commit | c7fd8fd75e74f59e583df1e4fea0d221891e2000 | [log] [tgz] |
---|---|---|
author | Costin Manolache <costin@google.com> | Tue Mar 02 13:47:01 2010 -0800 |
committer | Costin Manolache <costin@google.com> | Fri Mar 05 09:51:26 2010 -0800 |
tree | 454c51d8424e2cf3a5880178df24975250928d33 | |
parent | 9720b13a5db722c4304d396f7ebf202b683ae5b8 [diff] |
Fix server side SSLEngine ServerKeyExchange signature. Code using SSLEngine for non-blocking SSL can't talk with openssl as a client, since the signature is computed on different content (and openssl checks it, unlike java). The fix is to use strip the 0x00 prefix when signing - like it is done when generating the message, refactored both to use a common method. We also include the length in the signature, it was also missing.