From ca33c3ff0591d66dce8114d7a819cbcf44516dd0 Mon Sep 17 00:00:00 2001
From: beck <>
Date: Fri, 9 Nov 2018 05:02:53 +0000
Subject: Add the ability to have a separate priority list for sigalgs. Add a
 priority list for tls 1.2 ok jsing@

---
 src/lib/libssl/ssl_sigalgs.c | 40 ++++++++++++++++++++++++++++++++++------
 src/lib/libssl/ssl_sigalgs.h |  7 +++++--
 src/lib/libssl/ssl_srvr.c    |  4 ++--
 src/lib/libssl/ssl_tlsext.c  |  4 ++--
 4 files changed, 43 insertions(+), 12 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index d214b0dbbf..fe10965feb 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.1 2018/11/09 00:34:55 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.2 2018/11/09 05:02:53 beck Exp $ */
 /*
  * Copyright (c) 2018, Bob Beck <beck@openbsd.org>
  *
@@ -24,7 +24,6 @@
 #include "ssl_sigalgs.h"
 #include "tls13_internal.h"
 
-/* This table must be kept in preference order for now */
 const struct ssl_sigalg sigalgs[] = {
 	{
 		.value = SIGALG_RSA_PKCS1_SHA512,
@@ -157,6 +156,24 @@ const struct ssl_sigalg sigalgs[] = {
 	},
 };
 
+/* Sigalgs for tls 1.2, in preference order, */
+uint16_t tls12_sigalgs[] = {
+	SIGALG_RSA_PKCS1_SHA512,
+	SIGALG_ECDSA_SECP512R1_SHA512,
+	SIGALG_GOSTR12_512_STREEBOG_512,
+	SIGALG_RSA_PKCS1_SHA384,
+	SIGALG_ECDSA_SECP384R1_SHA384,
+	SIGALG_RSA_PKCS1_SHA256,
+	SIGALG_ECDSA_SECP256R1_SHA256,
+	SIGALG_GOSTR12_256_STREEBOG_256,
+	SIGALG_GOSTR01_GOST94,
+	SIGALG_RSA_PKCS1_SHA224,
+	SIGALG_ECDSA_SECP224R1_SHA224,
+	SIGALG_RSA_PKCS1_SHA1, /* XXX */
+	SIGALG_ECDSA_SHA1,     /* XXX */
+};
+size_t tls12_sigalgs_len = (sizeof(tls12_sigalgs) / sizeof(tls12_sigalgs[0]));
+
 const struct ssl_sigalg *
 ssl_sigalg_lookup(uint16_t sigalg)
 {
@@ -206,12 +223,23 @@ ssl_sigalg_value(const EVP_PKEY *pk, const EVP_MD *md)
 }
 
 int
-ssl_sigalgs_build(CBB *cbb)
+ssl_sigalgs_build(CBB *cbb, uint16_t *values, size_t len)
 {
-	int i;
+	const struct ssl_sigalg *sap;
+	size_t i;
 
-	for (i = 0; sigalgs[i].value != SIGALG_NONE; i++) {
-		if (!CBB_add_u16(cbb, sigalgs[i].value))
+	for (i = 0; sigalgs[i].value != SIGALG_NONE; i++);
+	if (len > i)
+		return 0;
+
+	/* XXX check for duplicates and other sanity BS? */
+
+	/* Add values in order as long as they are supported. */
+	for (i = 0; i < len; i++) {
+		if ((sap = ssl_sigalg_lookup(values[i])) != NULL) {
+			if (!CBB_add_u16(cbb, values[i]))
+				return 0;
+		} else
 			return 0;
 	}
 	return 1;
diff --git a/src/lib/libssl/ssl_sigalgs.h b/src/lib/libssl/ssl_sigalgs.h
index a73c398e58..629213e761 100644
--- a/src/lib/libssl/ssl_sigalgs.h
+++ b/src/lib/libssl/ssl_sigalgs.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.h,v 1.2 2018/11/09 03:17:04 jsing Exp $ */
+/* $OpenBSD: ssl_sigalgs.h,v 1.3 2018/11/09 05:02:53 beck Exp $ */
 /*
  * Copyright (c) 2018, Bob Beck <beck@openbsd.org>
  *
@@ -66,10 +66,13 @@ struct ssl_sigalg{
 	int flags;
 };
 
+extern uint16_t tls12_sigalgs[];
+extern size_t tls12_sigalgs_len;
+
 const struct ssl_sigalg *ssl_sigalg_lookup(uint16_t sigalg);
 const EVP_MD * ssl_sigalg_md(uint16_t sigalg);
 uint16_t ssl_sigalg_value(const EVP_PKEY *pk, const EVP_MD *md);
-int ssl_sigalgs_build(CBB *cbb);
+int ssl_sigalgs_build(CBB *cbb, uint16_t *values, size_t len);
 int ssl_sigalg_pkey_check(uint16_t sigalg, EVP_PKEY *pk);
 
 __END_HIDDEN_DECLS
diff --git a/src/lib/libssl/ssl_srvr.c b/src/lib/libssl/ssl_srvr.c
index 0d82271325..59d560d06d 100644
--- a/src/lib/libssl/ssl_srvr.c
+++ b/src/lib/libssl/ssl_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_srvr.c,v 1.52 2018/11/09 00:34:55 beck Exp $ */
+/* $OpenBSD: ssl_srvr.c,v 1.53 2018/11/09 05:02:53 beck Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1635,7 +1635,7 @@ ssl3_send_certificate_request(SSL *s)
 		if (SSL_USE_SIGALGS(s)) {
 			if (!CBB_add_u16_length_prefixed(&cert_request, &sigalgs))
 				goto err;
-			if (!ssl_sigalgs_build(&sigalgs))
+			if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, tls12_sigalgs_len))
 				goto err;
 		}
 
diff --git a/src/lib/libssl/ssl_tlsext.c b/src/lib/libssl/ssl_tlsext.c
index dc844998a3..755bbff795 100644
--- a/src/lib/libssl/ssl_tlsext.c
+++ b/src/lib/libssl/ssl_tlsext.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_tlsext.c,v 1.25 2018/11/09 00:34:55 beck Exp $ */
+/* $OpenBSD: ssl_tlsext.c,v 1.26 2018/11/09 05:02:53 beck Exp $ */
 /*
  * Copyright (c) 2016, 2017 Joel Sing <jsing@openbsd.org>
  * Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@@ -534,7 +534,7 @@ tlsext_sigalgs_clienthello_build(SSL *s, CBB *cbb)
 	if (!CBB_add_u16_length_prefixed(cbb, &sigalgs))
 		return 0;
 
-	if (!ssl_sigalgs_build(&sigalgs))
+	if (!ssl_sigalgs_build(&sigalgs, tls12_sigalgs, tls12_sigalgs_len))
 		return 0;
 
 	if (!CBB_flush(cbb))
-- 
cgit v1.2.3-55-g6feb