Google Git
Sign in
pigweed / third_party / boringssl / boringssl / 0e2908a8069df529cb588611b451185bed601979
commit0e2908a8069df529cb588611b451185bed601979[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Wed Jul 09 15:22:43 2014 -0400
committerAdam Langley <agl@google.com>Thu Jul 10 00:05:14 2014 +0000
treeb9c2d625da8167d8b1d4350a0c47e920adfb5f6d
parent636293bf25a4ef2c0e47b23cbfd1f8180d2c2d9f [diff]
Unify signing codepath of ssl3_send_client_verify.

Instead of, in the pre-TLS-1.2 case, reaching into the EVP and manually
signing, compute the digest separately from signing. Then use EVP_PKEY_sign.
This will make it easier to implement https://crbug.com/347404 by having only
one signing codepath as well as make that logic simpler.

Also add a bounds check while we're here, although the buffer is too large to
actually matter.

runner.go client auth tests should cover code changes.

Change-Id: I7d87181bbcc5a761660412452e508d24c4725327
Reviewed-on: https://boringssl-review.googlesource.com/1122
Reviewed-by: Adam Langley <agl@google.com>
1 file changed
tree: b9c2d625da8167d8b1d4350a0c47e920adfb5f6d
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt