| commit | 2a5e750faa7a7bd8ee6635f208e509e792cdd70a | |
| author | davidben <davidben@chromium.org> | |
| Thu, 27 Nov 2014 00:03:08 +0000 (26 16:03 -0800) | ||
| committer | Commit bot <commit-bot@chromium.org> | |
| Thu, 27 Nov 2014 00:03:33 +0000 (27 00:03 +0000) | ||
| tree | 213fd339ce80dd2eb6345677888366b0bf5a2d14 | treesnapshot (tar.gz zip) |
| parent | 1991d06a25d8d64be04000b36c30e77782403fcc | commitdiff |
Implement EVP_PKEY_supports_digest in Windows EVP_PKEY wrappers.
This allows BoringSSL's SSL implementation to account for the CNG
or CAPI provider's capabilities when choosing a hash to sign. Per
the fixes in https://crbug.com/278370, we assume CAPI keys and CNG
RSA keys of size 1024-bit or below can only support SHA-1.
This also prevents BoringSSL from choosing SHA-224 which we can't
sign with CNG either.
BUG=418822
Review URL: https://codereview.chromium.org/731673002
Cr-Commit-Position: refs/heads/master@{#305920}
This allows BoringSSL's SSL implementation to account for the CNG
or CAPI provider's capabilities when choosing a hash to sign. Per
the fixes in https://crbug.com/278370, we assume CAPI keys and CNG
RSA keys of size 1024-bit or below can only support SHA-1.
This also prevents BoringSSL from choosing SHA-224 which we can't
sign with CNG either.
BUG=418822
Review URL: https://codereview.chromium.org/731673002
Cr-Commit-Position: refs/heads/master@{#305920}
| net/ssl/openssl_platform_key_win.cc | diffblobblamehistory |