)]}' { "commit": "e8f57ca134ffd297e5c46505c86ff7001ef32f7b", "tree": "7ac9dc3e18eb6541fb07b794410c023eb6dc3a9b", "parents": [ "7ad733c81abbf1d6bb7df67b886b7e4a49e08a6d" ], "author": { "name": "David Benjamin", "email": "davidben@google.com", "time": "Tue Nov 29 18:40:11 2022 -0500" }, "committer": { "name": "Boringssl LUCI CQ", "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com", "time": "Fri Dec 02 18:55:28 2022 +0000" }, "message": "Never accidentally use SSL_SIGN_RSA_PKCS1_MD5_SHA1 at TLS 1.2.\n\nSSL_SIGN_RSA_PKCS1_MD5_SHA1 does not really exist, but is a private use\nvalue we allocated to internally represent the TLS 1.0/1.1 RSA signature\nalgorithm. (Unlike the TLS 1.0/1.1 ECDSA signature algorithm, which is\nthe same as SSL_SIGN_ECDSA_SHA1, the RSA one is a bespoke MD5+SHA1\nconcatenation which never appears in TLS 1.2 and up.)\n\nAlthough documented that you\u0027re not to use it with\nSSL_CTX_set_verify_algorithm_prefs and\nSSL_CTX_set_signing_algorithm_prefs (it only exists for\nSSL_PRIVATE_KEY_METHOD), there\u0027s nothing stopping a caller from passing\nit in.\n\nWere you to do so anyway, we\u0027d get confused and sign or verify it at TLS\n1.2. This CL is the first half of a fix: since we already have\npkey_supports_algorithm that checks a (version, sigalg, key) tuple, that\nfunction should just know this is not a 1.2-compatible algorithm.\n\nA subsequent CL will also fix those APIs to not accept invalid values\nfrom the caller, since these invalid calls will still, e.g., dump\ngarbage values on the wire.\n\nChange-Id: I119503f9742a17952ed08e5815fb3d1419fd4a12\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/55445\nReviewed-by: Bob Beck \u003cbbe@google.com\u003e\nCommit-Queue: Bob Beck \u003cbbe@google.com\u003e\nAuto-Submit: David Benjamin \u003cdavidben@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "863aff76bfb1db1e8f17233de9b57a31efe5dae5", "old_mode": 33188, "old_path": "ssl/extensions.cc", "new_id": "a126b4645813afb98af2d4e1b4f885af2f5052ac", "new_mode": 33188, "new_path": "ssl/extensions.cc" }, { "type": "modify", "old_id": "0843e0b24f597bff6260570f90c4c53589d6f377", "old_mode": 33188, "old_path": "ssl/ssl_privkey.cc", "new_id": "13a7d9a7c2848254f4a293a2c5b26c1d62117764", "new_mode": 33188, "new_path": "ssl/ssl_privkey.cc" }, { "type": "modify", "old_id": "07562dfef1953d30ea41af9c3312cad3ddf7fef6", "old_mode": 33188, "old_path": "ssl/test/runner/common.go", "new_id": "38542831fd5485f983b9a7dc73f226f78421a18c", "new_mode": 33188, "new_path": "ssl/test/runner/common.go" }, { "type": "modify", "old_id": "8c756a636f686ffa37e133e2766274997f4268fc", "old_mode": 33188, "old_path": "ssl/test/runner/runner.go", "new_id": "e3c58aa206f45ceaeae4d15392abf67c3ef2a4af", "new_mode": 33188, "new_path": "ssl/test/runner/runner.go" }, { "type": "modify", "old_id": "d57cd6070c0a189268fa41c1e25741f03520c7ed", "old_mode": 33188, "old_path": "ssl/test/runner/sign.go", "new_id": "da6452ac00f7f81942d1c686b8db2a44b2577a8b", "new_mode": 33188, "new_path": "ssl/test/runner/sign.go" } ] }