summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_sigalgs.h
diff options
context:
space:
mode:
authorjsing <>2021-06-29 19:10:08 +0000
committerjsing <>2021-06-29 19:10:08 +0000
commit2084659c33f3dd4553097139197351f79d9931da (patch)
treee72ba2ab5fb929406d0b375f52854733096281ad /src/lib/libssl/ssl_sigalgs.h
parent380f15298c687e6a5ba2ad209905f15c7bf7efda (diff)
downloadopenbsd-2084659c33f3dd4553097139197351f79d9931da.tar.gz
openbsd-2084659c33f3dd4553097139197351f79d9931da.tar.bz2
openbsd-2084659c33f3dd4553097139197351f79d9931da.zip
Move the RSA-PSS check for TLSv1.3 to ssl_sigalg_pkey_ok().
Also, rather than passing in a check_curve flag, pass in the SSL * and handle version checks internally to ssl_sigalg_pkey_ok(), simplifying the callers. ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_sigalgs.h')
-rw-r--r--src/lib/libssl/ssl_sigalgs.h6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h
index c91e66a5a9..6905bba060 100644
--- a/src/lib/libssl/ssl_sigalgs.h
+++ b/src/lib/libssl/ssl_sigalgs.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_sigalgs.h,v 1.20 2021/06/27 18:15:35 jsing Exp $ */ 1/* $OpenBSD: ssl_sigalgs.h,v 1.21 2021/06/29 19:10:08 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -72,8 +72,8 @@ const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg);
72const struct ssl_sigalg *ssl_sigalg_from_value(uint16_t tls_version, 72const struct ssl_sigalg *ssl_sigalg_from_value(uint16_t tls_version,
73 uint16_t value); 73 uint16_t value);
74int ssl_sigalgs_build(uint16_t tls_version, CBB *cbb); 74int ssl_sigalgs_build(uint16_t tls_version, CBB *cbb);
75int ssl_sigalg_pkey_ok(const struct ssl_sigalg *sigalg, EVP_PKEY *pkey, 75int ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg,
76 int check_curve); 76 EVP_PKEY *pkey);
77const struct ssl_sigalg *ssl_sigalg_select(SSL *s, EVP_PKEY *pkey); 77const struct ssl_sigalg *ssl_sigalg_select(SSL *s, EVP_PKEY *pkey);
78 78
79__END_HIDDEN_DECLS 79__END_HIDDEN_DECLS