diff options
| -rw-r--r-- | src/lib/libssl/ssl_clnt.c | 8 | ||||
| -rw-r--r-- | src/lib/libssl/ssl_srvr.c | 9 |
2 files changed, 15 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c index 4d003466c4..0a1b6ea241 100644 --- a/src/lib/libssl/ssl_clnt.c +++ b/src/lib/libssl/ssl_clnt.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_clnt.c,v 1.68 2020/05/31 16:36:35 jsing Exp $ */ | 1 | /* $OpenBSD: ssl_clnt.c,v 1.69 2020/06/05 17:53:26 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2341,6 +2341,12 @@ ssl3_send_client_verify_sigalgs(SSL *s, CBB *cert_verify) | |||
| 2341 | SSLerror(s, ERR_R_EVP_LIB); | 2341 | SSLerror(s, ERR_R_EVP_LIB); |
| 2342 | goto err; | 2342 | goto err; |
| 2343 | } | 2343 | } |
| 2344 | if (sigalg->key_type == EVP_PKEY_GOSTR01 && | ||
| 2345 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_SIGN, | ||
| 2346 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, NULL) <= 0) { | ||
| 2347 | SSLerror(s, ERR_R_EVP_LIB); | ||
| 2348 | goto err; | ||
| 2349 | } | ||
| 2344 | if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && | 2350 | if ((sigalg->flags & SIGALG_FLAG_RSA_PSS) && |
| 2345 | (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) || | 2351 | (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) || |
| 2346 | !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) { | 2352 | !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1))) { |
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index 15dfdc35b1..706ad1453b 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssl_srvr.c,v 1.78 2020/06/01 08:04:02 tb Exp $ */ | 1 | /* $OpenBSD: ssl_srvr.c,v 1.79 2020/06/05 17:53:26 jsing Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2199,6 +2199,13 @@ ssl3_get_cert_verify(SSL *s) | |||
| 2199 | al = SSL_AD_INTERNAL_ERROR; | 2199 | al = SSL_AD_INTERNAL_ERROR; |
| 2200 | goto f_err; | 2200 | goto f_err; |
| 2201 | } | 2201 | } |
| 2202 | if (sigalg->key_type == EVP_PKEY_GOSTR01 && | ||
| 2203 | EVP_PKEY_CTX_ctrl(pctx, -1, EVP_PKEY_OP_VERIFY, | ||
| 2204 | EVP_PKEY_CTRL_GOST_SIG_FORMAT, GOST_SIG_FORMAT_RS_LE, | ||
| 2205 | NULL) <= 0) { | ||
| 2206 | al = SSL_AD_INTERNAL_ERROR; | ||
| 2207 | goto f_err; | ||
| 2208 | } | ||
| 2202 | if (!EVP_DigestVerifyUpdate(&mctx, hdata, hdatalen)) { | 2209 | if (!EVP_DigestVerifyUpdate(&mctx, hdata, hdatalen)) { |
| 2203 | SSLerror(s, ERR_R_EVP_LIB); | 2210 | SSLerror(s, ERR_R_EVP_LIB); |
| 2204 | al = SSL_AD_INTERNAL_ERROR; | 2211 | al = SSL_AD_INTERNAL_ERROR; |