diff options
| author | lloyd <[email protected]> | 2012-01-19 20:02:07 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-01-19 20:02:07 +0000 |
| commit | 4c3d3e1c56451c635fb81dadfb249ce1856af0ce (patch) | |
| tree | f641c31dfbcf9badeac1dd5ae79eb28742fd0c68 /src/tls/s_kex.cpp | |
| parent | 385febfc3c150450d231f9550ac5e33f5316751f (diff) | |
Various and sundry bug fixes
Diffstat (limited to 'src/tls/s_kex.cpp')
| -rw-r--r-- | src/tls/s_kex.cpp | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp index 2e2bc4cb0..ac6ee15ee 100644 --- a/src/tls/s_kex.cpp +++ b/src/tls/s_kex.cpp @@ -37,9 +37,15 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, // FIXME: this should respect client's hash preferences if(state->version >= TLS_V12) + { hash_algo = TLS_ALGO_HASH_SHA256; + sig_algo = TLS_ALGO_SIGNER_RSA; + } else + { hash_algo = TLS_ALGO_NONE; + sig_algo = TLS_ALGO_NONE; + } std::pair<std::string, Signature_Format> format = state->choose_sig_format(private_key, hash_algo, false); @@ -62,7 +68,10 @@ MemoryVector<byte> Server_Key_Exchange::serialize() const MemoryVector<byte> buf = serialize_params(); if(hash_algo != TLS_ALGO_NONE) - {} + { + buf.push_back(Signature_Algorithms::hash_algo_code(hash_algo)); + buf.push_back(Signature_Algorithms::sig_algo_code(sig_algo)); + } append_tls_length_value(buf, signature, 2); return buf; @@ -110,9 +119,16 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, if(sig_alg != TLS_ALGO_SIGNER_ANON) { if(version < TLS_V12) - hash_algo = TLS_ALGO_NONE; // use old defaults + { + // use old defaults + hash_algo = TLS_ALGO_NONE; + sig_algo = TLS_ALGO_NONE; + } else + { hash_algo = Signature_Algorithms::hash_algo_code(reader.get_byte()); + sig_algo = Signature_Algorithms::sig_algo_code(reader.get_byte()); + } signature = reader.get_range<byte>(2, 0, 65535); } @@ -137,6 +153,8 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert, { std::auto_ptr<Public_Key> key(cert.subject_public_key()); + printf("Checking %s vs code %d\n", key->algo_name().c_str(), sig_algo); + std::pair<std::string, Signature_Format> format = state->choose_sig_format(key.get(), hash_algo, false); |