Alternative TLS implementation in Go
c32a7dcd6d
Commit f1d669aee994b28e1afcfe974680565932d25b70 added support for AES_256_GCM_SHA384 cipher suites as specified in RFC5289. However, it did not take the arbitrary hash function into account in the TLS client handshake when using client certificates. The hashForClientCertificate method always returned SHA256 as its hashing function, even if it actually used a different one to calculate its digest. Setting up the connection would eventually fail with the error "tls: failed to sign handshake with client certificate: crypto/rsa: input must be hashed message". Included is an additional test for this specific situation that uses the SHA384 hash. Fixes #9808 Change-Id: Iccbf4ab225633471ef897907c208ad31f92855a3 Reviewed-on: https://go-review.googlesource.com/7040 Reviewed-by: Adam Langley <agl@golang.org> Run-TryBot: Adam Langley <agl@golang.org> |
||
|---|---|---|
| testdata | ||
| alert.go | ||
| cipher_suites.go | ||
| common.go | ||
| conn_test.go | ||
| conn.go | ||
| example_test.go | ||
| generate_cert.go | ||
| handshake_client_test.go | ||
| handshake_client.go | ||
| handshake_messages_test.go | ||
| handshake_messages.go | ||
| handshake_server_test.go | ||
| handshake_server.go | ||
| handshake_test.go | ||
| key_agreement.go | ||
| prf_test.go | ||
| prf.go | ||
| ticket.go | ||
| tls_test.go | ||
| tls.go | ||