| commit | 25dd6472b5a0e3036b8ee26a5a46b1f7b70dd58a | |
| author | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Sat, 29 Jun 2013 14:24:05 +0000 (29 14:24 +0000) | ||
| committer | wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | |
| Sat, 29 Jun 2013 14:24:05 +0000 (29 14:24 +0000) | ||
| tree | 6e8b28af6c95965b150e13dc063a6796650c95aa | treesnapshot (tar.gz zip) |
| parent | 8db52414c08292dbf5a9f570ab533abfecdf091e | commitdiff |
A speculative fix for the TLS 1.2 client authentication bug with the
CAC card on Mac OS X.
Manually encode the ASN.1 DigestInfo structure and pass CSSM_ALGID_NONE
as the digestAlg argument to CSSM_SignData. The theory is that the CAC
card may not support a digestAlg argument of CSSM_ALGID_SHA256 passed to
CSSM_SignData.
Set the OS error when CDSA/CSSM functions fail and log the OS error when
we get ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED.
R=rsleevi@chromium.org
BUG=255579
TEST=manual testing
Review URL: https://chromiumcodereview.appspot.com/18055011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209318 0039d316-1c4b-4281-b951-d872f2087c98
CAC card on Mac OS X.
Manually encode the ASN.1 DigestInfo structure and pass CSSM_ALGID_NONE
as the digestAlg argument to CSSM_SignData. The theory is that the CAC
card may not support a digestAlg argument of CSSM_ALGID_SHA256 passed to
CSSM_SignData.
Set the OS error when CDSA/CSSM functions fail and log the OS error when
we get ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED.
R=rsleevi@chromium.org
BUG=255579
TEST=manual testing
Review URL: https://chromiumcodereview.appspot.com/18055011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209318 0039d316-1c4b-4281-b951-d872f2087c98
| net/socket/nss_ssl_util.cc | diffblobblamehistory | |
| net/third_party/nss/ssl/sslplatf.c | diffblobblamehistory |