git: 9front

Download patch

ref: 2b8496d8ff28cfaddd7c40559dd94a8ce5268081
parent: ccb05efa21b4b269ead9953cbe0cf2423b1b552a
author: cinap_lenrek <cinap_lenrek@gmx.de>
date: Sat Aug 18 11:09:02 EDT 2012 

libsec: add sha256WithRSAEncryption signature alg


--- a/sys/src/libsec/port/tlshand.c
+++ b/sys/src/libsec/port/tlshand.c
@@ -343,9 +343,8 @@
 	close(fd);
 	close(hand);
 	close(ctl);
-	if(data < 0){
+	if(data < 0)
 		return -1;
-	}
 	if(tls == nil){
 		close(data);
 		return -1;
@@ -393,13 +392,16 @@
 	}
 	sprint(dname, "#a/tls/%s/data", buf);
 	data = open(dname, ORDWR);
-	if(data < 0)
+	if(data < 0){
+		close(hand);
+		close(ctl);
 		return -1;
+	}
 	fprint(ctl, "fd %d 0x%x", fd, ProtocolVersion);
 	tls = tlsClient2(ctl, hand, conn->sessionID, conn->sessionIDlen, conn->trace);
-	close(fd);
 	close(hand);
 	close(ctl);
+	close(fd);
 	if(tls == nil){
 		close(data);
 		return -1;
@@ -702,7 +704,7 @@
 	if(tlsSecSecretc(c->sec, c->sid->data, c->sid->len, c->srandom,
 			c->cert->data, c->cert->len, c->version, &epm, &nepm,
 			kd, c->nsecret) < 0){
-		tlsError(c, EBadCertificate, "invalid x509/rsa certificate");
+		tlsError(c, EBadCertificate, "bad certificate: %r");
 		goto Err;
 	}
 	secrets = (char*)emalloc(2*c->nsecret);
--- a/sys/src/libsec/port/x509.c
+++ b/sys/src/libsec/port/x509.c
@@ -1582,6 +1582,7 @@
 	ALG_md5WithRSAEncryption,
 	ALG_sha1WithRSAEncryption,
 	ALG_sha1WithRSAEncryptionOiw,
+	ALG_sha256WithRSAEncryption,
 	ALG_md5,
 	NUMALGS
 };
@@ -1595,6 +1596,7 @@
 static Ints7 oid_md5WithRSAEncryption = {7, 1, 2, 840, 113549, 1, 1, 4 };
 static Ints7 oid_sha1WithRSAEncryption ={7, 1, 2, 840, 113549, 1, 1, 5 };
 static Ints7 oid_sha1WithRSAEncryptionOiw ={6, 1, 3, 14, 3, 2, 29 };
+static Ints7 oid_sha256WithRSAEncryption = {7, 1, 2, 840, 113549, 1, 1, 11 };
 static Ints7 oid_md5 ={6, 1, 2, 840, 113549, 2, 5, 0 };
 static Ints *alg_oid_tab[NUMALGS+1] = {
 	(Ints*)&oid_rsaEncryption,
@@ -1603,10 +1605,13 @@
 	(Ints*)&oid_md5WithRSAEncryption,
 	(Ints*)&oid_sha1WithRSAEncryption,
 	(Ints*)&oid_sha1WithRSAEncryptionOiw,
+	(Ints*)&oid_sha256WithRSAEncryption,
 	(Ints*)&oid_md5,
 	nil
 };
-static DigestFun digestalg[NUMALGS+1] = { md5, md5, md5, md5, sha1, sha1, md5, nil };
+static DigestFun digestalg[NUMALGS+1] = {
+	md5, md5, md5, md5, sha1, sha1, sha2_256, md5, nil
+};
 
 static void
 freecert(CertX509* c)
--