From: Bodo Möller Date: Thu, 15 Jun 2006 18:28:00 +0000 (+0000) Subject: Fix algorithm handling for ECC ciphersuites: Adapt to recent changes, X-Git-Tag: OpenSSL_0_9_8k^2~1247 X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=076944d9204222458eac5d90b9743a296ff9d0c5 Fix algorithm handling for ECC ciphersuites: Adapt to recent changes, and allow more general RSA OIDs for ECC certs with RSA CA sig. --- diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index e2d2f913db..5de7bac200 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -2309,7 +2309,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, #ifndef OPENSSL_NO_EC if ( /* if we are considering an ECC cipher suite that uses our certificate */ - (alg & SSL_aECDSA) + (alg & SSL_aECDSA || alg & SSL_aECDH) /* and we have an ECC certificate */ && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) /* and the client specified a Supported Point Formats extension */ @@ -2361,7 +2361,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, } if ( /* if we are considering an ECC cipher suite that uses our certificate */ - (alg & SSL_aECDSA) + (alg & SSL_aECDSA || alg & SSL_aECDH) /* and we have an ECC certificate */ && (s->cert->pkeys[SSL_PKEY_ECC].x509 != NULL) /* and the client specified an EllipticCurves extension */ @@ -2411,7 +2411,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt, } if ( /* if we are considering an ECC cipher suite that uses an ephemeral EC key */ - ((alg & SSL_kECDH) || (alg & SSL_kEECDH)) + (alg & SSL_kEECDH) /* and we have an ephemeral EC key */ && (s->cert->ecdh_tmp != NULL) /* and the client specified an EllipticCurves extension */ diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index eae31f9822..36d53ee329 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -1707,8 +1707,8 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) emask=0; #ifdef CIPHER_DEBUG - printf("rt=%d rte=%d dht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", - rsa_tmp,rsa_tmp_export,dh_tmp, + printf("rt=%d rte=%d dht=%d ecdht=%d re=%d ree=%d rs=%d ds=%d dhr=%d dhd=%d\n", + rsa_tmp,rsa_tmp_export,dh_tmp,ecdh_tmp, rsa_enc,rsa_enc_export,rsa_sign,dsa_sign,dh_rsa,dh_dsa); #endif @@ -1780,14 +1780,20 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher) #ifndef OPENSSL_NO_ECDH if (ecdh_ok) { - if ((signature_nid == NID_md5WithRSAEncryption) || - (signature_nid == NID_md4WithRSAEncryption) || - (signature_nid == NID_md2WithRSAEncryption)) + const char *sig = OBJ_nid2ln(signature_nid); + if (sig == NULL) + { + ERR_clear_error(); + sig = "unknown"; + } + + if (strstr(sig, "WithRSA")) { mask|=SSL_kECDHr|SSL_aECDH; if (ecc_pkey_size <= 163) emask|=SSL_kECDHr|SSL_aECDH; } + if (signature_nid == NID_ecdsa_with_SHA1) { mask|=SSL_kECDHe|SSL_aECDH; @@ -1848,14 +1854,14 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs) X509_check_purpose(x, -1, 0); if ((x->sig_alg) && (x->sig_alg->algorithm)) signature_nid = OBJ_obj2nid(x->sig_alg->algorithm); - if (alg & SSL_kECDH) + if (alg & SSL_kECDHe || alg & SSL_kECDHr) { /* key usage, if present, must allow key agreement */ if (ku_reject(x, X509v3_KU_KEY_AGREEMENT)) { return 0; } - if (alg & SSL_aECDSA) + if (alg & SSL_kECDHe) { /* signature alg must be ECDSA */ if (signature_nid != NID_ecdsa_with_SHA1) @@ -1863,18 +1869,21 @@ int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs) return 0; } } - if (alg & SSL_aRSA) + if (alg & SSL_kECDHr) { /* signature alg must be RSA */ - if ((signature_nid != NID_md5WithRSAEncryption) && - (signature_nid != NID_md4WithRSAEncryption) && - (signature_nid != NID_md2WithRSAEncryption)) + + const char *sig = OBJ_nid2ln(signature_nid); + if (sig == NULL) { - return 0; + ERR_clear_error(); + sig = "unknown"; } + if (strstr(sig, "WithRSA") == NULL) + return 0; } } - else if (alg & SSL_aECDSA) + if (alg & SSL_aECDSA) { /* key usage, if present, must allow signing */ if (ku_reject(x, X509v3_KU_DIGITAL_SIGNATURE))