Allow Ed25519 in TLS 1.2

Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3585)
author: Dr. Stephen Henson <steve@openssl.org> 2017-06-16 18:55:28 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2017-06-21 14:11:01 +0100
commit: b2021556e4b838f451459deab2b2eee9b40c9169 (patch)
tree: b2e9c60d67da57c16e9a18368258523c15edd4d3 /ssl/ssl_lib.c
parent: 72ceb6a6923456d9ff036cd81014024cf54280c4 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a535e13373..a46ede1414 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2969,6 +2969,11 @@ void ssl_set_masks(SSL *s)
         if (ecdsa_ok)
             mask_a |= SSL_aECDSA;
     }
+    /* Allow Ed25519 for TLS 1.2 if peer supports it */
+    if (!(mask_a & SSL_aECDSA) && ssl_has_cert(s, SSL_PKEY_ED25519)
+            && pvalid[SSL_PKEY_ED25519] & CERT_PKEY_EXPLICIT_SIGN
+            && TLS1_get_version(s) == TLS1_2_VERSION)
+            mask_a |= SSL_aECDSA;
 #endif
 
 #ifndef OPENSSL_NO_EC
author	Dr. Stephen Henson <steve@openssl.org>	2017-06-16 18:55:28 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2017-06-21 14:11:01 +0100
commit	b2021556e4b838f451459deab2b2eee9b40c9169 (patch)
tree	b2e9c60d67da57c16e9a18368258523c15edd4d3 /ssl/ssl_lib.c
parent	72ceb6a6923456d9ff036cd81014024cf54280c4 (diff)