summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls13_server.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libssl/tls13_server.c')
-rw-r--r--src/lib/libssl/tls13_server.c9
1 files changed, 3 insertions, 6 deletions
diff --git a/src/lib/libssl/tls13_server.c b/src/lib/libssl/tls13_server.c
index c3d4ca9bd8..ff410fbb34 100644
--- a/src/lib/libssl/tls13_server.c
+++ b/src/lib/libssl/tls13_server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls13_server.c,v 1.82 2021/06/29 19:10:08 jsing Exp $ */ 1/* $OpenBSD: tls13_server.c,v 1.83 2021/06/29 19:20:39 jsing Exp $ */
2/* 2/*
3 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org>
4 * Copyright (c) 2020 Bob Beck <beck@openbsd.org> 4 * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
@@ -970,10 +970,6 @@ tls13_client_certificate_verify_recv(struct tls13_ctx *ctx, CBS *cbs)
970 if (!CBS_get_u16_length_prefixed(cbs, &signature)) 970 if (!CBS_get_u16_length_prefixed(cbs, &signature))
971 goto err; 971 goto err;
972 972
973 if ((sigalg = ssl_sigalg_from_value(ctx->hs->negotiated_tls_version,
974 signature_scheme)) == NULL)
975 goto err;
976
977 if (!CBB_init(&cbb, 0)) 973 if (!CBB_init(&cbb, 0))
978 goto err; 974 goto err;
979 if (!CBB_add_bytes(&cbb, tls13_cert_verify_pad, 975 if (!CBB_add_bytes(&cbb, tls13_cert_verify_pad,
@@ -994,7 +990,8 @@ tls13_client_certificate_verify_recv(struct tls13_ctx *ctx, CBS *cbs)
994 goto err; 990 goto err;
995 if ((pkey = X509_get0_pubkey(cert)) == NULL) 991 if ((pkey = X509_get0_pubkey(cert)) == NULL)
996 goto err; 992 goto err;
997 if (!ssl_sigalg_pkey_ok(ctx->ssl, sigalg, pkey)) 993 if ((sigalg = ssl_sigalg_for_peer(ctx->ssl, pkey,
994 signature_scheme)) == NULL)
998 goto err; 995 goto err;
999 ctx->hs->peer_sigalg = sigalg; 996 ctx->hs->peer_sigalg = sigalg;
1000 997
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 07:15:22 +0000