Use correct signature algorithm list when sending or checking.
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2290)
This commit is contained in:
parent
536454e53b
commit
a9669ddc64
4 changed files with 13 additions and 10 deletions
|
@ -2188,7 +2188,7 @@ __owur int tls12_copy_sigalgs(SSL *s, WPACKET *pkt,
|
||||||
const unsigned int *psig, size_t psiglen);
|
const unsigned int *psig, size_t psiglen);
|
||||||
__owur int tls1_save_sigalgs(SSL *s, PACKET *pkt);
|
__owur int tls1_save_sigalgs(SSL *s, PACKET *pkt);
|
||||||
__owur int tls1_process_sigalgs(SSL *s);
|
__owur int tls1_process_sigalgs(SSL *s);
|
||||||
__owur size_t tls12_get_psigalgs(SSL *s, const unsigned int **psigs);
|
__owur size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned int **psigs);
|
||||||
__owur int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, unsigned int sig,
|
__owur int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, unsigned int sig,
|
||||||
EVP_PKEY *pkey);
|
EVP_PKEY *pkey);
|
||||||
void ssl_set_client_disabled(SSL *s);
|
void ssl_set_client_disabled(SSL *s);
|
||||||
|
|
|
@ -231,7 +231,7 @@ int tls_construct_ctos_sig_algs(SSL *s, WPACKET *pkt, X509 *x, size_t chainidx,
|
||||||
if (!SSL_CLIENT_USE_SIGALGS(s))
|
if (!SSL_CLIENT_USE_SIGALGS(s))
|
||||||
return 1;
|
return 1;
|
||||||
|
|
||||||
salglen = tls12_get_psigalgs(s, &salg);
|
salglen = tls12_get_psigalgs(s, 1, &salg);
|
||||||
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_signature_algorithms)
|
if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_signature_algorithms)
|
||||||
/* Sub-packet for sig-algs extension */
|
/* Sub-packet for sig-algs extension */
|
||||||
|| !WPACKET_start_sub_packet_u16(pkt)
|
|| !WPACKET_start_sub_packet_u16(pkt)
|
||||||
|
|
|
@ -2310,7 +2310,7 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
|
||||||
|
|
||||||
if (SSL_USE_SIGALGS(s)) {
|
if (SSL_USE_SIGALGS(s)) {
|
||||||
const unsigned int *psigs;
|
const unsigned int *psigs;
|
||||||
size_t nl = tls12_get_psigalgs(s, &psigs);
|
size_t nl = tls12_get_psigalgs(s, 1, &psigs);
|
||||||
|
|
||||||
if (!WPACKET_start_sub_packet_u16(pkt)
|
if (!WPACKET_start_sub_packet_u16(pkt)
|
||||||
|| !tls12_copy_sigalgs(s, pkt, psigs, nl)
|
|| !tls12_copy_sigalgs(s, pkt, psigs, nl)
|
||||||
|
|
17
ssl/t1_lib.c
17
ssl/t1_lib.c
|
@ -773,8 +773,7 @@ static int tls_sigalg_get_sig(unsigned int sigalg)
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
size_t tls12_get_psigalgs(SSL *s, int sent, const unsigned int **psigs)
|
||||||
size_t tls12_get_psigalgs(SSL *s, const unsigned int **psigs)
|
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* If Suite B mode use Suite B sigalgs only, ignore any other
|
* If Suite B mode use Suite B sigalgs only, ignore any other
|
||||||
|
@ -795,8 +794,12 @@ size_t tls12_get_psigalgs(SSL *s, const unsigned int **psigs)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
/* If server use client authentication sigalgs if not NULL */
|
/*
|
||||||
if (s->server && s->cert->client_sigalgs) {
|
* We use client_sigalgs (if not NULL) if we're a server
|
||||||
|
* and sending a certificate request or if we're a client and
|
||||||
|
* determining which shared algorithm to use.
|
||||||
|
*/
|
||||||
|
if ((s->server == sent) && s->cert->client_sigalgs != NULL) {
|
||||||
*psigs = s->cert->client_sigalgs;
|
*psigs = s->cert->client_sigalgs;
|
||||||
return s->cert->client_sigalgslen;
|
return s->cert->client_sigalgslen;
|
||||||
} else if (s->cert->conf_sigalgs) {
|
} else if (s->cert->conf_sigalgs) {
|
||||||
|
@ -861,7 +864,7 @@ int tls12_check_peer_sigalg(const EVP_MD **pmd, SSL *s, unsigned int sig,
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Check signature matches a type we sent */
|
/* Check signature matches a type we sent */
|
||||||
sent_sigslen = tls12_get_psigalgs(s, &sent_sigs);
|
sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs);
|
||||||
for (i = 0; i < sent_sigslen; i++, sent_sigs++) {
|
for (i = 0; i < sent_sigslen; i++, sent_sigs++) {
|
||||||
if (sig == *sent_sigs)
|
if (sig == *sent_sigs)
|
||||||
break;
|
break;
|
||||||
|
@ -1429,7 +1432,7 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op)
|
||||||
* RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2. To keep
|
* RSA, DSA, ECDSA. Do this for all versions not just TLS 1.2. To keep
|
||||||
* down calls to security callback only check if we have to.
|
* down calls to security callback only check if we have to.
|
||||||
*/
|
*/
|
||||||
sigalgslen = tls12_get_psigalgs(s, &sigalgs);
|
sigalgslen = tls12_get_psigalgs(s, 1, &sigalgs);
|
||||||
for (i = 0; i < sigalgslen; i ++, sigalgs++) {
|
for (i = 0; i < sigalgslen; i ++, sigalgs++) {
|
||||||
switch (tls_sigalg_get_sig(*sigalgs)) {
|
switch (tls_sigalg_get_sig(*sigalgs)) {
|
||||||
#ifndef OPENSSL_NO_RSA
|
#ifndef OPENSSL_NO_RSA
|
||||||
|
@ -1523,7 +1526,7 @@ static int tls1_set_shared_sigalgs(SSL *s)
|
||||||
conf = c->conf_sigalgs;
|
conf = c->conf_sigalgs;
|
||||||
conflen = c->conf_sigalgslen;
|
conflen = c->conf_sigalgslen;
|
||||||
} else
|
} else
|
||||||
conflen = tls12_get_psigalgs(s, &conf);
|
conflen = tls12_get_psigalgs(s, 0, &conf);
|
||||||
if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || is_suiteb) {
|
if (s->options & SSL_OP_CIPHER_SERVER_PREFERENCE || is_suiteb) {
|
||||||
pref = conf;
|
pref = conf;
|
||||||
preflen = conflen;
|
preflen = conflen;
|
||||||
|
|
Loading…
Reference in a new issue