Move some client/server special-cases out of tls13_process_certificate.

Where we can move uncommon logic to the caller, we probably ought to.

Change-Id: I54a09fffffc20290be05295137ccb605d562cad0
Reviewed-on: https://boringssl-review.googlesource.com/9069
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
This commit is contained in:
David Benjamin 2016-08-01 19:41:34 -04:00 committed by CQ bot account: commit-bot@chromium.org
parent 78f84f4e03
commit 3ce4389e96
3 changed files with 16 additions and 13 deletions

View File

@ -235,12 +235,6 @@ int tls13_process_certificate(SSL *ssl) {
ssl->s3->new_session->peer_sha256_valid = 1;
}
X509 *leaf = sk_X509_value(chain, 0);
if (!ssl->server && !ssl_check_leaf_certificate(ssl, leaf)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
goto err;
}
int verify_ret = ssl_verify_cert_chain(ssl, chain);
/* If |SSL_VERIFY_NONE|, the error is non-fatal, but we keep the result. */
if (ssl->verify_mode != SSL_VERIFY_NONE && verify_ret <= 0) {
@ -254,13 +248,7 @@ int tls13_process_certificate(SSL *ssl) {
ssl->s3->new_session->verify_result = ssl->verify_result;
X509_free(ssl->s3->new_session->peer);
/* For historical reasons, the client and server differ on whether the chain
* includes the leaf. */
if (ssl->server) {
ssl->s3->new_session->peer = sk_X509_shift(chain);
} else {
ssl->s3->new_session->peer = X509_up_ref(leaf);
}
ssl->s3->new_session->peer = X509_up_ref(sk_X509_value(chain, 0));
sk_X509_pop_free(ssl->s3->new_session->cert_chain, X509_free);
ssl->s3->new_session->cert_chain = chain;

View File

@ -366,6 +366,15 @@ static enum ssl_hs_wait_t do_process_server_certificate(SSL *ssl,
return ssl_hs_error;
}
/* Check the certificate matches the cipher suite.
*
* TODO(davidben): Remove this check when switching to the new TLS 1.3 cipher
* suite negotiation. */
if (!ssl_check_leaf_certificate(ssl, ssl->s3->new_session->peer)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
return ssl_hs_error;
}
hs->state = state_process_server_certificate_verify;
return ssl_hs_read_message;
}

View File

@ -464,6 +464,12 @@ static enum ssl_hs_wait_t do_process_client_certificate(SSL *ssl,
return ssl_hs_error;
}
/* For historical reasons, the server's copy of the chain does not include the
* leaf while the client's does. */
if (sk_X509_num(ssl->s3->new_session->cert_chain) > 0) {
X509_free(sk_X509_shift(ssl->s3->new_session->cert_chain));
}
hs->state = state_process_client_certificate_verify;
return ssl_hs_read_message;
}