From 045d078aefdf8d5b077485630bfd21b09980d2ec Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Wed, 13 Sep 2017 13:53:03 +0100
Subject: [PATCH] Add RSA-PSS key certificate type.

Recognise RSA-PSS certificate algorithm and add a new certificate
type.

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/4368)
---
 ssl/ssl_cert_table.h |  1 +
 ssl/ssl_locl.h       | 21 ++++++++-------------
 ssl/t1_lib.c         |  2 ++
 3 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/ssl/ssl_cert_table.h b/ssl/ssl_cert_table.h
index eae9ff232b..fd6a1ad1e8 100644
--- a/ssl/ssl_cert_table.h
+++ b/ssl/ssl_cert_table.h
@@ -12,6 +12,7 @@
  */
 static const SSL_CERT_LOOKUP ssl_cert_info [] = {
     {EVP_PKEY_RSA, SSL_aRSA}, /* SSL_PKEY_RSA */
+    {EVP_PKEY_RSA_PSS, SSL_aRSA}, /* SSL_PKEY_RSA_PSS_SIGN */
     {EVP_PKEY_DSA, SSL_aDSS}, /* SSL_PKEY_DSA_SIGN */
     {EVP_PKEY_EC, SSL_aECDSA}, /* SSL_PKEY_ECC */
     {NID_id_GostR3410_2001, SSL_aGOST01}, /* SSL_PKEY_GOST01 */
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 64d5e720e1..95e60414e2 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -363,25 +363,20 @@
 
 /* Mostly for SSLv3 */
 # define SSL_PKEY_RSA            0
-# define SSL_PKEY_DSA_SIGN       1
-# define SSL_PKEY_ECC            2
-# define SSL_PKEY_GOST01         3
-# define SSL_PKEY_GOST12_256     4
-# define SSL_PKEY_GOST12_512     5
-# define SSL_PKEY_ED25519        6
-# define SSL_PKEY_NUM            7
+# define SSL_PKEY_RSA_PSS_SIGN   1
+# define SSL_PKEY_DSA_SIGN       2
+# define SSL_PKEY_ECC            3
+# define SSL_PKEY_GOST01         4
+# define SSL_PKEY_GOST12_256     5
+# define SSL_PKEY_GOST12_512     6
+# define SSL_PKEY_ED25519        7
+# define SSL_PKEY_NUM            8
 /*
  * Pseudo-constant. GOST cipher suites can use different certs for 1
  * SSL_CIPHER. So let's see which one we have in fact.
  */
 # define SSL_PKEY_GOST_EC SSL_PKEY_NUM+1
 
-/*
- * TODO(TLS1.3) for now use SSL_PKEY_RSA keys for PSS
- */
-
-#define SSL_PKEY_RSA_PSS_SIGN SSL_PKEY_RSA
-
 /*-
  * SSL_kRSA <- RSA_ENC
  * SSL_kDH  <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 48c33de64b..ec5b358e28 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -799,6 +799,7 @@ static const SIGALG_LOOKUP legacy_rsa_sigalg = {
  */
 static const uint16_t tls_default_sigalg[] = {
     TLSEXT_SIGALG_rsa_pkcs1_sha1, /* SSL_PKEY_RSA */
+    0, /* SSL_PKEY_RSA_PSS_SIGN */
     TLSEXT_SIGALG_dsa_sha1, /* SSL_PKEY_DSA_SIGN */
     TLSEXT_SIGALG_ecdsa_sha1, /* SSL_PKEY_ECC */
     TLSEXT_SIGALG_gostr34102001_gostr3411, /* SSL_PKEY_GOST01 */
@@ -2126,6 +2127,7 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
 void tls1_set_cert_validity(SSL *s)
 {
     tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA);
+    tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_RSA_PSS_SIGN);
     tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_DSA_SIGN);
     tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_ECC);
     tls1_check_chain(s, NULL, NULL, NULL, SSL_PKEY_GOST01);
-- 
2.34.1