summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_srvr.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/ssl_srvr.c')
-rw-r--r--src/lib/libssl/ssl_srvr.c32
1 files changed, 22 insertions, 10 deletions
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 13644c1625..6b0d85b15b 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_srvr.c,v 1.124 2021/11/19 18:53:10 tb Exp $ */ 1/* $OpenBSD: ssl_srvr.c,v 1.125 2021/11/26 16:41:42 tb Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1727,13 +1727,11 @@ ssl3_get_client_kex_rsa(SSL *s, CBS *cbs)
1727 fakekey[1] = S3I(s)->hs.peer_legacy_version & 0xff; 1727 fakekey[1] = S3I(s)->hs.peer_legacy_version & 0xff;
1728 1728
1729 pkey = s->cert->pkeys[SSL_PKEY_RSA].privatekey; 1729 pkey = s->cert->pkeys[SSL_PKEY_RSA].privatekey;
1730 if ((pkey == NULL) || (pkey->type != EVP_PKEY_RSA) || 1730 if (pkey == NULL || (rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) {
1731 (pkey->pkey.rsa == NULL)) {
1732 al = SSL_AD_HANDSHAKE_FAILURE; 1731 al = SSL_AD_HANDSHAKE_FAILURE;
1733 SSLerror(s, SSL_R_MISSING_RSA_CERTIFICATE); 1732 SSLerror(s, SSL_R_MISSING_RSA_CERTIFICATE);
1734 goto fatal_err; 1733 goto fatal_err;
1735 } 1734 }
1736 rsa = pkey->pkey.rsa;
1737 1735
1738 pms_len = RSA_size(rsa); 1736 pms_len = RSA_size(rsa);
1739 if (pms_len < SSL_MAX_MASTER_KEY_LENGTH) 1737 if (pms_len < SSL_MAX_MASTER_KEY_LENGTH)
@@ -2226,10 +2224,17 @@ ssl3_get_cert_verify(SSL *s)
2226 SSLerror(s, SSL_R_BAD_SIGNATURE); 2224 SSLerror(s, SSL_R_BAD_SIGNATURE);
2227 goto fatal_err; 2225 goto fatal_err;
2228 } 2226 }
2229 } else if (pkey->type == EVP_PKEY_RSA) { 2227 } else if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA) {
2228 RSA *rsa;
2229
2230 if ((rsa = EVP_PKEY_get0_RSA(pkey)) == NULL) {
2231 al = SSL_AD_INTERNAL_ERROR;
2232 SSLerror(s, ERR_R_EVP_LIB);
2233 goto fatal_err;
2234 }
2230 verify = RSA_verify(NID_md5_sha1, S3I(s)->hs.tls12.cert_verify, 2235 verify = RSA_verify(NID_md5_sha1, S3I(s)->hs.tls12.cert_verify,
2231 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, CBS_data(&signature), 2236 MD5_DIGEST_LENGTH + SHA_DIGEST_LENGTH, CBS_data(&signature),
2232 CBS_len(&signature), pkey->pkey.rsa); 2237 CBS_len(&signature), rsa);
2233 if (verify < 0) { 2238 if (verify < 0) {
2234 al = SSL_AD_DECRYPT_ERROR; 2239 al = SSL_AD_DECRYPT_ERROR;
2235 SSLerror(s, SSL_R_BAD_RSA_DECRYPT); 2240 SSLerror(s, SSL_R_BAD_RSA_DECRYPT);
@@ -2240,19 +2245,26 @@ ssl3_get_cert_verify(SSL *s)
2240 SSLerror(s, SSL_R_BAD_RSA_SIGNATURE); 2245 SSLerror(s, SSL_R_BAD_RSA_SIGNATURE);
2241 goto fatal_err; 2246 goto fatal_err;
2242 } 2247 }
2243 } else if (pkey->type == EVP_PKEY_EC) { 2248 } else if (EVP_PKEY_id(pkey) == EVP_PKEY_EC) {
2249 EC_KEY *eckey;
2250
2251 if ((eckey = EVP_PKEY_get0_EC_KEY(pkey)) == NULL) {
2252 al = SSL_AD_INTERNAL_ERROR;
2253 SSLerror(s, ERR_R_EVP_LIB);
2254 goto fatal_err;
2255 }
2244 verify = ECDSA_verify(0, 2256 verify = ECDSA_verify(0,
2245 &(S3I(s)->hs.tls12.cert_verify[MD5_DIGEST_LENGTH]), 2257 &(S3I(s)->hs.tls12.cert_verify[MD5_DIGEST_LENGTH]),
2246 SHA_DIGEST_LENGTH, CBS_data(&signature), 2258 SHA_DIGEST_LENGTH, CBS_data(&signature),
2247 CBS_len(&signature), pkey->pkey.ec); 2259 CBS_len(&signature), eckey);
2248 if (verify <= 0) { 2260 if (verify <= 0) {
2249 al = SSL_AD_DECRYPT_ERROR; 2261 al = SSL_AD_DECRYPT_ERROR;
2250 SSLerror(s, SSL_R_BAD_ECDSA_SIGNATURE); 2262 SSLerror(s, SSL_R_BAD_ECDSA_SIGNATURE);
2251 goto fatal_err; 2263 goto fatal_err;
2252 } 2264 }
2253#ifndef OPENSSL_NO_GOST 2265#ifndef OPENSSL_NO_GOST
2254 } else if (pkey->type == NID_id_GostR3410_94 || 2266 } else if (EVP_PKEY_id(pkey) == NID_id_GostR3410_94 ||
2255 pkey->type == NID_id_GostR3410_2001) { 2267 EVP_PKEY_id(pkey) == NID_id_GostR3410_2001) {
2256 unsigned char sigbuf[128]; 2268 unsigned char sigbuf[128];
2257 unsigned int siglen = sizeof(sigbuf); 2269 unsigned int siglen = sizeof(sigbuf);
2258 EVP_PKEY_CTX *pctx; 2270 EVP_PKEY_CTX *pctx;