diff options
| author | Noah Robbin <noah_robbin@symantec.com> | 2017-11-29 22:58:25 +0100 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2018-01-08 17:49:53 +0100 |
| commit | bcec0b9488d3b0a91289998e7e73f1d91156c6fb (patch) | |
| tree | b165f6ea7b4a6f31c4af4ecaf849d16594fb5752 /ssl | |
| parent | Use size of server key when selecting signature algorithm. (diff) | |
| download | openssl-bcec0b9488d3b0a91289998e7e73f1d91156c6fb.tar.xz openssl-bcec0b9488d3b0a91289998e7e73f1d91156c6fb.zip | |
Use the index that matches the key type (either SSL_PKEY_RSA_PSS_SIGN or SSL_PKEY_RSA).
Extract the RSA key using EVP_PKEY_get0. Type is checked externally to be either EVP_PKEY_RSA_PSS or EVP_PKEY_RSA.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4389)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/t1_lib.c | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index a2be135e44..f0f3b19682 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -2294,6 +2294,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) /* Look for a certificate matching shared sigalgs */ for (i = 0; i < s->cert->shared_sigalgslen; i++) { lu = s->cert->shared_sigalgs[i]; + sig_idx = -1; /* Skip SHA1, SHA224, DSA and RSA if not PSS */ if (lu->hash == NID_sha1 @@ -2326,9 +2327,23 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) #endif } else if (lu->sig == EVP_PKEY_RSA_PSS) { /* validate that key is large enough for the signature algorithm */ - const RSA *rsa = EVP_PKEY_get0_RSA(s->cert->pkeys[SSL_PKEY_RSA_PSS_SIGN].privatekey); + EVP_PKEY *pkey; + int pkey_id; - if (!rsa_pss_check_min_key_size(rsa, lu)) + if (sig_idx == -1) + pkey = s->cert->pkeys[lu->sig_idx].privatekey; + else + pkey = s->cert->pkeys[sig_idx].privatekey; + pkey_id = EVP_PKEY_id(pkey); + if (pkey_id != EVP_PKEY_RSA_PSS + && pkey_id != EVP_PKEY_RSA) + continue; + /* + * The pkey type is EVP_PKEY_RSA_PSS or EVP_PKEY_RSA + * EVP_PKEY_get0_RSA returns NULL if the type is not EVP_PKEY_RSA + * so use EVP_PKEY_get0 instead + */ + if (!rsa_pss_check_min_key_size(EVP_PKEY_get0(pkey), lu)) continue; } break; @@ -2385,9 +2400,13 @@ int tls_choose_sigalg(SSL *s, int fatalerrs) } if (lu->sig == EVP_PKEY_RSA_PSS) { /* validate that key is large enough for the signature algorithm */ - const RSA *rsa = EVP_PKEY_get0_RSA(s->cert->pkeys[SSL_PKEY_RSA_PSS_SIGN].privatekey); + EVP_PKEY *pkey = s->cert->pkeys[sig_idx].privatekey; + int pkey_id = EVP_PKEY_id(pkey); - if (!rsa_pss_check_min_key_size(rsa, lu)) + if (pkey_id != EVP_PKEY_RSA_PSS + && pkey_id != EVP_PKEY_RSA) + continue; + if (!rsa_pss_check_min_key_size(EVP_PKEY_get0(pkey), lu)) continue; } #ifndef OPENSSL_NO_EC |