diff options
author | Michael Baentsch <57787676+baentsch@users.noreply.github.com> | 2022-09-26 17:32:05 +0200 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-02-24 11:02:48 +1100 |
commit | ee58915cfd9d0ad67f52d43cc1a2ce549049d248 (patch) | |
tree | e892900c53900bd693498bdc9ff2152ae14bcbe6 /ssl/t1_lib.c | |
parent | 1817dcaf556df559a32eed14d0947ff961be7b4f (diff) |
first cut at sigalg loading
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19312)
Diffstat (limited to 'ssl/t1_lib.c')
-rw-r--r-- | ssl/t1_lib.c | 428 |
1 files changed, 400 insertions, 28 deletions
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 25aaa9b56d..5622532314 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -222,7 +222,7 @@ static const uint16_t suiteb_curves[] = { OSSL_TLS_GROUP_ID_secp384r1, }; -struct provider_group_data_st { +struct provider_ctx_data_st { SSL_CTX *ctx; OSSL_PROVIDER *provider; }; @@ -231,7 +231,7 @@ struct provider_group_data_st { static OSSL_CALLBACK add_provider_groups; static int add_provider_groups(const OSSL_PARAM params[], void *data) { - struct provider_group_data_st *pgd = data; + struct provider_ctx_data_st *pgd = data; SSL_CTX *ctx = pgd->ctx; OSSL_PROVIDER *provider = pgd->provider; const OSSL_PARAM *p; @@ -375,7 +375,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) static int discover_provider_groups(OSSL_PROVIDER *provider, void *vctx) { - struct provider_group_data_st pgd; + struct provider_ctx_data_st pgd; pgd.ctx = vctx; pgd.provider = provider; @@ -417,6 +417,319 @@ int ssl_load_groups(SSL_CTX *ctx) return 1; } +#define TLS_SIGALG_LIST_MALLOC_BLOCK_SIZE 10 +static OSSL_CALLBACK add_provider_sigalgs; +static int add_provider_sigalgs(const OSSL_PARAM params[], void *data) +{ + struct provider_ctx_data_st *pgd = data; + SSL_CTX *ctx = pgd->ctx; + OSSL_PROVIDER *provider = pgd->provider; + const OSSL_PARAM *p; + TLS_SIGALG_INFO *sinf = NULL; + EVP_KEYMGMT *keymgmt; + const char *keytype; + unsigned int code_point = 0; + int ret = 0; + + if (ctx->sigalg_list_max_len == ctx->sigalg_list_len) { + TLS_SIGALG_INFO *tmp = NULL; + + if (ctx->sigalg_list_max_len == 0) + tmp = OPENSSL_malloc(sizeof(TLS_SIGALG_INFO) + * TLS_SIGALG_LIST_MALLOC_BLOCK_SIZE); + else + tmp = OPENSSL_realloc(ctx->sigalg_list, + (ctx->sigalg_list_max_len + + TLS_SIGALG_LIST_MALLOC_BLOCK_SIZE) + * sizeof(TLS_SIGALG_INFO)); + if (tmp == NULL) + return 0; + ctx->sigalg_list = tmp; + memset(tmp + ctx->sigalg_list_max_len, 0, + sizeof(TLS_SIGALG_INFO) * TLS_SIGALG_LIST_MALLOC_BLOCK_SIZE); + ctx->sigalg_list_max_len += TLS_SIGALG_LIST_MALLOC_BLOCK_SIZE; + } + + sinf = &ctx->sigalg_list[ctx->sigalg_list_len]; + + /* First, mandatory parameters */ + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_NAME); + if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + OPENSSL_free(sinf->sigalg_name); + sinf->sigalg_name = OPENSSL_strdup(p->data); + if (sinf->sigalg_name == NULL) + goto err; + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_IANA_NAME); + if (p == NULL || p->data_type != OSSL_PARAM_UTF8_STRING) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + OPENSSL_free(sinf->name); + sinf->name = OPENSSL_strdup(p->data); + if (sinf->name == NULL) + goto err; + + p = OSSL_PARAM_locate_const(params, + OSSL_CAPABILITY_TLS_SIGALG_CODE_POINT); + if (p == NULL + || !OSSL_PARAM_get_uint(p, &code_point) + || code_point > UINT16_MAX) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + sinf->code_point = (uint16_t)code_point; + + p = OSSL_PARAM_locate_const(params, + OSSL_CAPABILITY_TLS_SIGALG_SECURITY_BITS); + if (p == NULL || !OSSL_PARAM_get_uint(p, &sinf->secbits)) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + + /* Now, optional parameters */ + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_OID); + if (p == NULL) { + sinf->sigalg_oid = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->sigalg_oid); + sinf->sigalg_oid = OPENSSL_strdup(p->data); + if (sinf->sigalg_oid == NULL) + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_SIG_NAME); + if (p == NULL) { + sinf->sig_name = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->sig_name); + sinf->sig_name = OPENSSL_strdup(p->data); + if (sinf->sig_name == NULL) + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_SIG_OID); + if (p == NULL) { + sinf->sig_oid = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->sig_oid); + sinf->sig_oid = OPENSSL_strdup(p->data); + if (sinf->sig_oid == NULL) + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_HASH_NAME); + if (p == NULL) { + sinf->hash_name = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->hash_name); + sinf->hash_name = OPENSSL_strdup(p->data); + if (sinf->hash_name == NULL) + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_HASH_OID); + if (p == NULL) { + sinf->hash_oid = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->hash_oid); + sinf->hash_oid = OPENSSL_strdup(p->data); + if (sinf->hash_oid == NULL) + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE); + if (p == NULL) { + sinf->keytype = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->keytype); + sinf->keytype = OPENSSL_strdup(p->data); + if (sinf->keytype == NULL) + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_KEYTYPE_OID); + if (p == NULL) { + sinf->keytype_oid = NULL; + } else if (p->data_type != OSSL_PARAM_UTF8_STRING) { + goto err; + } else { + OPENSSL_free(sinf->keytype_oid); + sinf->keytype_oid = OPENSSL_strdup(p->data); + if (sinf->keytype_oid == NULL) + goto err; + } + + /* The remaining parameters below are mandatory again */ + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_MIN_TLS); + if (p == NULL || !OSSL_PARAM_get_int(p, &sinf->mintls)) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + if ((sinf->mintls != 0) && (sinf->mintls != -1) && + ((sinf->mintls < TLS1_3_VERSION))) { + /* ignore this sigalg as this OpenSSL doesn't know how to handle it */ + ret = 1; + goto err; + } + + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_SIGALG_MAX_TLS); + if (p == NULL || !OSSL_PARAM_get_int(p, &sinf->maxtls)) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + if ((sinf->maxtls != 0) && (sinf->maxtls != -1) && + ((sinf->maxtls < sinf->mintls))) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + if ((sinf->maxtls != 0) && (sinf->maxtls != -1) && + ((sinf->maxtls < TLS1_3_VERSION))) { + /* ignore this sigalg as this OpenSSL doesn't know how to handle it */ + ret = 1; + goto err; + } + + /* + * Now check that the algorithm is actually usable for our property query + * string. Regardless of the result we still return success because we have + * successfully processed this signature, even though we may decide not to + * use it. + */ + ret = 1; + ERR_set_mark(); + keytype = (sinf->keytype != NULL + ? sinf->keytype + : (sinf->sig_name != NULL + ? sinf->sig_name + : sinf->sigalg_name)); + keymgmt = EVP_KEYMGMT_fetch(ctx->libctx, keytype, ctx->propq); + if (keymgmt != NULL) { + /* + * We have successfully fetched the algorithm - however if the provider + * doesn't match this one then we ignore it. + * + * Note: We're cheating a little here. Technically if the same algorithm + * is available from more than one provider then it is undefined which + * implementation you will get back. Theoretically this could be + * different every time...we assume here that you'll always get the + * same one back if you repeat the exact same fetch. Is this a reasonable + * assumption to make (in which case perhaps we should document this + * behaviour)? + */ + if (EVP_KEYMGMT_get0_provider(keymgmt) == provider) { + /* + * We have a match - so we could use this signature; + * Check proper object registration first, though. + * Don't care about return value as this may have been + * done within providers or previous calls to + * add_provider_sigalgs. + */ + OBJ_create(sinf->sigalg_oid, sinf->sigalg_name, NULL); + /* sanity check: Without successful registration don't use alg */ + if ((OBJ_txt2nid(sinf->sigalg_name) == NID_undef) || + (OBJ_nid2obj(OBJ_txt2nid(sinf->sigalg_name)) == NULL)) { + ERR_raise(ERR_LIB_SSL, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + if (sinf->sig_name != NULL) + OBJ_create(sinf->sig_oid, sinf->sig_name, NULL); + if (sinf->keytype != NULL) + OBJ_create(sinf->keytype_oid, sinf->keytype, NULL); + if (sinf->hash_name != NULL) + OBJ_create(sinf->hash_oid, sinf->hash_name, NULL); + OBJ_add_sigid(OBJ_txt2nid(sinf->sigalg_name), + (sinf->hash_name != NULL + ? OBJ_txt2nid(sinf->hash_name) + : NID_undef), + OBJ_txt2nid(keytype)); + ctx->sigalg_list_len++; + sinf = NULL; + } + EVP_KEYMGMT_free(keymgmt); + } + ERR_pop_to_mark(); + err: + if (sinf != NULL) { + OPENSSL_free(sinf->name); + sinf->name = NULL; + OPENSSL_free(sinf->sigalg_name); + sinf->sigalg_name = NULL; + OPENSSL_free(sinf->sigalg_oid); + sinf->sigalg_oid = NULL; + OPENSSL_free(sinf->sig_name); + sinf->sig_name = NULL; + OPENSSL_free(sinf->sig_oid); + sinf->sig_oid = NULL; + OPENSSL_free(sinf->hash_name); + sinf->hash_name = NULL; + OPENSSL_free(sinf->hash_oid); + sinf->hash_oid = NULL; + OPENSSL_free(sinf->keytype); + sinf->keytype = NULL; + OPENSSL_free(sinf->keytype_oid); + sinf->keytype_oid = NULL; + } + return ret; +} + +static int discover_provider_sigalgs(OSSL_PROVIDER *provider, void *vctx) +{ + struct provider_ctx_data_st pgd; + + pgd.ctx = vctx; + pgd.provider = provider; + OSSL_PROVIDER_get_capabilities(provider, "TLS-SIGALG", + add_provider_sigalgs, &pgd); + /* + * Always OK, even if provider doesn't support