projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f742cda)
Only allow PSS signatures with RSA keys and TLS 1.3
authorDr. Stephen Henson <steve@openssl.org>
Mon, 30 Jan 2017 13:53:54 +0000 (13:53 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Tue, 31 Jan 2017 00:03:00 +0000 (00:03 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2324)

ssl/t1_lib.c patch | blob | history

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 2a39e7ed107aea268766c9699f93d88be55be5c6..12da585c651569408e8e80935e16018ee21afcb8 100644 (file)
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -835,6 +835,9 @@ int tls12_check_peer_sigalg(SSL *s, uint16_t sig, EVP_PKEY *pkey)
     /* Should never happen */
     if (pkeyid == -1)
         return -1;
     /* Should never happen */
     if (pkeyid == -1)
         return -1;
+    /* Only allow PSS for TLS 1.3 */
+    if (SSL_IS_TLS13(s) && pkeyid == EVP_PKEY_RSA)
+        pkeyid = EVP_PKEY_RSA_PSS;
     lu = tls1_lookup_sigalg(sig);
     /*
      * Check sigalgs is known and key type is consistent with signature:
     lu = tls1_lookup_sigalg(sig);
     /*
      * Check sigalgs is known and key type is consistent with signature:
Unnamed repository; edit this file 'description' to name the repository.