ssl & public_key: Add use of more "sha-rsa oids"

4 files changed, 16 insertions, 5 deletions

diff --git a/lib/public_key/asn1/PKCS-1.asn1 b/lib/public_key/asn1/PKCS-1.asn1
index b06f5efa9d..c83289e779 100644
--- a/lib/public_key/asn1/PKCS-1.asn1
+++ b/lib/public_key/asn1/PKCS-1.asn1
@@ -33,6 +33,9 @@ sha1WithRSAEncryption      OBJECT IDENTIFIER ::= { pkcs-1 5 }
 sha256WithRSAEncryption    OBJECT IDENTIFIER ::= { pkcs-1 11 }
 sha384WithRSAEncryption    OBJECT IDENTIFIER ::= { pkcs-1 12 }
 sha512WithRSAEncryption    OBJECT IDENTIFIER ::= { pkcs-1 13 }
+sha224WithRSAEncryption    OBJECT IDENTIFIER  ::=  { pkcs-1 14 }
+
+
 
 id-sha1    OBJECT IDENTIFIER ::= {
     iso(1) identified-organization(3) oiw(14) secsig(3)
diff --git a/lib/ssl/src/ssl_certificate.erl b/lib/ssl/src/ssl_certificate.erl
index 605c267144..86f5617b54 100644
--- a/lib/ssl/src/ssl_certificate.erl
+++ b/lib/ssl/src/ssl_certificate.erl
@@ -172,7 +172,12 @@ extensions_list(Extensions) ->
 %% Description: 
 %%--------------------------------------------------------------------
 signature_type(RSA) when RSA == ?sha1WithRSAEncryption;
-			 RSA == ?md5WithRSAEncryption ->
+			 RSA == ?md5WithRSAEncryption;
+			 RSA == ?sha224WithRSAEncryption;
+			 RSA == ?sha256WithRSAEncryption;
+			 RSA == ?sha384WithRSAEncryption;
+			 RSA == ?sha512WithRSAEncryption
+			 ->
     rsa;
 signature_type(?'id-dsa-with-sha1') ->
     dsa.
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 86555dd0d9..f83341dee7 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -671,7 +671,6 @@ cipher(#finished{verify_data = Data} = Finished,
 	      = Session0,
 		  connection_states = ConnectionStates0,
 	      tls_handshake_history = Handshake0} = State) ->
-%%CHECKME: the connection state prf logic is pure guess work!
     case ssl_handshake:verify_connection(Version, Finished, 
 					 opposite_role(Role), 
 					 get_current_connection_state_prf(ConnectionStates0, read),
@@ -1507,7 +1506,12 @@ rsa_key_exchange(Version, PremasterSecret, PublicKeyInfo = {Algorithm, _, _})
   when Algorithm == ?rsaEncryption;
        Algorithm == ?md2WithRSAEncryption;
        Algorithm == ?md5WithRSAEncryption;
-       Algorithm == ?sha1WithRSAEncryption ->
+       Algorithm == ?sha1WithRSAEncryption;
+       Algorithm == ?sha224WithRSAEncryption;
+       Algorithm == ?sha256WithRSAEncryption;
+       Algorithm == ?sha384WithRSAEncryption;
+       Algorithm == ?sha512WithRSAEncryption
+       ->
     ssl_handshake:key_exchange(client, Version,
 			       {premaster_secret, PremasterSecret,
 				PublicKeyInfo});
@@ -1556,7 +1560,6 @@ finished(#state{role = Role, socket = Socket, negotiated_version = Version,
                 connection_states = ConnectionStates0,
                 tls_handshake_history = Handshake0}, StateName) ->
     MasterSecret = Session#session.master_secret,
-%%CHECKME: the connection state prf logic is pure guess work!
     Finished = ssl_handshake:finished(Version, Role,
 				       get_current_connection_state_prf(ConnectionStates0, write),
 				       MasterSecret, Handshake0),
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 497f778bc2..f198591c93 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -534,7 +534,7 @@ decrypt_premaster_secret(Secret, RSAPrivateKey) ->
     end.
 
 %%--------------------------------------------------------------------
--spec server_key_exchange_hash(md5sha | md5 | sha | sha256 | sha384 | sha512, binary()) -> binary().
+-spec server_key_exchange_hash(md5sha | md5 | sha | sha224 |sha256 | sha384 | sha512, binary()) -> binary().
 %%
 %% Description: Calculate server key exchange hash
 %%--------------------------------------------------------------------