[dev.boringcrypto] all: merge master into dev.boringcrypto

[gostls13.git] / src / crypto / tls / handshake_client.go

diff --git a/src/crypto/tls/handshake_client.go b/src/crypto/tls/handshake_client.go
index e8f327e23fa861f2e906ccf9ac93757ddd4380ed..1ff342214824fb7465177ab76db14c3096996b53 100644 (file)
--- a/src/crypto/tls/handshake_client.go
+++ b/src/crypto/tls/handshake_client.go
@@ -576,7 +576,7 @@ func (hs *clientHandshakeState) doFullHandshake() error {
                        return fmt.Errorf("tls: client certificate private key of type %T does not implement crypto.Signer", chainToSend.PrivateKey)
                }
 
-               signatureAlgorithm, sigType, hashFunc, err := pickSignatureAlgorithm(key.Public(), certReq.supportedSignatureAlgorithms, hs.hello.supportedSignatureAlgorithms, c.vers)
+               signatureAlgorithm, sigType, hashFunc, err := pickSignatureAlgorithm(key.Public(), certReq.supportedSignatureAlgorithms, supportedSignatureAlgorithmsTLS12(), c.vers)
                if err != nil {
                        c.sendAlert(alertInternalError)
                        return err
@@ -904,10 +904,8 @@ func certificateRequestInfoFromMsg(certReq *certificateRequestMsg) *CertificateR
                return cri
        }
 
-       // In TLS 1.2, the signature schemes apply to both the certificate chain and
-       // the leaf key, while the certificate types only apply to the leaf key.
+       // Filter the signature schemes based on the certificate types.
        // See RFC 5246, Section 7.4.4 (where it calls this "somewhat complicated").
-       // Filter the signature schemes based on the certificate type.
        cri.SignatureSchemes = make([]SignatureScheme, 0, len(certReq.supportedSignatureAlgorithms))
        for _, sigScheme := range certReq.supportedSignatureAlgorithms {
                switch signatureFromSignatureScheme(sigScheme) {