diff options
author | Michael Baentsch <57787676+baentsch@users.noreply.github.com> | 2022-09-26 17:32:05 +0200 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-02-24 11:02:48 +1100 |
commit | ee58915cfd9d0ad67f52d43cc1a2ce549049d248 (patch) | |
tree | e892900c53900bd693498bdc9ff2152ae14bcbe6 /ssl/ssl_ciph.c | |
parent | 1817dcaf556df559a32eed14d0947ff961be7b4f (diff) |
first cut at sigalg loading
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19312)
Diffstat (limited to 'ssl/ssl_ciph.c')
-rw-r--r-- | ssl/ssl_ciph.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 0ea998d383..a2b12a8811 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -2155,6 +2155,16 @@ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *c) return ssl_cipher_table_auth[i].nid; } +int ssl_get_md_idx(int md_nid) { + int i; + + for(i = 0; i < SSL_MD_NUM_IDX; i++) { + if (md_nid == ssl_cipher_table_mac[i].nid) + return i; + } + return -1; +} + const EVP_MD *SSL_CIPHER_get_handshake_digest(const SSL_CIPHER *c) { int idx = c->algorithm2 & SSL_HANDSHAKE_MAC_MASK; @@ -2223,8 +2233,13 @@ int ssl_cipher_get_overhead(const SSL_CIPHER *c, size_t *mac_overhead, int ssl_cert_is_disabled(SSL_CTX *ctx, size_t idx) { - const SSL_CERT_LOOKUP *cl = ssl_cert_lookup_by_idx(idx); + SSL_CERT_LOOKUP *cl; + + /* A provider-loaded key type is always enabled */ + if (idx >= SSL_PKEY_NUM) + return 0; + cl = ssl_cert_lookup_by_idx(idx, ctx); if (cl == NULL || (cl->amask & ctx->disabled_auth_mask) != 0) return 1; return 0; |