00505ec2e1e4c3047b4f61a306f2ac1372fa7640 - boringssl

commit	00505ec2e1e4c3047b4f61a306f2ac1372fa7640	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Wed Nov 26 16:38:00 2014 -0500
committer	David Benjamin <davidben@google.com>	Tue Dec 02 20:45:07 2014 +0000
tree	0eb8f3285175524d33b0cc6690941dcb2ce9723a
parent	af9d9419a6298db5fa4605f21703c2c6527a0f82 [diff]

Add EVP_md5_sha1.

Use it in ssl3_cert_verify_hash so signing a pre-TLS-1.2 handshake hash can go
through RSA_sign and be intercepted via RSA_METHOD appropriately. This avoids
Windows needing to intercept sign_raw. (CAPI keys cannot provide sign_raw,
unless the input size happens to be that of NID_md5_sha1.)

Also use it in processing ServerKeyExchange to avoid special-casing RSA.

BUG=crbug.com/437023

Change-Id: Ia07433f468b75fdf7bfc8fa90c9751639b2478e6
Reviewed-on: https://boringssl-review.googlesource.com/2420
Reviewed-by: David Benjamin <davidben@google.com>

crypto/digest/digest_test.c[diff]
crypto/digest/digests.c[diff]
include/openssl/digest.h[diff]
ssl/s3_both.c[diff]
ssl/s3_clnt.c[diff]
ssl/s3_srvr.c[diff]

6 files changed

tree: 0eb8f3285175524d33b0cc6690941dcb2ce9723a

crypto/
doc/
include/
ssl/
tool/
util/
.clang-format
.gitignore
BUILDING
CMakeLists.txt
codereview.settings