diff options
| author | Filippo Valsorda <filippo@golang.org> | 2019-10-29 16:46:26 -0400 |
|---|---|---|
| committer | Filippo Valsorda <filippo@golang.org> | 2019-10-30 20:18:59 +0000 |
| commit | cd18da451faedc4218a5fd0e38f9b3d13aa5da01 (patch) | |
| tree | 8e10c35fa895c9f53504b3f845cc1d70329c82da /src/crypto/tls/handshake_client.go | |
| parent | a05934639bde593326f8d7ed9eb3f73f9ba6eb53 (diff) | |
| download | go-cd18da451faedc4218a5fd0e38f9b3d13aa5da01.tar.xz | |
crypto/tls: improve error messages for invalid certificates and signatures
Also, fix the alert value sent when a signature by a client certificate
is invalid in TLS 1.0-1.2.
Fixes #35190
Change-Id: I2ae1d5593dfd5ee2b4d979664aec74aab4a8a704
Reviewed-on: https://go-review.googlesource.com/c/go/+/204157
Reviewed-by: Katie Hockman <katie@golang.org>
Diffstat (limited to 'src/crypto/tls/handshake_client.go')
| -rw-r--r-- | src/crypto/tls/handshake_client.go | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go index 75d710b2e2..dd7d10b809 100644 --- a/src/crypto/tls/handshake_client.go +++ b/src/crypto/tls/handshake_client.go @@ -581,11 +581,7 @@ func (hs *clientHandshakeState) doFullHandshake() error { if certVerify.hasSignatureAlgorithm { certVerify.signatureAlgorithm = signatureAlgorithm } - signed, err := hs.finishedHash.hashForClientCertificate(sigType, hashFunc, hs.masterSecret) - if err != nil { - c.sendAlert(alertInternalError) - return err - } + signed := hs.finishedHash.hashForClientCertificate(sigType, hashFunc, hs.masterSecret) signOpts := crypto.SignerOpts(hashFunc) if sigType == signatureRSAPSS { signOpts = &rsa.PSSOptions{SaltLength: rsa.PSSSaltLengthEqualsHash, Hash: hashFunc} @@ -878,7 +874,11 @@ func certificateRequestInfoFromMsg(certReq *certificateRequestMsg) *CertificateR // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated"). cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms)) for _, sigScheme := range certReq.supportedSignatureAlgorithms { - switch signatureFromSignatureScheme(sigScheme) { + sigType, _, err := typeAndHashFromSignatureScheme(sigScheme) + if err != nil { + continue + } + switch sigType { case signatureECDSA, signatureEd25519: if ecAvail { cri.SignatureSchemes = append(cri.SignatureSchemes, sigScheme) |