summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/libssl/ssl_clnt.c46
1 files changed, 12 insertions, 34 deletions
diff --git a/src/lib/libssl/ssl_clnt.c b/src/lib/libssl/ssl_clnt.c
index 25a3321324..6fe22e04e8 100644
--- a/src/lib/libssl/ssl_clnt.c
+++ b/src/lib/libssl/ssl_clnt.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssl_clnt.c,v 1.103 2021/06/29 19:10:08 jsing Exp $ */ 1/* $OpenBSD: ssl_clnt.c,v 1.104 2021/06/29 19:23:36 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -1465,7 +1465,6 @@ int
1465ssl3_get_server_key_exchange(SSL *s) 1465ssl3_get_server_key_exchange(SSL *s)
1466{ 1466{
1467 CBS cbs, signature; 1467 CBS cbs, signature;
1468 const EVP_MD *md = NULL;
1469 EVP_PKEY *pkey = NULL; 1468 EVP_PKEY *pkey = NULL;
1470 EVP_MD_CTX md_ctx; 1469 EVP_MD_CTX md_ctx;
1471 const unsigned char *param; 1470 const unsigned char *param;
@@ -1535,49 +1534,21 @@ ssl3_get_server_key_exchange(SSL *s)
1535 } else if (alg_k != 0) { 1534 } else if (alg_k != 0) {
1536 al = SSL_AD_UNEXPECTED_MESSAGE; 1535 al = SSL_AD_UNEXPECTED_MESSAGE;
1537 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE); 1536 SSLerror(s, SSL_R_UNEXPECTED_MESSAGE);
1538 goto fatal_err; 1537 goto fatal_err;
1539 } 1538 }
1540 1539
1541 param_len -= CBS_len(&cbs); 1540 param_len -= CBS_len(&cbs);
1542 1541
1543 /* if it was signed, check the signature */ 1542 /* if it was signed, check the signature */
1544 if (pkey != NULL) { 1543 if (pkey != NULL) {
1545 EVP_PKEY_CTX *pctx; 1544 uint16_t sigalg_value = SIGALG_NONE;
1546 const struct ssl_sigalg *sigalg; 1545 const struct ssl_sigalg *sigalg;
1546 EVP_PKEY_CTX *pctx;
1547 1547
1548 if (SSL_USE_SIGALGS(s)) { 1548 if (SSL_USE_SIGALGS(s)) {
1549 uint16_t sigalg_value;
1550
1551 if (!CBS_get_u16(&cbs, &sigalg_value)) 1549 if (!CBS_get_u16(&cbs, &sigalg_value))
1552 goto decode_err; 1550 goto decode_err;
1553 if ((sigalg = ssl_sigalg_from_value(
1554 S3I(s)->hs.negotiated_tls_version,
1555 sigalg_value)) == NULL) {
1556 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
1557 al = SSL_AD_DECODE_ERROR;
1558 goto fatal_err;
1559 }
1560 if ((md = sigalg->md()) == NULL) {
1561 SSLerror(s, SSL_R_UNKNOWN_DIGEST);
1562 al = SSL_AD_DECODE_ERROR;
1563 goto fatal_err;
1564 }
1565 if (!ssl_sigalg_pkey_ok(s, sigalg, pkey)) {
1566 SSLerror(s, SSL_R_WRONG_SIGNATURE_TYPE);
1567 al = SSL_AD_DECODE_ERROR;
1568 goto fatal_err;
1569 }
1570 } else if (pkey->type == EVP_PKEY_RSA) {
1571 sigalg = ssl_sigalg_lookup(SIGALG_RSA_PKCS1_MD5_SHA1);
1572 } else if (pkey->type == EVP_PKEY_EC) {
1573 sigalg = ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);
1574 } else {
1575 SSLerror(s, SSL_R_UNKNOWN_PKEY_TYPE);
1576 al = SSL_AD_DECODE_ERROR;
1577 goto fatal_err;
1578 } 1551 }
1579 md = sigalg->md();
1580
1581 if (!CBS_get_u16_length_prefixed(&cbs, &signature)) 1552 if (!CBS_get_u16_length_prefixed(&cbs, &signature))
1582 goto decode_err; 1553 goto decode_err;
1583 if (CBS_len(&signature) > EVP_PKEY_size(pkey)) { 1554 if (CBS_len(&signature) > EVP_PKEY_size(pkey)) {
@@ -1586,7 +1557,14 @@ ssl3_get_server_key_exchange(SSL *s)
1586 goto fatal_err; 1557 goto fatal_err;
1587 } 1558 }
1588 1559
1589 if (!EVP_DigestVerifyInit(&md_ctx, &pctx, md, NULL, pkey)) 1560 if ((sigalg = ssl_sigalg_for_peer(s, pkey,
1561 sigalg_value)) == NULL) {
1562 al = SSL_AD_DECODE_ERROR;
1563 goto fatal_err;
1564 }
1565
1566 if (!EVP_DigestVerifyInit(&md_ctx, &pctx, sigalg->md(),
1567 NULL, pkey))
1590 goto err; 1568 goto err;
1591 if (!EVP_DigestVerifyUpdate(&md_ctx, s->s3->client_random, 1569 if (!EVP_DigestVerifyUpdate(&md_ctx, s->s3->client_random,
1592 SSL3_RANDOM_SIZE)) 1570 SSL3_RANDOM_SIZE))
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-28 12:13:55 +0000