Google Git
Sign in
boringssl / boringssl.git / 0d62f26c3636b24404df00b15bff68fd6d5d65b0^! / . / ssl / internal.h
commit0d62f26c3636b24404df00b15bff68fd6d5d65b0[log] [tgz]
authorSteven Valdez <svaldez@chromium.org>Fri Sep 04 12:41:04 2015 -0400
committerAdam Langley <agl@google.com>Wed Sep 23 21:55:01 2015 +0000
treeb428d46e2be584c6e716afe01f98323e9548e8fd
parent4c60d356a926b68ac20e8090755799e1525874f0 [diff] [blame]
Adding more options for signing digest fallback.

Allow configuring digest preferences for the private key. Some
smartcards have limited support for signing digests, notably Windows
CAPI keys and old Estonian smartcards. Chromium used the supports_digest
hook in SSL_PRIVATE_KEY_METHOD to limit such keys to SHA1. However,
detecting those keys was a heuristic, so some SHA256-capable keys
authenticating to SHA256-only servers regressed in the switch to
BoringSSL. Replace this mechanism with an API to configure digest
preference order. This way heuristically-detected SHA1-only keys may be
configured by Chromium as SHA1-preferring rather than SHA1-requiring.

In doing so, clean up the shared_sigalgs machinery somewhat.

BUG=468076

Change-Id: I996a2df213ae4d8b4062f0ab85b15262ca26f3c6
Reviewed-on: https://boringssl-review.googlesource.com/5755
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/internal.h b/ssl/internal.h
index 8f477bc..8655bca 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -455,8 +455,6 @@
 
 int ssl_private_key_type(SSL *ssl);
 
-int ssl_private_key_supports_digest(SSL *ssl, const EVP_MD *md);
-
 size_t ssl_private_key_max_signature_len(SSL *ssl);
 
 enum ssl_private_key_result_t ssl_private_key_sign(
@@ -757,17 +755,17 @@
    * |SSL_CTX_set_tmp_ecdh_callback|. */
   EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
 
-  /* signature algorithms peer reports: e.g. supported signature
-   * algorithms extension for server or as part of a certificate
-   * request for client. */
-  uint8_t *peer_sigalgs;
-  /* Size of above array */
+  /* peer_sigalgs are the algorithm/hash pairs that the peer supports. These
+   * are taken from the contents of signature algorithms extension for a server
+   * or from the CertificateRequest for a client. */
+  TLS_SIGALGS *peer_sigalgs;
+  /* peer_sigalgslen is the number of entries in |peer_sigalgs|. */
   size_t peer_sigalgslen;
 
-  /* Signature algorithms shared by client and server: cached
-   * because these are used most often. */
-  TLS_SIGALGS *shared_sigalgs;
-  size_t shared_sigalgslen;
+  /* digest_nids, if non-NULL, is the set of digests supported by |privatekey|
+   * in decreasing order of preference. */
+  int *digest_nids;
+  size_t num_digest_nids;
 
   /* Certificate setup callback: if set is called whenever a
    * certificate may be required (client or server). the callback
@@ -1296,7 +1294,7 @@
 uint16_t ssl3_version_from_wire(SSL *s, uint16_t wire_version);
 
 uint32_t ssl_get_algorithm_prf(SSL *s);
-int tls1_process_sigalgs(SSL *s, const CBS *sigalgs);
+int tls1_parse_peer_sigalgs(SSL *s, const CBS *sigalgs);
 
 /* tls1_choose_signing_digest returns a digest for use with |ssl|'s private key
  * based on the peer's preferences the digests supported. */