kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Print out the signature algorithm in bssl client.

Browse Source 
I keep wishing we had that available and patching this in.

Change-Id: I4ef04fcc6be5b00a9fcbdc2771a7ee7e2313b5c5
Reviewed-on: https://boringssl-review.googlesource.com/10980
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2016-09-09 16:49:02 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent ed6c5d3910
commit 31168c9999
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
tool/transport_common.cc
View File

@ -201,6 +201,36 @@ bool VersionFromString(uint16_t *out_version, const std::string &version) {
return false;
}
static const char *SignatureAlgorithmToString(uint16_t version, uint16_t sigalg) {
const bool is_tls12 = version == TLS1_2_VERSION || version == DTLS1_2_VERSION;
switch (sigalg) {
case SSL_SIGN_RSA_PKCS1_SHA1:
return "rsa_pkcs1_sha1";
case SSL_SIGN_RSA_PKCS1_SHA256:
return "rsa_pkcs1_sha256";
case SSL_SIGN_RSA_PKCS1_SHA384:
return "rsa_pkcs1_sha384";
case SSL_SIGN_RSA_PKCS1_SHA512:
return "rsa_pkcs1_sha512";
case SSL_SIGN_ECDSA_SHA1:
return "ecdsa_sha1";
case SSL_SIGN_ECDSA_SECP256R1_SHA256:
return is_tls12 ? "ecdsa_sha256" : "ecdsa_secp256r1_sha256";
case SSL_SIGN_ECDSA_SECP384R1_SHA384:
return is_tls12 ? "ecdsa_sha384" : "ecdsa_secp384r1_sha384";
case SSL_SIGN_ECDSA_SECP521R1_SHA512:
return is_tls12 ? "ecdsa_sha512" : "ecdsa_secp521r1_sha512";
case SSL_SIGN_RSA_PSS_SHA256:
return "rsa_pss_sha256";
case SSL_SIGN_RSA_PSS_SHA384:
return "rsa_pss_sha384";
case SSL_SIGN_RSA_PSS_SHA512:
return "rsa_pss_sha512";
default:
return "(unknown)";
}
}
void PrintConnectionInfo(const SSL *ssl) {
const SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
@ -216,6 +246,11 @@ void PrintConnectionInfo(const SSL *ssl) {
if (dhe_bits != 0) {
fprintf(stderr, " DHE group size: %u bits\n", dhe_bits);
}
uint16_t sigalg = SSL_get_peer_signature_algorithm(ssl);
if (sigalg != 0) {
fprintf(stderr, " Signature algorithm: %s\n",
SignatureAlgorithmToString(SSL_version(ssl), sigalg));
}
fprintf(stderr, " Secure renegotiation: %s\n",
SSL_get_secure_renegotiation_support(ssl) ? "yes" : "no");
fprintf(stderr, " Extended master secret: %s\n",