kris
/
boringssl
1
0
Çatalla 0
Kod Konular 0 Değişiklik İstekleri 0 Sürümler 0 Wiki Aktivite
Kaynağa Gözat

Stop pretending RSA and ECDSA sigalgs are configurable. 

We don't allow consumers to enable and disable RSA and ECDSA signature
algorithms but will filter client-sent cipher suites and server-sent
client certificate types based on this hard-coded list.

This is two less places to update for Ed25519.

BUG=187

Change-Id: I62836b6980acc6d03ee254f0a84e9826668e9e57
Reviewed-on: https://boringssl-review.googlesource.com/14567
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
kris/onging/CECPQ3_patch15
David Benjamin 7 yıl önce
committed by Adam Langley
ebeveyn
6114c3c5d4
işleme
cc17c24852
2 değiştirilmiş dosya ile 3 ekleme ve 73 silme
Görünümü Böl
Diff Seçenekleri
İstatistikleri Göster Yama Dosyasını İndir Diff Dosyasını İndir
  1. +0
    -34
      ssl/handshake_client.c
  2. +3
    -39
      ssl/handshake_server.c

+ 0
- 34
ssl/handshake_client.c Dosyayı Görüntüle

@@ -545,43 +545,9 @@ uint16_t ssl_get_grease_value(const SSL *ssl, enum ssl_grease_index_t index) {
* disabled algorithms. */
static void ssl_get_client_disabled(SSL *ssl, uint32_t *out_mask_a,
uint32_t *out_mask_k) {
int have_rsa = 0, have_ecdsa = 0;
*out_mask_a = 0;
*out_mask_k = 0;

/* Now go through all signature algorithms seeing if we support any for RSA or
* ECDSA. Do this for all versions not just TLS 1.2. */
const uint16_t *sigalgs;
size_t num_sigalgs = tls12_get_verify_sigalgs(ssl, &sigalgs);
for (size_t i = 0; i < num_sigalgs; i++) {
switch (sigalgs[i]) {
case SSL_SIGN_RSA_PSS_SHA512:
case SSL_SIGN_RSA_PSS_SHA384:
case SSL_SIGN_RSA_PSS_SHA256:
case SSL_SIGN_RSA_PKCS1_SHA512:
case SSL_SIGN_RSA_PKCS1_SHA384:
case SSL_SIGN_RSA_PKCS1_SHA256:
case SSL_SIGN_RSA_PKCS1_SHA1:
have_rsa = 1;
break;

case SSL_SIGN_ECDSA_SECP521R1_SHA512:
case SSL_SIGN_ECDSA_SECP384R1_SHA384:
case SSL_SIGN_ECDSA_SECP256R1_SHA256:
case SSL_SIGN_ECDSA_SHA1:
have_ecdsa = 1;
break;
}
}

/* Disable auth if we don't include any appropriate signature algorithms. */
if (!have_rsa) {
*out_mask_a |= SSL_aRSA;
}
if (!have_ecdsa) {
*out_mask_a |= SSL_aECDSA;
}

/* PSK requires a client callback. */
if (ssl->psk_client_callback == NULL) {
*out_mask_a |= SSL_aPSK;


+ 3
- 39
ssl/handshake_server.c Dosyayı Görüntüle

@@ -1308,51 +1308,15 @@ err:
return -1;
}

static int add_cert_types(SSL *ssl, CBB *cbb) {
/* Get configured signature algorithms. */
int have_rsa_sign = 0;
int have_ecdsa_sign = 0;
const uint16_t *sig_algs;
size_t num_sig_algs = tls12_get_verify_sigalgs(ssl, &sig_algs);
for (size_t i = 0; i < num_sig_algs; i++) {
switch (sig_algs[i]) {
case SSL_SIGN_RSA_PKCS1_SHA512:
case SSL_SIGN_RSA_PKCS1_SHA384:
case SSL_SIGN_RSA_PKCS1_SHA256:
case SSL_SIGN_RSA_PKCS1_SHA1:
have_rsa_sign = 1;
break;

case SSL_SIGN_ECDSA_SECP521R1_SHA512:
case SSL_SIGN_ECDSA_SECP384R1_SHA384:
case SSL_SIGN_ECDSA_SECP256R1_SHA256:
case SSL_SIGN_ECDSA_SHA1:
have_ecdsa_sign = 1;
break;
}
}

if (have_rsa_sign && !CBB_add_u8(cbb, SSL3_CT_RSA_SIGN)) {
return 0;
}

/* ECDSA certs can be used with RSA cipher suites as well so we don't need to
* check for SSL_kECDH or SSL_kECDHE. */
if (ssl->version >= TLS1_VERSION && have_ecdsa_sign &&
!CBB_add_u8(cbb, TLS_CT_ECDSA_SIGN)) {
return 0;
}

return 1;
}

static int ssl3_send_certificate_request(SSL_HANDSHAKE *hs) {
SSL *const ssl = hs->ssl;
CBB cbb, body, cert_types, sigalgs_cbb;
if (!ssl->method->init_message(ssl, &cbb, &body,
SSL3_MT_CERTIFICATE_REQUEST) ||
!CBB_add_u8_length_prefixed(&body, &cert_types) ||
!add_cert_types(ssl, &cert_types)) {
!CBB_add_u8(&cert_types, SSL3_CT_RSA_SIGN) ||
(ssl->version >= TLS1_VERSION &&
!CBB_add_u8(&cert_types, TLS_CT_ECDSA_SIGN))) {
goto err;
}



Yaz Önizleme
Yükleniyor…
İptal
Kaydet