Convert legacy stack client to ssl_sigalg_for_peer().

ok inoguchi@ tb@

diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c
index 25a3321..6fe22e0 100644 (file)
--- a/lib/libssl/ssl_clnt.c
+++ b/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_clnt.c,v 1.103 2021/06/29 19:10:08 jsing Exp $ */
+/* $OpenBSD: ssl_clnt.c,v 1.104 2021/06/29 19:23:36 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1465,7 +1465,6 @@ int
 ssl3_get_server_key_exchange(SSL *s)
 {
        CBS cbs, signature;
-       const EVP_MD *md = NULL;
        EVP_PKEY *pkey = NULL;
        EVP_MD_CTX md_ctx;
        const unsigned char *param;
@@ -1535,49 +1534,21 @@ ssl3_get_server_key_exchange(SSL *s)
        } else if (alg_k != 0) {
                al = SSL_AD_UNEXPECTED_MESSAGE;
                SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
-                       goto fatal_err;
+               goto fatal_err;
        }
 
        param_len -= CBS_len(&cbs);
 
        /* if it was signed, check the signature */
        if (pkey != NULL) {
-               EVP_PKEY_CTX *pctx;
+               uint16_t sigalg_value = SIGALG_NONE;
                const struct ssl_sigalg *sigalg;
+               EVP_PKEY_CTX *pctx;
 
                if (SSL_USE_SIGALGS(s)) {
-                       uint16_t sigalg_value;
-
                        if (!CBS_get_u16(&cbs, &sigalg_value))
                                goto decode_err;
-                       if ((sigalg = ssl_sigalg_from_value(
-                           S3I(s)->hs.negotiated_tls_version,
-                           sigalg_value)) == NULL) {
-                               SSLerror(s, SSL_R_UNKNOWN_DIGEST);
-                               al = SSL_AD_DECODE_ERROR;
-                               goto fatal_err;
-                       }
-                       if ((md = sigalg->md()) == NULL) {
-                               SSLerror(s, SSL_R_UNKNOWN_DIGEST);
-                               al = SSL_AD_DECODE_ERROR;
-                               goto fatal_err;
-                       }
-                       if (!ssl_sigalg_pkey_ok(s, sigalg, pkey)) {
-                               SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
-                               al = SSL_AD_DECODE_ERROR;
-                               goto fatal_err;
-                       }
-               } else if (pkey->type == EVP_PKEY_RSA) {
-                       sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1);
-               } else if (pkey->type == EVP_PKEY_EC) {
-                       sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);
-               } else {
-                       SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
-                       al = SSL_AD_DECODE_ERROR;
-                       goto fatal_err;
                }
-               md = sigalg->md();
-
                if (!CBS_get_u16_length_prefixed(&cbs, &signature))
                        goto decode_err;
                if (CBS_len(&signature) > EVP_PKEY_size(pkey)) {
@@ -1586,7 +1557,14 @@ ssl3_get_server_key_exchange(SSL *s)
                        goto fatal_err;
                }
 
-               if (!EVP_DigestVerifyInit(&md_ctx, &pctx, md, NULL, pkey))
+               if ((sigalg = ssl_sigalg_for_peer(s, pkey,
+                   sigalg_value)) == NULL) {
+                       al = SSL_AD_DECODE_ERROR;
+                       goto fatal_err;
+               }
+
+               if (!EVP_DigestVerifyInit(&md_ctx, &pctx, sigalg->md(),
+                   NULL, pkey))
                        goto err;
                if (!EVP_DigestVerifyUpdate(&md_ctx, s->s3->client_random,
                    SSL3_RANDOM_SIZE))