summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
Diffstat (limited to 'net')
-rw-r--r--net/quic/crypto/crypto_handshake.cc7
-rw-r--r--net/quic/crypto/crypto_protocol.h1
2 files changed, 8 insertions, 0 deletions
diff --git a/net/quic/crypto/crypto_handshake.cc b/net/quic/crypto/crypto_handshake.cc
index 5cf69f7..c0688b4 100644
--- a/net/quic/crypto/crypto_handshake.cc
+++ b/net/quic/crypto/crypto_handshake.cc
@@ -563,7 +563,14 @@ void QuicCryptoClientConfig::FillInchoateClientHello(
}
if (proof_verifier_.get()) {
+ // TODO(rtenneti): Enable ECDSA proof verification on Windows. Disabled it
+ // because X509Certificate::GetPublicKeyInfo is not returning the correct
+ // type for ECDSA certificates.
+#if defined(OS_WIN)
+ out->SetTaglist(kPDMD, kX59R, 0);
+#else
out->SetTaglist(kPDMD, kX509, 0);
+#endif
}
if (common_cert_sets) {
diff --git a/net/quic/crypto/crypto_protocol.h b/net/quic/crypto/crypto_protocol.h
index d877ce3..082976a 100644
--- a/net/quic/crypto/crypto_protocol.h
+++ b/net/quic/crypto/crypto_protocol.h
@@ -49,6 +49,7 @@ const QuicTag kINAR = TAG('I', 'N', 'A', 'R'); // Inter arrival
// Proof types (i.e. certificate types)
const QuicTag kX509 = TAG('X', '5', '0', '9'); // X.509 certificate
+const QuicTag kX59R = TAG('X', '5', '9', 'R'); // X.509 - RSA only
const QuicTag kCHID = TAG('C', 'H', 'I', 'D'); // Channel ID.
// Client hello tags
generated by cgit v1.1 at 2025-02-12 17:43:18 +0000