Add server-side support for asynchronous signing. The RSA key exchange needs decryption and is still unsupported. Change-Id: I8c13b74e25a5424356afbe6e97b5f700a56de41f Reviewed-on: https://boringssl-review.googlesource.com/5467 Reviewed-by: Adam Langley <agl@google.com>

commit: 601448aa13694b48150249d2d102fb8eb58240aa [log] [tgz]
author: nagendra modadugu <ngm@google.com> Fri Jul 24 09:31:31 2015 -0700
committer: Adam Langley <agl@google.com> Fri Jul 31 01:14:29 2015 +0000
tree: c3fc8bb91eda251808703746945f138fa1ddc437
parent: 0950563a9bf67aed2a0c75ba0d1dd97509dcd09e [diff] [blame]
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index cf98bb6..a1ed39a 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -1959,7 +1959,7 @@
     uint8_t *p = ssl_handshake_start(s);
     size_t signature_length = 0;
     unsigned long n = 0;
-    assert(s->cert->privatekey != NULL || s->cert->key_method != NULL);
+    assert(ssl_has_private_key(s));
 
     if (s->state == SSL3_ST_CW_CERT_VRFY_A) {
       uint8_t *buf = (uint8_t *)s->init_buf->data;
@@ -2036,8 +2036,7 @@
 /* ssl3_has_client_certificate returns true if a client certificate is
  * configured. */
 static int ssl3_has_client_certificate(SSL *ssl) {
-  return ssl->cert && ssl->cert->x509 && (ssl->cert->privatekey ||
-                                          ssl->cert->key_method);
+  return ssl->cert && ssl->cert->x509 && ssl_has_private_key(ssl);
 }
 
 int ssl3_send_client_certificate(SSL *s) {
commit	601448aa13694b48150249d2d102fb8eb58240aa	[log] [tgz]
author	nagendra modadugu <ngm@google.com>	Fri Jul 24 09:31:31 2015 -0700
committer	Adam Langley <agl@google.com>	Fri Jul 31 01:14:29 2015 +0000
tree	c3fc8bb91eda251808703746945f138fa1ddc437
parent	0950563a9bf67aed2a0c75ba0d1dd97509dcd09e [diff] [blame]