1 files changed, 13 insertions, 23 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index af9152d3de..0d82271325 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.51 2018/11/08 22:28:52 jsing Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.52 2018/11/09 00:34:55 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -166,6 +166,7 @@
 #include <openssl/x509.h>
 #include "bytestring.h"
+#include "ssl_sigalgs.h"
 #include "ssl_tlsext.h"
 int
@@ -1545,7 +1546,10 @@ ssl3_send_server_key_exchange(SSL *s)
                        /* Send signature algorithm. */
                        if (SSL_USE_SIGALGS(s)) {
-                                if (!tls12_get_hashandsig(&server_kex, pkey, md)) {
+                                uint16_t sigalg;
+                                if ((sigalg = ssl_sigalg_value(pkey, md)) ==
+                                    SIGALG_NONE ||
+                                    !CBB_add_u16(&server_kex, sigalg)) {
                                        /* Should never happen */
                                        al = SSL_AD_INTERNAL_ERROR;
                                        SSLerror(s, ERR_R_INTERNAL_ERROR);
@@ -1629,14 +1633,9 @@ ssl3_send_certificate_request(SSL *s)
                        goto err;
                if (SSL_USE_SIGALGS(s)) {
-                        unsigned char *sigalgs_data;
-                        size_t sigalgs_len;
-                        tls12_get_req_sig_algs(s, &sigalgs_data, &sigalgs_len);
                        if (!CBB_add_u16_length_prefixed(&cert_request, &sigalgs))
                                goto err;
-                        if (!CBB_add_bytes(&sigalgs, sigalgs_data, sigalgs_len))
+                        if (!ssl_sigalgs_build(&sigalgs))
                                goto err;
                }
@@ -2089,8 +2088,7 @@ ssl3_get_cert_verify(SSL *s)
        EVP_PKEY *pkey = NULL;
        X509 *peer = NULL;
        EVP_MD_CTX mctx;
-        uint8_t hash_id, sig_id;
+        int al, ok, verify;
-        int al, ok, sigalg, verify;
        const unsigned char *hdata;
        size_t hdatalen;
        int type = 0;
@@ -2157,24 +2155,16 @@ ssl3_get_cert_verify(SSL *s)
                        goto err;
        } else {
                if (SSL_USE_SIGALGS(s)) {
-                        if (!CBS_get_u8(&cbs, &hash_id))
+                        uint16_t sigalg;
-                                goto truncated;
-                        if (!CBS_get_u8(&cbs, &sig_id))
-                                goto truncated;
-                        if ((md = tls12_get_hash(hash_id)) == NULL) {
+                        if (!CBS_get_u16(&cbs, &sigalg))
+                                goto truncated;
+                        if ((md = ssl_sigalg_md(sigalg)) == NULL) {
                                SSLerror(s, SSL_R_UNKNOWN_DIGEST);
                                al = SSL_AD_DECODE_ERROR;
                                goto f_err;
                        }
+                        if (!ssl_sigalg_pkey_check(sigalg, pkey)) {
-                        /* Check key type is consistent with signature. */
-                        if ((sigalg = tls12_get_sigid(pkey)) == -1) {
-                                /* Should never happen */
-                                SSLerror(s, ERR_R_INTERNAL_ERROR);
-                                goto err;
-                        }
-                        if (sigalg != sig_id) {
                                SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
