mirror of
https://github.com/openssl/openssl.git
synced 2024-12-19 23:13:49 +08:00
Add client side support to tls_choose_sigalg.
Select appropriate signature algorithm and certificate for client authentication using tls_choose_sigalg. A lot of selection logic is very similar except not finding a certificate is not a fatal error: we just do not present a certificate. For TLS 1.2 and earlier we only check the current certificate is suitable (for compatibility with previous logic) for TLS 1.3 (where there are no compatibility issues) we support multiple client certificates for different algorithms. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2643)
This commit is contained in:
parent
0cb8c9d85e
commit
717a265aa5
78
ssl/t1_lib.c
78
ssl/t1_lib.c
@ -2316,13 +2316,23 @@ int ssl_security_cert_chain(SSL *s, STACK_OF(X509) *sk, X509 *x, int vfy)
|
||||
|
||||
/*
|
||||
* Choose an appropriate signature algorithm based on available certificates
|
||||
* Set current certificate and digest to match chosen algorithm.
|
||||
* Sets chosen certificate and signature algorithm.
|
||||
*
|
||||
* For servers if we fail to find a required certificate it is a fatal error
|
||||
* and an appropriate error code is set and the TLS alert set in *al.
|
||||
*
|
||||
* For clients al is set to NULL. If a certificate is not suitable it is not
|
||||
* a fatal error: we will either try another certificate or not present one
|
||||
* to the server. In this case no error is set.
|
||||
*/
|
||||
int tls_choose_sigalg(SSL *s, int *al)
|
||||
{
|
||||
int idx = -1;
|
||||
const SIGALG_LOOKUP *lu = NULL;
|
||||
|
||||
s->s3->tmp.cert = NULL;
|
||||
s->s3->tmp.sigalg = NULL;
|
||||
|
||||
if (SSL_IS_TLS13(s)) {
|
||||
size_t i;
|
||||
#ifndef OPENSSL_NO_EC
|
||||
@ -2357,37 +2367,47 @@ int tls_choose_sigalg(SSL *s, int *al)
|
||||
break;
|
||||
}
|
||||
if (i == s->cert->shared_sigalgslen) {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
*al = SSL_AD_HANDSHAKE_FAILURE;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG,
|
||||
SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM);
|
||||
return 0;
|
||||
}
|
||||
} else {
|
||||
/* Find index corresponding to ciphersuite */
|
||||
idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
|
||||
/* If no certificate for ciphersuite return */
|
||||
if (idx == -1) {
|
||||
s->s3->tmp.cert = NULL;
|
||||
s->s3->tmp.sigalg = NULL;
|
||||
return 1;
|
||||
}
|
||||
if (idx == SSL_PKEY_GOST_EC) {
|
||||
/* Work out which GOST certificate is avaiable */
|
||||
if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) {
|
||||
idx = SSL_PKEY_GOST12_512;
|
||||
} else if (ssl_has_cert(s, SSL_PKEY_GOST12_256)) {
|
||||
idx = SSL_PKEY_GOST12_256;
|
||||
} else if (ssl_has_cert(s, SSL_PKEY_GOST01)) {
|
||||
idx = SSL_PKEY_GOST01;
|
||||
} else {
|
||||
if (s->server) {
|
||||
/* Find index corresponding to ciphersuite */
|
||||
idx = ssl_cipher_get_cert_index(s->s3->tmp.new_cipher);
|
||||
/* If no certificate for ciphersuite return */
|
||||
if (idx == -1)
|
||||
return 1;
|
||||
if (idx == SSL_PKEY_GOST_EC) {
|
||||
/* Work out which GOST certificate is avaiable */
|
||||
if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) {
|
||||
idx = SSL_PKEY_GOST12_512;
|
||||
} else if (ssl_has_cert(s, SSL_PKEY_GOST12_256)) {
|
||||
idx = SSL_PKEY_GOST12_256;
|
||||
} else if (ssl_has_cert(s, SSL_PKEY_GOST01)) {
|
||||
idx = SSL_PKEY_GOST01;
|
||||
} else {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
} else if (!ssl_has_cert(s, idx)) {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
}
|
||||
} else if (!ssl_has_cert(s, idx)) {
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
} else {
|
||||
/* Find index for client certificate */
|
||||
idx = s->cert->key - s->cert->pkeys;
|
||||
if (!ssl_has_cert(s, idx))
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (SSL_USE_SIGALGS(s)) {
|
||||
@ -2406,6 +2426,8 @@ int tls_choose_sigalg(SSL *s, int *al)
|
||||
break;
|
||||
}
|
||||
if (i == s->cert->shared_sigalgslen) {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
@ -2418,6 +2440,8 @@ int tls_choose_sigalg(SSL *s, int *al)
|
||||
size_t sent_sigslen, i;
|
||||
|
||||
if ((lu = tls1_get_legacy_sigalg(s, idx)) == NULL) {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
@ -2430,6 +2454,8 @@ int tls_choose_sigalg(SSL *s, int *al)
|
||||
break;
|
||||
}
|
||||
if (i == sent_sigslen) {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, SSL_R_WRONG_SIGNATURE_TYPE);
|
||||
*al = SSL_AD_HANDSHAKE_FAILURE;
|
||||
return 0;
|
||||
@ -2437,6 +2463,8 @@ int tls_choose_sigalg(SSL *s, int *al)
|
||||
}
|
||||
} else {
|
||||
if ((lu = tls1_get_legacy_sigalg(s, idx)) == NULL) {
|
||||
if (al == NULL)
|
||||
return 1;
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
return 0;
|
||||
@ -2444,8 +2472,10 @@ int tls_choose_sigalg(SSL *s, int *al)
|
||||
}
|
||||
}
|
||||
if (idx == -1) {
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
if (al != NULL) {
|
||||
*al = SSL_AD_INTERNAL_ERROR;
|
||||
SSLerr(SSL_F_TLS_CHOOSE_SIGALG, ERR_R_INTERNAL_ERROR);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
s->s3->tmp.cert = &s->cert->pkeys[idx];
|
||||
|
Loading…
Reference in New Issue
Block a user