Reorganized signature-scheme detection in 'apps/s_cb.c:security_callback_debug' callback-function. (861e4562) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Commit 861e4562 authored Mar 08, 2019 by

Lorinczy Zsigmond Committed by Matt Caswell Mar 20, 2019

Reorganized signature-scheme detection in 'apps/s_cb.c:security_callback_debug' callback-function.



So far, it only handled hash-and-algorithm pairs from TLS1.2,
now it also handles 'schemes' defined in TLS1.3 like 0x0807=ed25519 or
0x0809=rsa_pss_pss_sha256

Now it prints information in one of these formats:

... Algorithm scheme=ecdsa_secp256r1_sha256, security bits=128 ... TLS1.3
... Algorithm digest=SHA384, algorithm=DSA, security bits=192  ... TLS1.2
... Algorithm scheme=unknown(0x0e01), security bits=128        ... unhandled case

To implement this added three new lookup-tables: signature_tls13_scheme_list,
signature_tls12_alg_list, signature_tls12_hash_list.

Also minor changes in 'security_callback_debug', eg adding variable 'show_nm'
to indicate if we should show 'nm'.

Also coding-styles fixes from matcaswell

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8445)

parent 905c9a72

Hide whitespace changes

Inline Side-by-side

Please register or to comment