From: jsing Date: Tue, 29 Jun 2021 19:23:36 +0000 (+0000) Subject: Convert legacy stack client to ssl_sigalg_for_peer(). X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=dab9fedafd3a8fe21f36528a497ae3eeece4dabc;p=openbsd Convert legacy stack client to ssl_sigalg_for_peer(). ok inoguchi@ tb@ --- diff --git a/lib/libssl/ssl_clnt.c b/lib/libssl/ssl_clnt.c index 25a3321324b..6fe22e04e87 100644 --- a/lib/libssl/ssl_clnt.c +++ b/lib/libssl/ssl_clnt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_clnt.c,v 1.103 2021/06/29 19:10:08 jsing Exp $ */ +/* $OpenBSD: ssl_clnt.c,v 1.104 2021/06/29 19:23:36 jsing Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1465,7 +1465,6 @@ int ssl3_get_server_key_exchange(SSL *s) { CBS cbs, signature; - const EVP_MD *md = NULL; EVP_PKEY *pkey = NULL; EVP_MD_CTX md_ctx; const unsigned char *param; @@ -1535,49 +1534,21 @@ ssl3_get_server_key_exchange(SSL *s) } else if (alg_k != 0) { al = SSL_AD_UNEXPECTED_MESSAGE; SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); - goto fatal_err; + goto fatal_err; } param_len -= CBS_len(&cbs); /* if it was signed, check the signature */ if (pkey != NULL) { - EVP_PKEY_CTX *pctx; + uint16_t sigalg_value = SIGALG_NONE; const struct ssl_sigalg *sigalg; + EVP_PKEY_CTX *pctx; if (SSL_USE_SIGALGS(s)) { - uint16_t sigalg_value; - if (!CBS_get_u16(&cbs, &sigalg_value)) goto decode_err; - if ((sigalg = ssl_sigalg_from_value( - S3I(s)->hs.negotiated_tls_version, - sigalg_value)) == NULL) { - SSLerror(s, SSL_R_UNKNOWN_DIGEST); - al = SSL_AD_DECODE_ERROR; - goto fatal_err; - } - if ((md = sigalg->md()) == NULL) { - SSLerror(s, SSL_R_UNKNOWN_DIGEST); - al = SSL_AD_DECODE_ERROR; - goto fatal_err; - } - if (!ssl_sigalg_pkey_ok(s, sigalg, pkey)) { - SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE); - al = SSL_AD_DECODE_ERROR; - goto fatal_err; - } - } else if (pkey->type == EVP_PKEY_RSA) { - sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1); - } else if (pkey->type == EVP_PKEY_EC) { - sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1); - } else { - SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE); - al = SSL_AD_DECODE_ERROR; - goto fatal_err; } - md = sigalg->md(); - if (!CBS_get_u16_length_prefixed(&cbs, &signature)) goto decode_err; if (CBS_len(&signature) > EVP_PKEY_size(pkey)) { @@ -1586,7 +1557,14 @@ ssl3_get_server_key_exchange(SSL *s) goto fatal_err; } - if (!EVP_DigestVerifyInit(&md_ctx, &pctx, md, NULL, pkey)) + if ((sigalg = ssl_sigalg_for_peer(s, pkey, + sigalg_value)) == NULL) { + al = SSL_AD_DECODE_ERROR; + goto fatal_err; + } + + if (!EVP_DigestVerifyInit(&md_ctx, &pctx, sigalg->md(), + NULL, pkey)) goto err; if (!EVP_DigestVerifyUpdate(&md_ctx, s->s3->client_random, SSL3_RANDOM_SIZE))