diff options
| author | beck <> | 2018-11-13 01:19:48 +0000 |
|---|---|---|
| committer | beck <> | 2018-11-13 01:19:48 +0000 |
| commit | 8c2ba52c97511b3510d2c5e42e90782ddfcfd9a9 (patch) | |
| tree | a3358d6b3fd76fb3aeeb957483f372165fd011af | |
| parent | 9e5719eb897fb4c3a1c299e05e85609ab9fe5a9c (diff) | |
| download | openbsd-8c2ba52c97511b3510d2c5e42e90782ddfcfd9a9.tar.gz openbsd-8c2ba52c97511b3510d2c5e42e90782ddfcfd9a9.tar.bz2 openbsd-8c2ba52c97511b3510d2c5e42e90782ddfcfd9a9.zip | |
Fix pkey_ok to be less strange, and add cuve checks required for the EC ones
ok tb@
| -rw-r--r-- | src/lib/libssl/ssl_sigalgs.c | 35 |
1 files changed, 26 insertions, 9 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c index a6c5a4e9d8..8ea51b9c04 100644 --- a/src/lib/libssl/ssl_sigalgs.c +++ b/src/lib/libssl/ssl_sigalgs.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_sigalgs.c,v 1.7 2018/11/11 21:54:47 beck Exp $ */ | 1 | /* $OpenBSD: ssl_sigalgs.c,v 1.8 2018/11/13 01:19:48 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018, Bob Beck <beck@openbsd.org> |
| 4 | * | 4 | * |
| @@ -36,6 +36,7 @@ const struct ssl_sigalg sigalgs[] = { | |||
| 36 | .md = EVP_sha512, | 36 | .md = EVP_sha512, |
| 37 | .key_type = EVP_PKEY_EC, | 37 | .key_type = EVP_PKEY_EC, |
| 38 | .pkey_idx = SSL_PKEY_ECC, | 38 | .pkey_idx = SSL_PKEY_ECC, |
| 39 | .curve_nid = NID_secp521r1, | ||
| 39 | }, | 40 | }, |
| 40 | #ifndef OPENSSL_NO_GOST | 41 | #ifndef OPENSSL_NO_GOST |
| 41 | { | 42 | { |
| @@ -56,6 +57,7 @@ const struct ssl_sigalg sigalgs[] = { | |||
| 56 | .md = EVP_sha384, | 57 | .md = EVP_sha384, |
| 57 | .key_type = EVP_PKEY_EC, | 58 | .key_type = EVP_PKEY_EC, |
| 58 | .pkey_idx = SSL_PKEY_ECC, | 59 | .pkey_idx = SSL_PKEY_ECC, |
| 60 | .curve_nid = NID_secp384r1, | ||
| 59 | }, | 61 | }, |
| 60 | { | 62 | { |
| 61 | .value = SIGALG_RSA_PKCS1_SHA256, | 63 | .value = SIGALG_RSA_PKCS1_SHA256, |
| @@ -68,6 +70,7 @@ const struct ssl_sigalg sigalgs[] = { | |||
| 68 | .md = EVP_sha256, | 70 | .md = EVP_sha256, |
| 69 | .key_type = EVP_PKEY_EC, | 71 | .key_type = EVP_PKEY_EC, |
| 70 | .pkey_idx = SSL_PKEY_ECC, | 72 | .pkey_idx = SSL_PKEY_ECC, |
| 73 | .curve_nid = NID_X9_62_prime256v1, | ||
| 71 | }, | 74 | }, |
| 72 | #ifndef OPENSSL_NO_GOST | 75 | #ifndef OPENSSL_NO_GOST |
| 73 | { | 76 | { |
| @@ -229,15 +232,29 @@ ssl_sigalgs_build(CBB *cbb, uint16_t *values, size_t len) | |||
| 229 | int | 232 | int |
| 230 | ssl_sigalg_pkey_ok(const struct ssl_sigalg *sigalg, EVP_PKEY *pkey) | 233 | ssl_sigalg_pkey_ok(const struct ssl_sigalg *sigalg, EVP_PKEY *pkey) |
| 231 | { | 234 | { |
| 232 | if (sigalg->key_type == pkey->type) { | 235 | if (sigalg == NULL || pkey == NULL) |
| 233 | if (!(sigalg->flags & SIGALG_FLAG_RSA_PSS)) | 236 | return 0; |
| 234 | return 1; | 237 | if (sigalg->key_type != pkey->type) |
| 238 | return 0; | ||
| 239 | |||
| 240 | if ((sigalg->flags & SIGALG_FLAG_RSA_PSS)) { | ||
| 235 | /* | 241 | /* |
| 236 | * RSA keys for PSS need to be at least | 242 | * RSA PSS Must have an RSA key that needs to be at |
| 237 | * as big as twice the size of the hash + 2 | 243 | * least as big as twice the size of the hash + 2 |
| 238 | */ | 244 | */ |
| 239 | if (EVP_PKEY_size(pkey) < (2 * EVP_MD_size(sigalg->md()) + 2)) | 245 | if (pkey->type != EVP_PKEY_RSA || |
| 240 | return 1; | 246 | EVP_PKEY_size(pkey) < (2 * EVP_MD_size(sigalg->md()) + 2)) |
| 247 | return 0; | ||
| 248 | } | ||
| 249 | |||
| 250 | if (pkey->type == EVP_PKEY_EC) { | ||
| 251 | if (sigalg->curve_nid == 0) | ||
| 252 | return 0; | ||
| 253 | /* Curve must match for EC keys */ | ||
| 254 | if (EC_GROUP_get_curve_name(EC_KEY_get0_group | ||
| 255 | (EVP_PKEY_get0_EC_KEY(pkey))) != sigalg->curve_nid) | ||
| 256 | return 0; | ||
| 241 | } | 257 | } |
| 242 | return 0; | 258 | |
| 259 | return 1; | ||
| 243 | } | 260 | } |