Merge the RSA_ENC and RSA_SIGN certificate slots.

The distinction was not well-enforced in the code. In fact, it wasn't even possible to use the RSA_SIGN slot because ssl_set_pkey and ssl_set_cert would always use the RSA_ENC slot. A follow-up will fold away the mechanism altogether, but this is an easy initial simplfication. BUG=486295 Change-Id: I66b5bf3e6dc243dac7c75924c1c1983538e49060 Reviewed-on: https://boringssl-review.googlesource.com/5349 Reviewed-by: Adam Langley <agl@google.com>
před 9 roky · bb20f52383
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -255,10 +255,9 @@ ssl_create_cipher_list(const SSL_PROTOCOL_METHOD *ssl_method,
                       const char *rule_str);

 /* SSL_PKEY_* denote certificate types. */
 #define SSL_PKEY_RSA_ENC 0
 #define SSL_PKEY_RSA_SIGN 1
 #define SSL_PKEY_ECC 2
 #define SSL_PKEY_NUM 3
 #define SSL_PKEY_RSA 0
 #define SSL_PKEY_ECC 1
 #define SSL_PKEY_NUM 2

 /* ssl_cipher_get_value returns the cipher suite id of |cipher|. */
 uint16_t ssl_cipher_get_value(const SSL_CIPHER *cipher);
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -505,7 +505,7 @@ int ssl3_cert_verify_hash(SSL *s, uint8_t *out, size_t *out_len,
 int ssl_cert_type(EVP_PKEY *pkey) {
  switch (pkey->type) {
    case EVP_PKEY_RSA:
      return SSL_PKEY_RSA_ENC;
      return SSL_PKEY_RSA;
    case EVP_PKEY_EC:
      return SSL_PKEY_ECC;
    default:
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1692,7 +1692,7 @@ int ssl3_get_client_key_exchange(SSL *s) {
    uint8_t good;
    size_t rsa_size, decrypt_len, premaster_index, j;

    pkey = s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
    pkey = s->cert->pkeys[SSL_PKEY_RSA].privatekey;
    if (pkey == NULL || pkey->type != EVP_PKEY_RSA || pkey->pkey.rsa == NULL) {
      al = SSL_AD_HANDSHAKE_FAILURE;
      OPENSSL_PUT_ERROR(SSL, ssl3_get_client_key_exchange,
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -158,7 +158,7 @@ CERT *ssl_cert_new(void) {
  }
  memset(ret, 0, sizeof(CERT));

  ret->key = &ret->pkeys[SSL_PKEY_RSA_ENC];
  ret->key = &ret->pkeys[SSL_PKEY_RSA];
  return ret;
 }

--- a/ssl/ssl_cipher.c
+++ b/ssl/ssl_cipher.c
@@ -1682,7 +1682,7 @@ int ssl_cipher_get_cert_index(const SSL_CIPHER *cipher) {
  if (alg_a & SSL_aECDSA) {
    return SSL_PKEY_ECC;
  } else if (alg_a & SSL_aRSA) {
    return SSL_PKEY_RSA_ENC;
    return SSL_PKEY_RSA;
  }

  return -1;
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1835,7 +1835,7 @@ static int ssl_has_key(SSL *s, size_t idx) {
 void ssl_get_compatible_server_ciphers(SSL *s, uint32_t *out_mask_k,
                                       uint32_t *out_mask_a) {
  CERT *c = s->cert;
  int rsa_enc, rsa_sign, dh_tmp;
  int have_rsa_cert, dh_tmp;
  uint32_t mask_k, mask_a;
  int have_ecc_cert, ecdsa_ok;
  X509 *x;
@@ -1849,19 +1849,16 @@ void ssl_get_compatible_server_ciphers(SSL *s, uint32_t *out_mask_k,

  dh_tmp = (c->dh_tmp != NULL || c->dh_tmp_cb != NULL);

  rsa_enc = ssl_has_key(s, SSL_PKEY_RSA_ENC);
  rsa_sign = ssl_has_key(s, SSL_PKEY_RSA_SIGN);
  have_rsa_cert = ssl_has_key(s, SSL_PKEY_RSA);
  have_ecc_cert = ssl_has_key(s, SSL_PKEY_ECC);
  mask_k = 0;
  mask_a = 0;

  if (rsa_enc) {
    mask_k |= SSL_kRSA;
  }
  if (dh_tmp) {
    mask_k |= SSL_kDHE;
  }
  if (rsa_enc || rsa_sign) {
  if (have_rsa_cert) {
    mask_k |= SSL_kRSA;
    mask_a |= SSL_aRSA;
  }

@@ -1899,11 +1896,7 @@ void ssl_get_compatible_server_ciphers(SSL *s, uint32_t *out_mask_k,
 }

 static int ssl_get_server_cert_index(const SSL *s) {
  int idx;
  idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
  if (idx == SSL_PKEY_RSA_ENC && !s->cert->pkeys[SSL_PKEY_RSA_ENC].x509) {
    idx = SSL_PKEY_RSA_SIGN;
  }
  int idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
  if (idx == -1) {
    OPENSSL_PUT_ERROR(SSL, ssl_get_server_cert_index, ERR_R_INTERNAL_ERROR);
  }
@@ -1927,12 +1920,9 @@ EVP_PKEY *ssl_get_sign_pkey(SSL *s, const SSL_CIPHER *cipher) {
  CERT *c = s->cert;
  int idx = -1;

  if (alg_a & SSL_aRSA) {
    if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL) {
      idx = SSL_PKEY_RSA_SIGN;
    } else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL) {
      idx = SSL_PKEY_RSA_ENC;
    }
  if ((alg_a & SSL_aRSA) &&
      (c->pkeys[SSL_PKEY_RSA].privatekey != NULL)) {
    idx = SSL_PKEY_RSA;
  } else if ((alg_a & SSL_aECDSA) &&
             (c->pkeys[SSL_PKEY_ECC].privatekey != NULL)) {
    idx = SSL_PKEY_ECC;