diff options
author | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-04-16 07:08:39 +0400 |
---|---|---|
committer | Peter Dettman <peter.dettman@bouncycastle.org> | 2014-04-16 07:08:39 +0400 |
commit | e0f4e5ea5883126194945ad07d7a8f5fdc78e778 (patch) | |
tree | 0aaff115040e4f516f2903a3fbd121f09ade163a /core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | |
parent | 6b818d940a53ab2821fe5128c90fb948d25526f9 (diff) |
Use explicit hash in certificateVerify verification for TLS 1.2
Diffstat (limited to 'core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java')
-rw-r--r-- | core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java index 257ea122..b8540ba4 100644 --- a/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java +++ b/core/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java @@ -430,17 +430,19 @@ public class TlsServerProtocol assertEmpty(buf); - if (TlsUtils.isTLSv12(getContext())) - { - throw new TlsFatalAlert(AlertDescription.decrypt_error); - } - // Verify the CertificateVerify message contains a correct signature. boolean verified = false; try { - // TODO For TLS 1.2, this needs to be the hash specified in the DigitallySigned - byte[] certificateVerifyHash = getCurrentPRFHash(getContext(), prepareFinishHash, null); + byte[] certificateVerifyHash; + if (TlsUtils.isTLSv12(getContext())) + { + certificateVerifyHash = prepareFinishHash.getFinalHash(clientCertificateVerify.getAlgorithm().getHash()); + } + else + { + certificateVerifyHash = TlsProtocol.getCurrentPRFHash(getContext(), prepareFinishHash, null); + } org.bouncycastle.asn1.x509.Certificate x509Cert = this.peerCertificate.getCertificateAt(0); SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo(); |