diff options
author | jsing <> | 2021-06-29 19:10:08 +0000 |
---|---|---|
committer | jsing <> | 2021-06-29 19:10:08 +0000 |
commit | 2084659c33f3dd4553097139197351f79d9931da (patch) | |
tree | e72ba2ab5fb929406d0b375f52854733096281ad /src/lib/libssl/ssl_sigalgs.h | |
parent | 380f15298c687e6a5ba2ad209905f15c7bf7efda (diff) | |
download | openbsd-2084659c33f3dd4553097139197351f79d9931da.tar.gz openbsd-2084659c33f3dd4553097139197351f79d9931da.tar.bz2 openbsd-2084659c33f3dd4553097139197351f79d9931da.zip |
Move the RSA-PSS check for TLSv1.3 to ssl_sigalg_pkey_ok().
Also, rather than passing in a check_curve flag, pass in the SSL * and
handle version checks internally to ssl_sigalg_pkey_ok(), simplifying
the callers.
ok inoguchi@ tb@
Diffstat (limited to 'src/lib/libssl/ssl_sigalgs.h')
-rw-r--r-- | src/lib/libssl/ssl_sigalgs.h | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h index c91e66a5a9..6905bba060 100644 --- a/src/lib/libssl/ssl_sigalgs.h +++ b/src/lib/libssl/ssl_sigalgs.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_sigalgs.h,v 1.20 2021/06/27 18:15:35 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_sigalgs.h,v 1.21 2021/06/29 19:10:08 jsing Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> | 3 | * Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org> |
4 | * | 4 | * |
@@ -72,8 +72,8 @@ const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg); | |||
72 | const struct ssl_sigalg *ssl_sigalg_from_value(uint16_t tls_version, | 72 | const struct ssl_sigalg *ssl_sigalg_from_value(uint16_t tls_version, |
73 | uint16_t value); | 73 | uint16_t value); |
74 | int ssl_sigalgs_build(uint16_t tls_version, CBB *cbb); | 74 | int ssl_sigalgs_build(uint16_t tls_version, CBB *cbb); |
75 | int ssl_sigalg_pkey_ok(const struct ssl_sigalg *sigalg, EVP_PKEY *pkey, | 75 | int ssl_sigalg_pkey_ok(SSL *s, const struct ssl_sigalg *sigalg, |
76 | int check_curve); | 76 | EVP_PKEY *pkey); |
77 | const struct ssl_sigalg *ssl_sigalg_select(SSL *s, EVP_PKEY *pkey); | 77 | const struct ssl_sigalg *ssl_sigalg_select(SSL *s, EVP_PKEY *pkey); |
78 | 78 | ||
79 | __END_HIDDEN_DECLS | 79 | __END_HIDDEN_DECLS |