Allow use of RSA-PSS certificates in TLS 1.2

Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4368)
author: Dr. Stephen Henson <steve@openssl.org> 2017-09-14 14:48:39 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2017-09-20 12:50:23 +0100
commit: 6aaa29fb35c6d830c19e673650e6baf3f21ceda0 (patch)
tree: c9afe961f72bb3aba52bdcb7c067a8fd18d91d88 /ssl/ssl_lib.c
parent: b46867d771a5e08bbee450d73ff332388b93df96 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index b02d4f1707..cc110bc677 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3090,9 +3090,15 @@ void ssl_set_masks(SSL *s)
     if (dh_tmp)
         mask_k |= SSL_kDHE;
 
-    if (rsa_enc || rsa_sign) {
+    /*
+     * If we only have an RSA-PSS certificate allow RSA authentication
+     * if TLS 1.2 and peer supports it.
+     */
+
+    if (rsa_enc || rsa_sign || (ssl_has_cert(s, SSL_PKEY_RSA_PSS_SIGN)
+                && pvalid[SSL_PKEY_RSA_PSS_SIGN] & CERT_PKEY_EXPLICIT_SIGN
+                && TLS1_get_version(s) == TLS1_2_VERSION))
         mask_a |= SSL_aRSA;
-    }
 
     if (dsa_sign) {
         mask_a |= SSL_aDSS;
author	Dr. Stephen Henson <steve@openssl.org>	2017-09-14 14:48:39 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2017-09-20 12:50:23 +0100
commit	6aaa29fb35c6d830c19e673650e6baf3f21ceda0 (patch)
tree	c9afe961f72bb3aba52bdcb7c067a8fd18d91d88 /ssl/ssl_lib.c
parent	b46867d771a5e08bbee450d73ff332388b93df96 (diff)