kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix ssl3_get_cert_verify key type checks.

Browse Source 
EVP_PKT_SIGN is redundant with the RSA/EC check which, in turn, is
redundant with sigalgs processing. The type need only be checked in the
pre-1.2 case which was indeed missing an else.

The client half was likewise missing an else, though it's unreachable
due to leaf cert checks.

Change-Id: Ib3550f71a2120b38eacdd671d4f1700876bcc485
Reviewed-on: https://boringssl-review.googlesource.com/8779
Reviewed-by: David Benjamin <davidben@google.com>
This commit is contained in:
David Benjamin 2016-07-14 00:11:26 -04:00
parent 5c900c8c45
commit 49ec9bb353
2 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ssl/handshake_client.c
View File

@ -1269,6 +1269,10 @@ static int ssl3_get_server_key_exchange(SSL *ssl) {
signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
} else if (pkey->type == EVP_PKEY_EC) {
signature_algorithm = SSL_SIGN_ECDSA_SHA1;
} else {
al = SSL_AD_UNSUPPORTED_CERTIFICATE;
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
goto f_err;
}
/* The last field in |server_key_exchange| is the signature. */

15
ssl/handshake_server.c
View File

@ -1631,12 +1631,6 @@ static int ssl3_get_cert_verify(SSL *ssl) {
if (pkey == NULL) {
goto err;
}
if (!(X509_certificate_type(peer, pkey) & EVP_PKT_SIGN) ||
(pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_EC)) {
al = SSL_AD_UNSUPPORTED_CERTIFICATE;
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
goto f_err;
}
CBS_init(&certificate_verify, ssl->init_msg, ssl->init_num);
@ -1656,6 +1650,10 @@ static int ssl3_get_cert_verify(SSL *ssl) {
signature_algorithm = SSL_SIGN_RSA_PKCS1_MD5_SHA1;
} else if (pkey->type == EVP_PKEY_EC) {
signature_algorithm = SSL_SIGN_ECDSA_SHA1;
} else {
al = SSL_AD_UNSUPPORTED_CERTIFICATE;
OPENSSL_PUT_ERROR(SSL, SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
goto f_err;
}
/* Parse and verify the signature. */
@ -1670,11 +1668,6 @@ static int ssl3_get_cert_verify(SSL *ssl) {
/* The SSL3 construction for CertificateVerify does not decompose into a
* single final digest and signature, and must be special-cased. */
if (ssl3_protocol_version(ssl) == SSL3_VERSION) {
if (ssl->cert->key_method != NULL) {
OPENSSL_PUT_ERROR(SSL, SSL_R_UNSUPPORTED_PROTOCOL_FOR_CUSTOM_KEY);
goto err;
}
const EVP_MD *md;
uint8_t digest[EVP_MAX_MD_SIZE];
size_t digest_len;