the capability: + * Reconsider testing retval when legacy sigalgs are also loaded this way. + */ + return 1; +} + +int ssl_load_sigalgs(SSL_CTX *ctx) +{ + size_t i; + SSL_CERT_LOOKUP lu; + + if (!OSSL_PROVIDER_do_all(ctx->libctx, discover_provider_sigalgs, ctx)) + return 0; + + /* now populate ctx->ssl_cert_info */ + if (ctx->sigalg_list_len > 0) { + ctx->ssl_cert_info = OPENSSL_zalloc(sizeof(lu) * ctx->sigalg_list_len); + if (ctx->ssl_cert_info == NULL) + return 0; + for(i = 0; i < ctx->sigalg_list_len; i++) { + ctx->ssl_cert_info[i].nid = OBJ_txt2nid(ctx->sigalg_list[i].sigalg_name); + ctx->ssl_cert_info[i].amask = SSL_aANY; + } + } + + /* + * For now, leave it at this: legacy sigalgs stay in their own + * data structures until "legacy cleanup" occurs. + */ + + return 1; +} + static uint16_t tls1_group_name2id(SSL_CTX *ctx, const char *name) { size_t i; @@ -1153,24 +1466,36 @@ static const uint16_t tls_default_sigalg[] = { 0, /* SSL_PKEY_ED448 */ }; -int ssl_setup_sig_algs(SSL_CTX *ctx) +int ssl_setup_sigalgs(SSL_CTX *ctx) { - size_t i; + size_t i, cache_idx, sigalgs_len; const SIGALG_LOOKUP *lu; - SIGALG_LOOKUP *cache - = OPENSSL_malloc(sizeof(*lu) * OSSL_NELEM(sigalg_lookup_tbl)); + SIGALG_LOOKUP *cache = NULL; + uint16_t *tls12_sigalgs_list = NULL; EVP_PKEY *tmpkey = EVP_PKEY_new(); int ret = 0; + if (ctx == NULL) + goto err; + + sigalgs_len = OSSL_NELEM(sigalg_lookup_tbl) + ctx->sigalg_list_len; + + cache = OPENSSL_malloc(sizeof(const SIGALG_LOOKUP) * sigalgs_len); if (cache == NULL || tmpkey == NULL) goto err; + tls12_sigalgs_list = OPENSSL_malloc(sizeof(uint16_t) * sigalgs_len); + if (tls12_sigalgs_list == NULL) + goto err; + ERR_set_mark(); + /* First fill cache and tls12_sigalgs list from legacy algorithm list */ for (i = 0, lu = sigalg_lookup_tbl; i < OSSL_NELEM(sigalg_lookup_tbl); lu++, i++) { EVP_PKEY_CTX *pctx; cache[i] = *lu; + tls12_sigalgs_list[i] = tls12_sigalgs[i]; /* * Check hash is available. @@ -1196,13 +1521,35 @@ int ssl_setup_sig_algs(SSL_CTX *ctx) cache[i].enabled = 0; EVP_PKEY_CTX_free(pctx); } + + /* Now complete cache and tls12_sigalgs list with provider sig information */ + cache_idx = OSSL_NELEM(sigalg_lookup_tbl); + for (i = 0; i < ctx->sigalg_list_len; i++) { + TLS_SIGALG_INFO si = ctx->sigalg_list[i]; + cache[cache_idx].name = si.name; + cache[cache_idx].sigalg = si.code_point; + tls12_sigalgs_list[cache_idx] = si.code_point; + cache[cache_idx].hash = si.hash_name?OBJ_txt2nid(si.hash_name):NID_undef; + cache[cache_idx].hash_idx = ssl_get_md_idx(cache[cache_idx].hash); + cache[cache_idx].sig = OBJ_txt2nid(si.sigalg_name); + cache[cache_idx].sig_idx = i + SSL_PKEY_NUM; + cache[cache_idx].sigandhash = OBJ_txt2nid(si.sigalg_name); + cache[cache_idx].curve = NID_undef; + /* all provided sigalgs are enabled by load */ + cache[cache_idx].enabled = 1; + cache_idx++; + } ERR_pop_to_mark(); ctx->sigalg_lookup_cache = cache; + ctx->tls12_sigalgs = tls12_sigalgs_list; + ctx->tls12_sigalgs_len = sigalgs_len; cache = NULL; + tls12_sigalgs_list = NULL; ret = 1; err: OPENSSL_free(cache); + OPENSSL_free(tls12_sigalgs_list); EVP_PKEY_free(tmpkey); return ret; } @@ -1215,8 +1562,7 @@ static