diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-09-01 18:42:55 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2013-09-01 18:42:55 +0400 |
commit | 70778c401e96e13c4ff05d549f48ea77c769e2d9 (patch) | |
tree | 0f6b01ea154fe0b678f334057f8b73c7a97ea241 /core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java | |
parent | 843358c0d81dfce0432a39a3518119683238941e (diff) |
Indicate where SignatureAndHashAlgorithm has to be selected when sending
CertificateVerify
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java index 0c35d489..e661a37c 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java @@ -373,12 +373,13 @@ public class TlsClientProtocol if (clientCreds != null && clientCreds instanceof TlsSignerCredentials) { TlsSignerCredentials signerCreds = (TlsSignerCredentials)clientCreds; - byte[] md5andsha1 = recordStream.getCurrentHash(null); - byte[] signature = signerCreds.generateCertificateSignature(md5andsha1); /* * TODO RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2 */ - DigitallySigned certificateVerify = new DigitallySigned(null, signature); + SignatureAndHashAlgorithm algorithm = null; + byte[] hash = recordStream.getCurrentHash(null); + byte[] signature = signerCreds.generateCertificateSignature(hash); + DigitallySigned certificateVerify = new DigitallySigned(algorithm, signature); sendCertificateVerifyMessage(certificateVerify); this.connection_state = CS_CERTIFICATE_VERIFY; |