Google Git
Sign in
boringssl / boringssl.git / af56fbd62aa4e60b9085a9b390b9db30af5ebd1e^! / .
commitaf56fbd62aa4e60b9085a9b390b9db30af5ebd1e[log] [tgz]
authorDavid Benjamin <davidben@google.com>Wed Sep 21 14:38:06 2016 -0400
committerAdam Langley <agl@google.com>Wed Sep 21 20:54:15 2016 +0000
tree89de5fc3610f954064b514e1c0c15649b31f7cc9
parent88536c3cb129c6d20bc9892f2726f1a457842e12 [diff]
Renumber TLS 1.3 signature algorithms.

The old numbers violate a MUST-level requirement in TLS 1.2 to not
advertise anonymous (0x0700 ends in 0x00). The spec has been updated
with new allocations which avoid these.

BUG=webrtc:6342

Change-Id: Ia5663ada98fa1ebf0f8a7f50fe74a0e9206c4194
Reviewed-on: https://boringssl-review.googlesource.com/11131
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1e76df3..d7e5add 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h

@@ -908,9 +908,9 @@
 #define SSL_SIGN_ECDSA_SECP256R1_SHA256 0x0403
 #define SSL_SIGN_ECDSA_SECP384R1_SHA384 0x0503
 #define SSL_SIGN_ECDSA_SECP521R1_SHA512 0x0603
-#define SSL_SIGN_RSA_PSS_SHA256 0x0700
-#define SSL_SIGN_RSA_PSS_SHA384 0x0701
-#define SSL_SIGN_RSA_PSS_SHA512 0x0702
+#define SSL_SIGN_RSA_PSS_SHA256 0x0804
+#define SSL_SIGN_RSA_PSS_SHA384 0x0805
+#define SSL_SIGN_RSA_PSS_SHA512 0x0806
 
 /* SSL_SIGN_RSA_PKCS1_MD5_SHA1 is an internal signature algorithm used to
  * specify raw RSASSA-PKCS1-v1_5 with an MD5/SHA-1 concatenation, as used in TLS

diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index b42315b..a90e993 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc

@@ -1780,8 +1780,8 @@
       0xc0, 0x28, 0x00, 0x39, 0x00, 0x6b, 0x00, 0x9c, 0x00, 0x9d, 0x00, 0x2f,
       0x00, 0x3c, 0x00, 0x35, 0x00, 0x3d, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x3b,
       0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00, 0x00, 0x00, 0x23, 0x00,
-      0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x07, 0x02, 0x06, 0x01, 0x06,
-      0x03, 0x07, 0x01, 0x05, 0x01, 0x05, 0x03, 0x07, 0x00, 0x04, 0x01, 0x04,
+      0x00, 0x00, 0x0d, 0x00, 0x18, 0x00, 0x16, 0x08, 0x06, 0x06, 0x01, 0x06,
+      0x03, 0x08, 0x05, 0x05, 0x01, 0x05, 0x03, 0x08, 0x04, 0x04, 0x01, 0x04,
       0x03, 0x02, 0x01, 0x02, 0x03, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
       0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18,
   };

diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index cd6c8f9..715a94b 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -165,13 +165,13 @@
 	signatureECDSAWithP521AndSHA512 signatureAlgorithm = 0x0603
 
 	// RSASSA-PSS algorithms
-	signatureRSAPSSWithSHA256 signatureAlgorithm = 0x0700
-	signatureRSAPSSWithSHA384 signatureAlgorithm = 0x0701
-	signatureRSAPSSWithSHA512 signatureAlgorithm = 0x0702
+	signatureRSAPSSWithSHA256 signatureAlgorithm = 0x0804
+	signatureRSAPSSWithSHA384 signatureAlgorithm = 0x0805
+	signatureRSAPSSWithSHA512 signatureAlgorithm = 0x0806
 
 	// EdDSA algorithms
-	signatureEd25519 signatureAlgorithm = 0x0703
-	signatureEd448   signatureAlgorithm = 0x0704
+	signatureEd25519 signatureAlgorithm = 0x0807
+	signatureEd448   signatureAlgorithm = 0x0808
 )
 
 // supportedSignatureAlgorithms contains the default supported signature