const SIGALG_LOOKUP *tls1_lookup_sigalg(const SSL_CONNECTION *s, const SIGALG_LOOKUP *lu; for (i = 0, lu = SSL_CONNECTION_GET_CTX(s)->sigalg_lookup_cache; - /* cache should have the same number of elements as sigalg_lookup_tbl */ - i < OSSL_NELEM(sigalg_lookup_tbl); + i < SSL_CONNECTION_GET_CTX(s)->tls12_sigalgs_len; lu++, i++) { if (lu->sigalg == sigalg) { if (!lu->enabled) @@ -1283,8 +1629,9 @@ static const SIGALG_LOOKUP *tls1_get_legacy_sigalg(const SSL_CONNECTION *s, size_t i; /* Work out index corresponding to ciphersuite */ - for (i = 0; i < SSL_PKEY_NUM; i++) { - const SSL_CERT_LOOKUP *clu = ssl_cert_lookup_by_idx(i); + for (i = 0; i < s->ssl_pkey_num; i++) { + const SSL_CERT_LOOKUP *clu + = ssl_cert_lookup_by_idx(i, SSL_CONNECTION_GET_CTX(s)); if (clu == NULL) continue; @@ -1329,6 +1676,7 @@ static const SIGALG_LOOKUP *tls1_get_legacy_sigalg(const SSL_CONNECTION *s, } if (idx < 0 || idx >= (int)OSSL_NELEM(tls_default_sigalg)) return NULL; + if (SSL_USE_SIGALGS(s) || idx != SSL_PKEY_RSA) { const SIGALG_LOOKUP *lu = tls1_lookup_sigalg(s, tls_default_sigalg[idx]); @@ -1350,7 +1698,7 @@ int tls1_set_peer_legacy_sigalg(SSL_CONNECTION *s, const EVP_PKEY *pkey) size_t idx; const SIGALG_LOOKUP *lu; - if (ssl_cert_lookup_by_pkey(pkey, &idx) == NULL) + if (ssl_cert_lookup_by_pkey(pkey, &idx, SSL_CONNECTION_GET_CTX(s)) == NULL) return 0; lu = tls1_get_legacy_sigalg(s, idx); if (lu == NULL) @@ -1390,8 +1738,8 @@ size_t tls12_get_psigalgs(SSL_CONNECTION *s, int sent, const uint16_t **psigs) *psigs = s->cert->conf_sigalgs; return s->cert->conf_sigalgslen; } else { - *psigs = tls12_sigalgs; - return OSSL_NELEM(tls12_sigalgs); + *psigs = SSL_CONNECTION_GET_CTX(s)->tls12_sigalgs; + return SSL_CONNECTION_GET_CTX(s)->tls12_sigalgs_len; } } @@ -1408,8 +1756,8 @@ int tls_check_sigalg_curve(const SSL_CONNECTION *s, int curve) sigs = s->cert->conf_sigalgs; siglen = s->cert->conf_sigalgslen; } else { - sigs = tls12_sigalgs; - siglen = OSSL_NELEM(tls12_sigalgs); + sigs = SSL_CONNECTION_GET_CTX(s)->tls12_sigalgs; + siglen = SSL_CONNECTION_GET_CTX(s)->tls12_sigalgs_len; } for (i = 0; i < siglen; i++) { @@ -1466,6 +1814,14 @@ static int sigalg_security_bits(SSL_CTX *ctx, const SIGALG_LOOKUP *lu) else if (lu->sigalg == TLSEXT_SIGALG_ed448) secbits = 224; } + /* + * For provider-based sigalgs we have secbits information available + * in the (provider-loaded) sigalg_list structure + */ + if ((secbits == 0) && (lu->sig_idx >= SSL_PKEY_NUM) + && ((lu->sig_idx - SSL_PKEY_NUM) < (int)ctx->sigalg_list_len)) { + secbits = ctx->sigalg_list[lu->sig_idx - SSL_PKEY_NUM].secbits; + } return secbits; } @@ -1485,9 +1841,7 @@ int tls12_check_peer_sigalg(SSL_CONNECTION *s, uint16_t sig, EVP_PKEY *pkey) int secbits = 0; pkeyid = EVP_PKEY_get_id(pkey); - /* Should never happen */ - if (pkeyid == -1) - return -1; + if (SSL_CONNECTION_IS_TLS13(s)) { /* Disallow DSA for TLS 1.3 */ if (pkeyid == EVP_PKEY_DSA) { @@ -1499,6 +1853,14 @@ int tls12_check_peer_sigalg(SSL_CONNECTION *s, uint16_t sig, EVP_PKEY *pkey) pkeyid = EVP_PKEY_RSA_PSS; } lu = tls1_lookup_sigalg(s, sig); + /* if this sigalg is loaded, set so far unknown pkeyid to its sig NID */ + if ((pkeyid == -1) && (lu != NULL)) + pkeyid = lu->sig; + + /* Should never happen */ + if (pkeyid == -1) + return -1; + /* * Check sigalgs is known. Disallow SHA1/SHA224 with TLS 1.3. Check key type * is consistent with signature: RSA keys can be used for RSA-PSS @@ -1512,7 +1874,9 @@ int tls12_check_peer_sigalg(SSL_CONNECTION *s, uint16_t sig, EVP_PKEY *pkey) return 0; } /* Check the sigalg is consistent with the key OID */ - if (!ssl_cert_lookup_by_nid(EVP_PKEY_get_id(pkey), &cidx) + if (!ssl_cert_lookup_by_nid( + (pkeyid == EVP_PKEY_RSA_PSS) ? EVP_PKEY_get_id(pkey) : pkeyid, + &cidx, SSL_CONNECTION_GET_CTX(s)) || lu->sig_idx != (int)cidx) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_WRONG_SIGNATURE_TYPE); return 0; @@ -1706,9 +2070,14 @@ int tls1_set_server_sigalgs(SSL_CONNECTION *s) OPENSSL_free(s->shared_sigalgs); s->shared_sigalgs = NULL; s->shared_sigalgslen = 0; + /* Clear certificate validity flags */ - for (i = 0; i < SSL_PKEY_NUM; i++) - s->s3.tmp.valid_flags[i] = 0; + if (s->s3.tmp.valid_flags) + memset(s->s3.tmp.valid_flags, 0, s->ssl_pkey_num * sizeof(uint32_t)); + else + s->s3.tmp.valid_flags = OPENSSL_zalloc(s->ssl_pkey_num * sizeof(uint32_t)); + if (s->s3.tmp.valid_flags == NULL) + return 0; /* * If peer sent no signature algorithms check to see if we support * the default algorithm for each certificate type @@ -1718,7 +2087,7 @@ int tls1_set_server_sigalgs(SSL_CONNECTION *s) const uint16_t *sent_sigs; size_t sent_sigslen = tls12_get_psigalgs(s, 1, &sent_sigs); - for (i = 0; i < SSL_PKEY_NUM; i++) { + for (i = 0; i < s->ssl_pkey_num; i++) { const SIGALG_LOOKUP *lu = tls1_get_legacy_sigalg(s, i); size_t j; @@ -2172,7 +2541,8 @@ void ssl_set_sig_mask(uint32_t *pmask_a, SSL_CONNECTION *s, int op) if (lu == NULL) continue; - clu = ssl_cert_lookup_by_idx(lu->sig_idx); + clu = ssl_cert_lookup_by_idx(lu->sig_idx, + SSL_CONNECTION_GET_CTX(s)); if (clu == NULL) continue; @@ -2345,7 +2715,7 @@ int tls1_process_sigalgs(SSL_CONNECTION *s) if (!tls1_set_shared_sigalgs(s)) return 0; - for (i = 0; i < SSL_PKEY_NUM; i++) + for (i = 0; i < s->ssl_pkey_num; i++) pvalid[i] = 0; for (i = 0; i < s->shared_sigalgslen; i++) { @@ -2699,7 +3069,8 @@ int tls1_check_chain(SSL_CONNECTION *s, X509 *x, EVP_PKEY *pk, if (!x || !pk) return 0; - if (ssl_cert_lookup_by_pkey(pk, &certidx) == NULL) + if (ssl_cert_lookup_by_pkey(pk, &certidx, + SSL_CONNECTION_GET_CTX(s)) == NULL) return 0; idx = certidx; pvalid = s->s3.tmp.valid_flags + idx; @@ -3105,7 +3476,8 @@ static int tls12_get_cert_sigalg_idx(const SSL_CONNECTION *s, const SIGALG_LOOKUP *lu) { int sig_idx = lu->sig_idx; - const SSL_CERT_LOOKUP *clu = ssl_cert_lookup_by_idx(sig_idx); + const SSL_CERT_LOOKUP *clu = ssl_cert_lookup_by_idx(sig_idx, + SSL_CONNECTION_GET_CTX(s)); /* If not recognised or not supported by cipher mask it is not suitable */ if (clu == NULL @@ -3203,7 +3575,7 @@ static int is_cert_usable(SSL_CONNECTION *s, const SIGALG_LOOKUP *sig, X509 *x, { size_t idx; - if (ssl_cert_lookup_by_pkey(pkey, &idx) == NULL) + if (ssl_cert_lookup_by_pkey(pkey, &idx, SSL_CONNECTION_GET_CTX(s)) == NULL) return 0; /* Check the key is consistent with the sig alg */ |