diff options
| author | beck <> | 2019-01-23 18:39:28 +0000 |
|---|---|---|
| committer | beck <> | 2019-01-23 18:39:28 +0000 |
| commit | 5b044ab96482aee07d5182930013d4e606d4740d (patch) | |
| tree | e5f32c31b20068e7d8674ff7ddb1ea2fe2ca16fa /src/lib/libssl/ssl_sigalgs.c | |
| parent | 9a6a5e403c8b66eb5bbc3532a5f1b5e325b172c1 (diff) | |
| download | openbsd-5b044ab96482aee07d5182930013d4e606d4740d.tar.gz openbsd-5b044ab96482aee07d5182930013d4e606d4740d.tar.bz2 openbsd-5b044ab96482aee07d5182930013d4e606d4740d.zip | |
Modify sigalgs extension processing to accomodate TLS 1.3.
- Make a separate sigalgs list for TLS 1.3 including only modern
algorithm choices which we use when the handshake will not negotiate
TLS 1.2.
- Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as
mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2
from a 1.3 handshake.
ok jsing@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_sigalgs.c')
| -rw-r--r-- | src/lib/libssl/ssl_sigalgs.c | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c index 182ea1edaa..041e940d8e 100644 --- a/src/lib/libssl/ssl_sigalgs.c +++ b/src/lib/libssl/ssl_sigalgs.c | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | /* $OpenBSD: ssl_sigalgs.c,v 1.13 2019/01/23 18:24:40 beck Exp $ */ | 1 | /* $OpenBSD: ssl_sigalgs.c,v 1.14 2019/01/23 18:39:28 beck Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018, Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> |
| 4 | * | 4 | * |
| 5 | * Permission to use, copy, modify, and/or distribute this software for any | 5 | * Permission to use, copy, modify, and/or distribute this software for any |
| 6 | * purpose with or without fee is hereby granted, provided that the above | 6 | * purpose with or without fee is hereby granted, provided that the above |
| @@ -163,13 +163,30 @@ const struct ssl_sigalg sigalgs[] = { | |||
| 163 | }, | 163 | }, |
| 164 | }; | 164 | }; |
| 165 | 165 | ||
| 166 | /* Sigalgs for tls 1.3, in preference order, */ | ||
| 167 | uint16_t tls13_sigalgs[] = { | ||
| 168 | SIGALG_RSA_PSS_RSAE_SHA512, | ||
| 169 | SIGALG_RSA_PKCS1_SHA512, | ||
| 170 | SIGALG_ECDSA_SECP512R1_SHA512, | ||
| 171 | SIGALG_RSA_PSS_RSAE_SHA384, | ||
| 172 | SIGALG_RSA_PKCS1_SHA384, | ||
| 173 | SIGALG_ECDSA_SECP384R1_SHA384, | ||
| 174 | SIGALG_RSA_PSS_RSAE_SHA256, | ||
| 175 | SIGALG_RSA_PKCS1_SHA256, | ||
| 176 | SIGALG_ECDSA_SECP256R1_SHA256, | ||
| 177 | }; | ||
| 178 | size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0])); | ||
| 179 | |||
| 166 | /* Sigalgs for tls 1.2, in preference order, */ | 180 | /* Sigalgs for tls 1.2, in preference order, */ |
| 167 | uint16_t tls12_sigalgs[] = { | 181 | uint16_t tls12_sigalgs[] = { |
| 182 | SIGALG_RSA_PSS_RSAE_SHA512, | ||
| 168 | SIGALG_RSA_PKCS1_SHA512, | 183 | SIGALG_RSA_PKCS1_SHA512, |
| 169 | SIGALG_ECDSA_SECP512R1_SHA512, | 184 | SIGALG_ECDSA_SECP512R1_SHA512, |
| 170 | SIGALG_GOSTR12_512_STREEBOG_512, | 185 | SIGALG_GOSTR12_512_STREEBOG_512, |
| 186 | SIGALG_RSA_PSS_RSAE_SHA384, | ||
| 171 | SIGALG_RSA_PKCS1_SHA384, | 187 | SIGALG_RSA_PKCS1_SHA384, |
| 172 | SIGALG_ECDSA_SECP384R1_SHA384, | 188 | SIGALG_ECDSA_SECP384R1_SHA384, |
| 189 | SIGALG_RSA_PSS_RSAE_SHA256, | ||
| 173 | SIGALG_RSA_PKCS1_SHA256, | 190 | SIGALG_RSA_PKCS1_SHA256, |
| 174 | SIGALG_ECDSA_SECP256R1_SHA256, | 191 | SIGALG_ECDSA_SECP256R1_SHA256, |
| 175 | SIGALG_GOSTR12_256_STREEBOG_256, | 192 | SIGALG_GOSTR12_256_STREEBOG_256, |