Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
fc101f88
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
12 个月 前同步成功
通知
8
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
fc101f88
编写于
5月 11, 2011
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Reorder signature algorithms in strongest hash first order.
上级
2f38b389
变更
1
显示空白变更内容
内联
并排
Showing
1 changed file
with
52 addition
and
50 deletion
+52
-50
ssl/t1_lib.c
ssl/t1_lib.c
+52
-50
未找到文件。
ssl/t1_lib.c
浏览文件 @
fc101f88
...
@@ -271,6 +271,53 @@ int tls1_ec_nid2curve_id(int nid)
...
@@ -271,6 +271,53 @@ int tls1_ec_nid2curve_id(int nid)
#endif
/* OPENSSL_NO_EC */
#endif
/* OPENSSL_NO_EC */
#ifndef OPENSSL_NO_TLSEXT
#ifndef OPENSSL_NO_TLSEXT
/* List of supported signature algorithms and hashes. Should make this
* customisable at some point, for now include everything we support.
*/
#ifdef OPENSSL_NO_RSA
#define tlsext_sigalg_rsa(md)
/* */
#else
#define tlsext_sigalg_rsa(md) md, TLSEXT_signature_rsa,
#endif
#ifdef OPENSSL_NO_DSA
#define tlsext_sigalg_dsa(md)
/* */
#else
#define tlsext_sigalg_dsa(md) md, TLSEXT_signature_dsa,
#endif
#ifdef OPENSSL_NO_ECDSA
#define tlsext_sigalg_ecdsa(md)
/* */
#else
#define tlsext_sigalg_ecdsa(md) md, TLSEXT_signature_dsa,
#endif
#define tlsext_sigalg(md) \
tlsext_sigalg_rsa(md) \
tlsext_sigalg_dsa(md) \
tlsext_sigalg_ecdsa(md)
static
unsigned
char
tls12_sigalgs
[]
=
{
#ifndef OPENSSL_NO_SHA512
tlsext_sigalg
(
TLSEXT_hash_sha512
)
tlsext_sigalg
(
TLSEXT_hash_sha384
)
#endif
#ifndef OPENSSL_NO_SHA256
tlsext_sigalg
(
TLSEXT_hash_sha256
)
tlsext_sigalg
(
TLSEXT_hash_sha224
)
#endif
#ifndef OPENSSL_NO_SHA
tlsext_sigalg
(
TLSEXT_hash_sha1
)
#endif
#ifndef OPENSSL_NO_MD5
tlsext_sigalg_rsa
(
TLSEXT_hash_md5
)
#endif
};
unsigned
char
*
ssl_add_clienthello_tlsext
(
SSL
*
s
,
unsigned
char
*
p
,
unsigned
char
*
limit
)
unsigned
char
*
ssl_add_clienthello_tlsext
(
SSL
*
s
,
unsigned
char
*
p
,
unsigned
char
*
limit
)
{
{
int
extdatalen
=
0
;
int
extdatalen
=
0
;
...
@@ -453,58 +500,13 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
...
@@ -453,58 +500,13 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *p, unsigned cha
if
(
s
->
version
>=
TLS1_2_VERSION
)
if
(
s
->
version
>=
TLS1_2_VERSION
)
{
{
/* List of supported signature algorithms and hashes.
if
((
size_t
)(
limit
-
ret
)
<
sizeof
(
tls12_sigalgs
)
+
6
)
* Should make this customisable at some point, for
* now include everything we support.
*/
static
unsigned
char
sigalgs
[]
=
{
#ifndef OPENSSL_NO_RSA
# ifndef OPENSSL_NO_SHA512
TLSEXT_hash_sha512
,
TLSEXT_signature_rsa
,
TLSEXT_hash_sha384
,
TLSEXT_signature_rsa
,
# endif
# ifndef OPENSSL_NO_SHA256
TLSEXT_hash_sha256
,
TLSEXT_signature_rsa
,
TLSEXT_hash_sha224
,
TLSEXT_signature_rsa
,
# endif
# ifndef OPENSSL_NO_SHA
TLSEXT_hash_sha1
,
TLSEXT_signature_rsa
,
# endif
#endif
#ifndef OPENSSL_NO_ECDSA
# ifndef OPENSSL_NO_SHA512
TLSEXT_hash_sha512
,
TLSEXT_signature_ecdsa
,
TLSEXT_hash_sha384
,
TLSEXT_signature_ecdsa
,
# endif
# ifndef OPENSSL_NO_SHA256
TLSEXT_hash_sha256
,
TLSEXT_signature_ecdsa
,
TLSEXT_hash_sha224
,
TLSEXT_signature_ecdsa
,
# endif
# ifndef OPENSSL_NO_SHA
TLSEXT_hash_sha1
,
TLSEXT_signature_ecdsa
,
# endif
#endif
#ifndef OPENSSL_NO_DSA
# ifndef OPENSSL_NO_SHA512
TLSEXT_hash_sha512
,
TLSEXT_signature_dsa
,
TLSEXT_hash_sha384
,
TLSEXT_signature_dsa
,
# endif
# ifndef OPENSSL_NO_SHA256
TLSEXT_hash_sha256
,
TLSEXT_signature_dsa
,
TLSEXT_hash_sha224
,
TLSEXT_signature_dsa
,
# endif
# ifndef OPENSSL_NO_SHA
TLSEXT_hash_sha1
,
TLSEXT_signature_dsa
# endif
#endif
};
if
((
size_t
)(
limit
-
ret
)
<
sizeof
(
sigalgs
)
+
6
)
return
NULL
;
return
NULL
;
s2n
(
TLSEXT_TYPE_signature_algorithms
,
ret
);
s2n
(
TLSEXT_TYPE_signature_algorithms
,
ret
);
s2n
(
sizeof
(
sigalgs
)
+
2
,
ret
);
s2n
(
sizeof
(
tls12_
sigalgs
)
+
2
,
ret
);
s2n
(
sizeof
(
sigalgs
),
ret
);
s2n
(
sizeof
(
tls12_
sigalgs
),
ret
);
memcpy
(
ret
,
sigalgs
,
sizeof
(
sigalgs
));
memcpy
(
ret
,
tls12_sigalgs
,
sizeof
(
tls12_
sigalgs
));
ret
+=
sizeof
(
sigalgs
);
ret
+=
sizeof
(
tls12_
sigalgs
);
}
}
#ifdef TLSEXT_TYPE_opaque_prf_input
#ifdef TLSEXT_TYPE_opaque_prf_input
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录