Add EVP_md5_sha1. Use it in ssl3_cert_verify_hash so signing a pre-TLS-1.2 handshake hash can go through RSA_sign and be intercepted via RSA_METHOD appropriately. This avoids Windows needing to intercept sign_raw. (CAPI keys cannot provide sign_raw, unless the input size happens to be that of NID_md5_sha1.) Also use it in processing ServerKeyExchange to avoid special-casing RSA. BUG=crbug.com/437023 Change-Id: Ia07433f468b75fdf7bfc8fa90c9751639b2478e6 Reviewed-on: https://boringssl-review.googlesource.com/2420 Reviewed-by: David Benjamin <davidben@google.com>

commit: 00505ec2e1e4c3047b4f61a306f2ac1372fa7640 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Wed Nov 26 16:38:00 2014 -0500
committer: David Benjamin <davidben@google.com> Tue Dec 02 20:45:07 2014 +0000
tree: 0eb8f3285175524d33b0cc6690941dcb2ce9723a
parent: af9d9419a6298db5fa4605f21703c2c6527a0f82 [diff] [blame]
diff --git a/include/openssl/digest.h b/include/openssl/digest.h
index a453ea3..864917e 100644
--- a/include/openssl/digest.h
+++ b/include/openssl/digest.h

@@ -84,6 +84,10 @@
 OPENSSL_EXPORT const EVP_MD *EVP_sha384(void);
 OPENSSL_EXPORT const EVP_MD *EVP_sha512(void);
 
+/* EVP_md5_sha1 is a TLS-specific |EVP_MD| which computes the concatenation of
+ * MD5 and SHA-1, as used in TLS 1.1 and below. */
+OPENSSL_EXPORT const EVP_MD *EVP_md5_sha1(void);
+
 /* EVP_get_digestbynid returns an |EVP_MD| for the given NID, or NULL if no
  * such digest is known. */
 OPENSSL_EXPORT const EVP_MD *EVP_get_digestbynid(int nid);
commit	00505ec2e1e4c3047b4f61a306f2ac1372fa7640	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Wed Nov 26 16:38:00 2014 -0500
committer	David Benjamin <davidben@google.com>	Tue Dec 02 20:45:07 2014 +0000
tree	0eb8f3285175524d33b0cc6690941dcb2ce9723a
parent	af9d9419a6298db5fa4605f21703c2c6527a0f82 [diff] [blame]