Add SuiteB support to tls_choose_sigalg()
authorDr. Stephen Henson <steve@openssl.org>
Fri, 24 Feb 2017 16:39:57 +0000 (16:39 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Fri, 24 Feb 2017 23:30:49 +0000 (23:30 +0000)
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2738)

ssl/t1_lib.c

index 8b31e84..100c97c 100644 (file)
@@ -2314,6 +2314,17 @@ int tls_choose_sigalg(SSL *s, int *al)
         if (SSL_USE_SIGALGS(s)) {
             if (s->s3->tmp.peer_sigalgs != NULL) {
                 size_t i;
+#ifndef OPENSSL_NO_EC
+                int curve;
+
+                /* For Suite B need to match signature algorithm to curve */
+                if (tls1_suiteb(s)) {
+                    EC_KEY *ec = EVP_PKEY_get0_EC_KEY(s->cert->pkeys[idx].privatekey);
+                    curve = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+                } else {
+                    curve = -1;
+                }
+#endif
 
                 /*
                  * Find highest preference signature algorithm matching
@@ -2321,8 +2332,14 @@ int tls_choose_sigalg(SSL *s, int *al)
                  */
                 for (i = 0; i < s->cert->shared_sigalgslen; i++) {
                     lu = s->cert->shared_sigalgs[i];
+#ifdef OPENSSL_NO_EC
                     if (lu->sig_idx == idx)
                         break;
+#else
+                    if (lu->sig_idx == idx
+                        && (curve == -1 || lu->curve == curve))
+                        break;
+#endif
                     if (idx == SSL_PKEY_RSA && lu->sig == EVP_PKEY_RSA_PSS)
                         break;
                 }