                                al = SSL_AD_DECODE_ERROR;
                                goto f_err;

diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c index af9152d3de..0d82271325 100644 --- a/src/lib/libssl/ssl_srvr.c +++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_srvr.c,v 1.51 2018/11/08 22:28:52 jsing Exp $ */	1	/* $OpenBSD: ssl_srvr.c,v 1.52 2018/11/09 00:34:55 beck Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -166,6 +166,7 @@
166	#include <openssl/x509.h>	166	#include <openssl/x509.h>
167		167
168	#include "bytestring.h"	168	#include "bytestring.h"
		169	#include "ssl_sigalgs.h"
169	#include "ssl_tlsext.h"	170	#include "ssl_tlsext.h"
170		171
171	int	172	int
@@ -1545,7 +1546,10 @@ ssl3_send_server_key_exchange(SSL *s)
1545		1546
1546	/* Send signature algorithm. */	1547	/* Send signature algorithm. */
1547	if (SSL_USE_SIGALGS(s)) {	1548	if (SSL_USE_SIGALGS(s)) {
1548	if (!tls12_get_hashandsig(&server_kex, pkey, md)) {	1549	uint16_t sigalg;
		1550	if ((sigalg = ssl_sigalg_value(pkey, md)) ==
		1551	SIGALG_NONE \|\|
		1552	!CBB_add_u16(&server_kex, sigalg)) {
1549	/* Should never happen */	1553	/* Should never happen */
1550	al = SSL_AD_INTERNAL_ERROR;	1554	al = SSL_AD_INTERNAL_ERROR;
1551	SSLerror(s, ERR_R_INTERNAL_ERROR);	1555	SSLerror(s, ERR_R_INTERNAL_ERROR);
@@ -1629,14 +1633,9 @@ ssl3_send_certificate_request(SSL *s)
1629	goto err;	1633	goto err;
1630		1634
1631	if (SSL_USE_SIGALGS(s)) {	1635	if (SSL_USE_SIGALGS(s)) {
1632	unsigned char *sigalgs_data;
1633	size_t sigalgs_len;
1634
1635	tls12_get_req_sig_algs(s, &sigalgs_data, &sigalgs_len);
1636
1637	if (!CBB_add_u16_length_prefixed(&cert_request, &sigalgs))	1636	if (!CBB_add_u16_length_prefixed(&cert_request, &sigalgs))
1638	goto err;	1637	goto err;
1639	if (!CBB_add_bytes(&sigalgs, sigalgs_data, sigalgs_len))	1638	if (!ssl_sigalgs_build(&sigalgs))
1640	goto err;	1639	goto err;
1641	}	1640	}
1642		1641
@@ -2089,8 +2088,7 @@ ssl3_get_cert_verify(SSL *s)
2089	EVP_PKEY *pkey = NULL;	2088	EVP_PKEY *pkey = NULL;
2090	X509 *peer = NULL;	2089	X509 *peer = NULL;
2091	EVP_MD_CTX mctx;	2090	EVP_MD_CTX mctx;
2092	uint8_t hash_id, sig_id;	2091	int al, ok, verify;
2093	int al, ok, sigalg, verify;
2094	const unsigned char *hdata;	2092	const unsigned char *hdata;
2095	size_t hdatalen;	2093	size_t hdatalen;
2096	int type = 0;	2094	int type = 0;
@@ -2157,24 +2155,16 @@ ssl3_get_cert_verify(SSL *s)
2157	goto err;	2155	goto err;
2158	} else {	2156	} else {
2159	if (SSL_USE_SIGALGS(s)) {	2157	if (SSL_USE_SIGALGS(s)) {
2160	if (!CBS_get_u8(&cbs, &hash_id))	2158	uint16_t sigalg;
2161	goto truncated;
2162	if (!CBS_get_u8(&cbs, &sig_id))
2163	goto truncated;
2164		2159
2165	if ((md = tls12_get_hash(hash_id)) == NULL) {	2160	if (!CBS_get_u16(&cbs, &sigalg))
		2161	goto truncated;
		2162	if ((md = ssl_sigalg_md(sigalg)) == NULL) {
2166	SSLerror(s, SSL_R_UNKNOWN_DIGEST);	2163	SSLerror(s, SSL_R_UNKNOWN_DIGEST);
2167	al = SSL_AD_DECODE_ERROR;	2164	al = SSL_AD_DECODE_ERROR;
2168	goto f_err;	2165	goto f_err;
2169	}	2166	}
2170		2167	if (!ssl_sigalg_pkey_check(sigalg, pkey)) {
2171	/* Check key type is consistent with signature. */
2172	if ((sigalg = tls12_get_sigid(pkey)) == -1) {
2173	/* Should never happen */
2174	SSLerror(s, ERR_R_INTERNAL_ERROR);
2175	goto err;
2176	}
2177	if (sigalg != sig_id) {
2178	SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);	2168	SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
2179	al = SSL_AD_DECODE_ERROR;	2169	al = SSL_AD_DECODE_ERROR;
2180	goto f_err;	2170	goto f_err;