From 36c91d13d1272f90a722a67a2ded97706fdff102 Mon Sep 17 00:00:00 2001 From: Benjamin Kaduk Date: Fri, 26 Jan 2018 09:21:08 -0600 Subject: [PATCH] Fix ssl-trace with TLS 1.3 draft-23 PSS sigalgs The latest TLS 1.3 draft split the RSA-PSS signature schemes into two versions that indicate the OID of the RSA key being used. This forced us to rename the preprocessor defines for the sigalg values, and the ssl-trace code was not adopted to match, since it was not enabled int the default build. Belatedly update the ssl_sigalg_tbl in the trace code to match. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/5174) --- ssl/t1_trce.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c index ada5675db3..b99876504f 100644 --- a/ssl/t1_trce.c +++ b/ssl/t1_trce.c @@ -544,9 +544,12 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = { {TLSEXT_SIGALG_ecdsa_sha224, "ecdsa_sha224"}, {TLSEXT_SIGALG_ed25519, "ed25519"}, {TLSEXT_SIGALG_ecdsa_sha1, "ecdsa_sha1"}, - {TLSEXT_SIGALG_rsa_pss_sha256, "rsa_pss_sha256"}, - {TLSEXT_SIGALG_rsa_pss_sha384, "rsa_pss_sha384"}, - {TLSEXT_SIGALG_rsa_pss_sha512, "rsa_pss_sha512"}, + {TLSEXT_SIGALG_rsa_pss_rsae_sha256, "rsa_pss_rsae_sha256"}, + {TLSEXT_SIGALG_rsa_pss_rsae_sha384, "rsa_pss_rsae_sha384"}, + {TLSEXT_SIGALG_rsa_pss_rsae_sha512, "rsa_pss_rsae_sha512"}, + {TLSEXT_SIGALG_rsa_pss_pss_sha256, "rsa_pss_pss_sha256"}, + {TLSEXT_SIGALG_rsa_pss_pss_sha384, "rsa_pss_pss_sha384"}, + {TLSEXT_SIGALG_rsa_pss_pss_sha512, "rsa_pss_pss_sha512"}, {TLSEXT_SIGALG_rsa_pkcs1_sha256, "rsa_pkcs1_sha256"}, {TLSEXT_SIGALG_rsa_pkcs1_sha384, "rsa_pkcs1_sha384"}, {TLSEXT_SIGALG_rsa_pkcs1_sha512, "rsa_pkcs1_sha512"},