boringssl/ssl
David Benjamin 49ec9bb353 Fix ssl3_get_cert_verify key type checks.
EVP_PKT_SIGN is redundant with the RSA/EC check which, in turn, is
redundant with sigalgs processing. The type need only be checked in the
pre-1.2 case which was indeed missing an else.

The client half was likewise missing an else, though it's unreachable
due to leaf cert checks.

Change-Id: Ib3550f71a2120b38eacdd671d4f1700876bcc485
Reviewed-on: https://boringssl-review.googlesource.com/8779
Reviewed-by: David Benjamin <davidben@google.com>
2016-07-14 16:14:11 +00:00
..
test Generalize invalid signature tests and run at all versions. 2016-07-14 16:07:56 +00:00
CMakeLists.txt Rename (s3,d1)_meth.c. 2016-07-11 17:22:35 +00:00
custom_extensions.c
d1_both.c Simplify ssl_get_message somewhat. 2016-07-11 23:01:32 +00:00
d1_lib.c Stop using the word 'buffer' everywhere. 2016-06-27 22:15:22 +00:00
d1_pkt.c Stop using the word 'buffer' everywhere. 2016-06-27 22:15:22 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Don't use init_buf in DTLS. 2016-07-11 23:01:11 +00:00
dtls_record.c Fix the alias checks in dtls_record.c. 2016-06-09 21:11:22 +00:00
handshake_client.c Fix ssl3_get_cert_verify key type checks. 2016-07-14 16:14:11 +00:00
handshake_server.c Fix ssl3_get_cert_verify key type checks. 2016-07-14 16:14:11 +00:00
internal.h Factor out certificate list parsing. 2016-07-14 16:13:00 +00:00
s3_both.c Implement TLS 1.3's downgrade signal. 2016-07-12 19:17:43 +00:00
s3_enc.c Don't call tls12_get_hash in the server handshake. 2016-07-12 16:30:10 +00:00
s3_lib.c Disconnect handshake message creation from init_buf. 2016-06-27 22:15:01 +00:00
s3_pkt.c Forbid renegotiation in TLS 1.3. 2016-07-11 18:26:27 +00:00
ssl_aead_ctx.c Fixing iv_length for TLS 1.3. 2016-06-16 17:04:14 +00:00
ssl_asn1.c Disconnect handshake message creation from init_buf. 2016-06-27 22:15:01 +00:00
ssl_buffer.c Remove in-place TLS record assembly for now. 2016-06-09 19:47:44 +00:00
ssl_cert.c Factor out certificate list parsing. 2016-07-14 16:13:00 +00:00
ssl_cipher.c Forbid PSK ciphers in TLS 1.3 for now. 2016-07-13 16:49:46 +00:00
ssl_ecdh.c Add SSL_get_curve_id and SSL_get_dhe_group_size. 2016-06-30 23:20:34 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Change |EVP_PKEY_up_ref| to return int. 2016-07-12 17:55:41 +00:00
ssl_rsa.c Tidy up a few certificate-related utility functions. 2016-07-14 16:07:25 +00:00
ssl_session.c Split unlock functions into read/write variants. 2016-05-31 21:09:29 +00:00
ssl_stat.c Remove a/b parameters to send_change_cipher_spec. 2016-06-29 18:50:47 +00:00
ssl_test.cc Test SSL_get_peer_certificate and SSL_get_peer_cert_chain behavior. 2016-07-14 15:52:21 +00:00
t1_enc.c Move the Digest/Sign split for SignatureAlgorithms to a lower level. 2016-07-01 19:01:33 +00:00
t1_lib.c Adding RSA-PSS signature algorithms. 2016-07-12 19:10:51 +00:00
tls_method.c Don't use init_buf in DTLS. 2016-07-11 23:01:11 +00:00
tls_record.c Build up TLS 1.3 record-layer tests. 2016-06-27 17:02:01 +00:00