
output[idx++] = sha_mac; output[idx++] = ssl->specs.mac_algorithm;
output[idx++] = ssl->specs.sig_algo; output[idx++] = ssl->specs.sig_algo;
} }
c16toa((word16)sigSz, output + idx); c16toa((word16)sigSz, output + idx);
@ -7609,7 +7611,7 @@ int SetCipherList(Suites* s, const char* list)
/* Add signature */ /* Add signature */
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
output[idx++] = sha_mac; output[idx++] = ssl->specs.mac_algorithm;
output[idx++] = ssl->specs.sig_algo; output[idx++] = ssl->specs.sig_algo;
} }
/* size */ /* size */
@ -8603,18 +8605,20 @@ int SetCipherList(Suites* s, const char* list)
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
byte encodedSig[MAX_ENCODED_SIG_SZ]; byte encodedSig[MAX_ENCODED_SIG_SZ];
word32 sigSz; word32 sigSz;
byte* digest = ssl->certHashes.hash; byte* digest = &ssl->certHashes.hash[MD5_DIGEST_SIZE];
int typeH = SHAh; int typeH = SHAh;
int digestSz = SHA_DIGEST_SIZE; int digestSz = SHA_DIGEST_SIZE;
if (ssl->specs.mac_algorithm == sha256_mac) { if (ssl->specs.mac_algorithm == sha256_mac) {
#ifndef NO_SHA256 #ifndef NO_SHA256
digest = ssl->certHashes.hash;
typeH = SHA256h; typeH = SHA256h;
digestSz = SHA256_DIGEST_SIZE; digestSz = SHA256_DIGEST_SIZE;
#endif #endif
} }
else if (ssl->specs.mac_algorithm == sha384_mac) { else if (ssl->specs.mac_algorithm == sha384_mac) {
#ifdef CYASSL_SHA384 #ifdef CYASSL_SHA384
digest = ssl->certHashes.hash;
typeH = SHA384h; typeH = SHA384h;
digestSz = SHA384_DIGEST_SIZE; digestSz = SHA384_DIGEST_SIZE;
#endif #endif