Fix ssl-trace with TLS 1.3 draft-23 PSS sigalgs
authorBenjamin Kaduk <bkaduk@akamai.com>
Fri, 26 Jan 2018 15:21:08 +0000 (09:21 -0600)
committerBenjamin Kaduk <bkaduk@akamai.com>
Fri, 26 Jan 2018 15:21:08 +0000 (09:21 -0600)
The latest TLS 1.3 draft split the RSA-PSS signature schemes into
two versions that indicate the OID of the RSA key being used.
This forced us to rename the preprocessor defines for the sigalg
values, and the ssl-trace code was not adopted to match, since
it was not enabled int the default build.

Belatedly update the ssl_sigalg_tbl in the trace code to match.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5174)

ssl/t1_trce.c

index ada5675..b998765 100644 (file)
@@ -544,9 +544,12 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
     {TLSEXT_SIGALG_ecdsa_sha224, "ecdsa_sha224"},
     {TLSEXT_SIGALG_ed25519, "ed25519"},
     {TLSEXT_SIGALG_ecdsa_sha1, "ecdsa_sha1"},
-    {TLSEXT_SIGALG_rsa_pss_sha256, "rsa_pss_sha256"},
-    {TLSEXT_SIGALG_rsa_pss_sha384, "rsa_pss_sha384"},
-    {TLSEXT_SIGALG_rsa_pss_sha512, "rsa_pss_sha512"},
+    {TLSEXT_SIGALG_rsa_pss_rsae_sha256, "rsa_pss_rsae_sha256"},
+    {TLSEXT_SIGALG_rsa_pss_rsae_sha384, "rsa_pss_rsae_sha384"},
+    {TLSEXT_SIGALG_rsa_pss_rsae_sha512, "rsa_pss_rsae_sha512"},
+    {TLSEXT_SIGALG_rsa_pss_pss_sha256, "rsa_pss_pss_sha256"},
+    {TLSEXT_SIGALG_rsa_pss_pss_sha384, "rsa_pss_pss_sha384"},
+    {TLSEXT_SIGALG_rsa_pss_pss_sha512, "rsa_pss_pss_sha512"},
     {TLSEXT_SIGALG_rsa_pkcs1_sha256, "rsa_pkcs1_sha256"},
     {TLSEXT_SIGALG_rsa_pkcs1_sha384, "rsa_pkcs1_sha384"},
     {TLSEXT_SIGALG_rsa_pkcs1_sha512, "rsa_pkcs1_sha512"},